Prosím o kontrolu logu

[Kule]

Tak už to tam není,asi je to vymazaný.

[Reklama]

[sakiri]

Myslíš jako ten soubor to je podle mě málo pravděpodobný jinak by se nám to nezobrazilo v logu.

Zkus to znova najít. díval jsi se do spravné složky C:\Documents and Settings\All Users\error flaw noun save\dart plan proxy
Ten soubor bude mít nějakou koncovku.

Jinak ještě jak jsem psal máš zapnuté - Zobrazovat skryté a systémové soubory.

pokud byjsi všechno udělal a pořád ho nemohl najít tak řekni budeme pokračovat jinak.

[Kule]

Hledal sem to až do půlnoci a nenašel,tak sem dnes udělal novej log.


Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je E854-C163.

Věpis adres ýe C:\Documents and Settings\All Users\DATAAP~1

[sakiri]

OKi takže sem vlož nový log z LopFind

[Kule]

LopFind v3 © Čas: 14:28:57,06 Datum: Łt 19.06.2007

******************************************

1) Výpis obsahů Application Data složek pro zjištění podezřelých adresářů:

Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je E854-C163.

Věpis adres ýe C:\Documents and Settings\All Users\DATAAP~1

15.06.2007 23:13 <DIR> Spybot - Search & Destroy
08.06.2007 23:54 <DIR> InstallShield
03.06.2007 14:55 <DIR> Skype
19.05.2007 10:40 <DIR> Microsoft Help
17.05.2007 22:09 <DIR> Apple Computer
16.04.2007 15:16 <DIR> NVIDIA
31.03.2007 12:22 <DIR> Pinnacle
28.03.2007 18:38 <DIR> Google
25.03.2007 09:26 <DIR> WildTangent
24.03.2007 16:05 <DIR> Adobe
21.03.2007 17:05 <DIR> Windows Genuine Advantage
21.03.2007 16:36 <DIR> TreeCardGames
17.03.2007 21:17 <DIR> Trymedia
14.03.2007 19:11 <DIR> DVD Shrink
14.03.2007 18:25 <DIR> SUPERAntiSpyware.com
14.03.2007 17:47 <DIR> Comodo
14.03.2007 17:23 <DIR> AOL
13.03.2007 18:26 62 desktop.ini
13.03.2007 18:25 <DIR> ..
13.03.2007 18:25 <DIR> Microsoft
13.03.2007 18:25 <DIR> .
1 soubor…, 62 bajt…
Adres ý…: 20, Volněch bajt…: 172274270208
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je E854-C163.

Věpis adres ýe C:\Documents and Settings\user\DATAAP~1

18.06.2007 18:57 <DIR> Real
18.06.2007 12:32 <DIR> Media Player Classic
14.06.2007 11:43 <DIR> Uniblue
13.06.2007 22:16 <DIR> SUPERAntiSpyware.com
10.06.2007 21:54 <DIR> FreeCall
10.06.2007 14:22 <DIR> Lavasoft
09.06.2007 00:06 <DIR> Apple Computer
09.06.2007 00:02 <DIR> InterVideo
03.06.2007 14:55 <DIR> Skype
03.06.2007 11:28 <DIR> VoipCheapCom
28.05.2007 20:21 <DIR> Ulead Systems
23.05.2007 20:22 <DIR> InstallShield
20.05.2007 09:54 <DIR> Azureus
19.05.2007 14:35 <DIR> Sun
08.05.2007 18:26 <DIR> uTorrent
21.04.2007 08:47 87608 inst.exe
15.04.2007 19:27 <DIR> LangSoft
28.03.2007 18:32 <DIR> DivX
25.03.2007 17:42 <DIR> dvdcss
24.03.2007 21:31 <DIR> Ashampoo
24.03.2007 16:33 <DIR> Pegasys Inc
24.03.2007 16:06 <DIR> AdobeUM
24.03.2007 16:05 <DIR> Adobe
21.03.2007 16:47 <DIR> Help
21.03.2007 16:02 <DIR> SolSuite
20.03.2007 19:32 <DIR> ICQLite
17.03.2007 22:16 <DIR> URSoft
15.03.2007 21:13 <DIR> ABBYY
14.03.2007 23:45 <DIR> IDM
14.03.2007 23:45 <DIR> DMCache
14.03.2007 21:19 <DIR> Macromedia
14.03.2007 20:19 <DIR> vlc
14.03.2007 19:31 34 pcouffin.log
14.03.2007 19:31 87608 ezpinst.exe
14.03.2007 19:31 7887 pcouffin.cat
14.03.2007 19:31 1144 pcouffin.inf
14.03.2007 19:31 47360 pcouffin.sys
14.03.2007 19:31 <DIR> Vso
14.03.2007 19:12 <DIR> DVD Shrink
14.03.2007 19:01 <DIR> Ahead
14.03.2007 17:47 <DIR> Comodo
14.03.2007 17:41 <DIR> Mozilla
13.03.2007 10:45 <DIR> Identities
13.03.2007 10:45 62 desktop.ini
13.03.2007 10:45 <DIR> ..
13.03.2007 10:45 <DIR> .
13.03.2007 10:45 <DIR> Microsoft
7 soubor…, 231703 bajt…
Adres ý…: 40, Volněch bajt…: 172274270208
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je E854-C163.

Věpis adres ýe C:\Documents and Settings\Default User\DATAAP~1

13.03.2007 18:26 62 desktop.ini
13.03.2007 18:25 <DIR> ..
13.03.2007 18:25 <DIR> Microsoft
13.03.2007 18:25 <DIR> .
1 soubor…, 62 bajt…
Adres ý…: 3, Volněch bajt…: 172274266112
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je E854-C163.

Věpis adres ýe C:\Documents and Settings\LocalService\DATAAP~1

13.03.2007 10:44 <DIR> ..
13.03.2007 10:44 <DIR> Microsoft
13.03.2007 10:44 <DIR> .
0 soubor…, 0 bajt…
Adres ý…: 3, Volněch bajt…: 172274266112
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je E854-C163.

Věpis adres ýe C:\Documents and Settings\NetworkService\DATAAP~1

13.03.2007 10:38 <DIR> ..
13.03.2007 10:38 <DIR> Microsoft
13.03.2007 10:38 <DIR> .
0 soubor…, 0 bajt…
Adres ý…: 3, Volněch bajt…: 172274266112

******************************************

2) Vyhledávání a odstranění podezřelých .job souborů:

a) Soubory přítomné v C:\WINDOWS\tasks\ adresáři:

Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je E854-C163.

Věpis adres ýe C:\WINDOWS\Tasks

15.06.2007 09:21 436 RegCure Program Check.job
15.06.2007 09:21 370 RegCure.job
14.06.2007 11:53 336 Uniblue SpyEraser.job
08.06.2007 23:56 284 AppleSoftwareUpdate.job
13.03.2007 10:44 6 SA.DAT
13.03.2007 10:34 65 desktop.ini
13.03.2007 10:34 <DIR> ..
13.03.2007 10:34 <DIR> .
6 soubor…, 1˙497 bajt…
Adres ý…: 2, Volněch bajt…: 172˙274˙266˙112

––––––––––––––––––––––––––––––––––––––––––

b) Zjišťování vlastností přítomných .job souborů:

[TRACE] Enumerating jobs and queues
[TRACE] Activating job 'AppleSoftwareUpdate.job'
[TRACE] Printing all job properties

ApplicationName: 'C:\Program Files\Apple Software Update\SoftwareUpdate.exe'
Parameters: '-Task'
WorkingDirectory: ''
Comment: ''
Creator: 'SYSTEM'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 06/18/2007 19:24:00
NextRun: 06/25/2007 19:24:00
StartError: S_OK
ExitCode: 0
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 0
SystemRequired = 0
Hidden = 0
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Weekly
WeeksInterval: 1
DaysOfTheWeek: .M.....
StartDate: 06/08/2007
EndDate: 00/00/0000
StartTime: 19:24
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0


[TRACE] Activating job 'RegCure Program Check.job'
[TRACE] Printing all job properties

ApplicationName: 'C:\Program Files\RegCure\RegCure.exe'
Parameters: 'ShowReminders'
WorkingDirectory: 'C:\Program Files\RegCure\RegCure.exe'
Comment: 'Checks status of application.'
Creator: 'user'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 06/19/2007 11:01:44
NextRun: 06/19/2007 17:00:00
StartError: S_OK
ExitCode: 0
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 1
SystemRequired = 0
Hidden = 0
TaskFlags: 0

2 Triggers

Trigger 0:
Type: AtLogon
StartDate: 01/01/2006
EndDate: 00/00/0000
StartTime: 12:00
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0

Trigger 1:
Type: Daily
DaysInterval: 1
StartDate: 01/01/2006
EndDate: 00/00/0000
StartTime: 17:00
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0


[TRACE] Activating job 'RegCure.job'
[TRACE] Printing all job properties

ApplicationName: 'C:\Program Files\RegCure\RegCure.exe'
Parameters: '-t'
WorkingDirectory: 'C:\Program Files\RegCure\RegCure.exe'
Comment: 'Runs RegCure at Scheduled Time.'
Creator: 'user'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 06/18/2007 18:00:00
NextRun: 06/20/2007 18:00:00
StartError: S_OK
ExitCode: 0
Status: SCHED_S_TASK_READY
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 1
SystemRequired = 0
Hidden = 0
TaskFlags: 0

1 Trigger

Trigger 0:
Type: Weekly
WeeksInterval: 1
DaysOfTheWeek: UM.W.F.
StartDate: 01/01/2006
EndDate: 00/00/0000
StartTime: 18:00
MinutesDuration: 0
MinutesInterval: 0
Flags:
HasEndDate = 0
KillAtDuration = 0
Disabled = 0


[TRACE] Activating job 'Uniblue SpyEraser.job'
[TRACE] Printing all job properties

ApplicationName: 'C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe'
Parameters: '-s'
WorkingDirectory: 'C:\Program Files\Uniblue\SpyEraser\'
Comment: 'Uniblue SpyEraser Scheduler'
Creator: 'user'
Priority: NORMAL
MaxRunTime: 259200000 (3d 0:00:00)
IdleWait: 10
IdleDeadline: 60
MostRecentRun: 00/00/0000 0:00:00
NextRun: 00/00/0000 0:00:00
StartError: SCHED_S_TASK_HAS_NOT_RUN
ExitCode: 0
Status: SCHED_S_TASK_NOT_SCHEDULED
ScheduledWorkItem Flags:
DeleteWhenDone = 0
Suspend = 0
StartOnlyIfIdle = 0
KillOnIdleEnd = 0
RestartOnIdleResume = 0
DontStartIfOnBatteries = 0
KillIfGoingOnBatteries = 0
RunOnlyIfLoggedOn = 1
SystemRequired = 0
Hidden = 0
TaskFlags: 0

No triggers


––––––––––––––––––––––––––––––––––––––––––

c) Nalezené a odstraněné nežádoucí soubory:


––––––––––––––––––––––––––––––––––––––––––

d) Soubory přítomné v adresáři po vymazání:

Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je E854-C163.

Věpis adres ýe C:\WINDOWS\Tasks

15.06.2007 09:21 436 RegCure Program Check.job
15.06.2007 09:21 370 RegCure.job
14.06.2007 11:53 336 Uniblue SpyEraser.job
08.06.2007 23:56 284 AppleSoftwareUpdate.job
13.03.2007 10:44 6 SA.DAT
13.03.2007 10:34 65 desktop.ini
13.03.2007 10:34 <DIR> ..
13.03.2007 10:34 <DIR> .
6 soubor…, 1˙497 bajt…
Adres ý…: 2, Volněch bajt…: 172˙274˙229˙248

******************************************

3) Vyhledávání podvodných programů ve složce Program Files:

Nebyly nalezeny žádné podvodné adresáře.



Musí tam ještě něco být v Exploreru,jdou špatně načítat stránky.

[sakiri]

OK takže udělej log z SREng:
Stáhni si SREng.
Rozbal archív do vlastní složky.
Spusť program a zvol možnost Smart Scan nech zaškrtnuty volby co jsou,+ zaškrtni Verify the digital signature of process modules a klikni na Scan.

Po dokončení scanování klikni na Save Reports a ulož log. Poté sem zkopíruj jeho obsah.

Jinak měl jsi pravdu ta složka je smazaná.

[Kule]

Kód: Vybrat vše


2007-06-19,19:50:50

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Home Edition Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <CTFMON.EXE><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <IDMan><C:\program files\internet download manager\idman.exe /onboot>  [Tonec Inc.]
    <BitComet><"C:\Program Files\BitComet\BitComet.exe" /tray>  [(Verified)Comet Network Technology Co Ltd.]
    <FreeCall><"C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized>  [(Verified)Finarea SA]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMAXPnP><C:\Program Files\Analog Devices\Core\smax4pnp.exe>  [(Verified)Microsoft Windows Publisher]
    <SoundMAX><"C:\program files\analog devices\soundmax\smax4.exe" /tray>  [Analog Devices, Inc.]
    <COMODO Firewall Pro><"C:\Program Files\Comodo\Firewall\CPF.exe" /background>  [(Verified)Comodo CA Limited]
    <WinampAgent><C:\Program Files\Winamp\winampa.exe>  []
    <AsusServiceProvider><C:\Program Files\ASUS\AASP\1.00.05\aaCenter.exe>  []
    <GrooveMonitor><"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe">  [(Verified)Microsoft Corporation]
    <SunJavaUpdateSched><"C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe">  [(Verified)"Sun Microsystems, Inc."]
    <UnlockerAssistant><"C:\Program Files\Unlocker\UnlockerAssistant.exe">  []
    <ISUSPM><"C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler>  [(Verified)Macrovision Corporation]
    <SMail><"C:\Program Files\Seznam\Postak\Postak.exe">  [Seznam.cz a.s.]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <aol><"C:\Program Files\AOL\Active Virus Shield\avp.exe">  [AOL]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
    <WinlogonNotify: !SASWinLogon><C:\Program Files\SUPERAntiSpyware\SASWINLO.dll>  [SUPERAntiSpyware.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    <WinlogonNotify: WgaLogon><WgaLogon.dll>  [(Verified)Microsoft Corporation]

==================================
Startup Folders
[Adobe Reader Speed Launch]
  <C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[InterVideo WinCinema Manager]
  <C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk --> C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [InterVideo Inc.]><N>
[RAMASST]
  <C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\RAMASST.lnk --> C:\WINDOWS\system32\RAMASST.exe [Matsushita Electric Industrial Co., Ltd.]><N>
[Yahoo! Widget Engine]
  <C:\Documents and Settings\user\Nabídka Start\Programy\Po spuštění\Yahoo! Widget Engine.lnk --> C:\PROGRA~1\Yahoo!\Widgets\YAHOOW~1.EXE [Yahoo! Inc.]><N>

==================================
Services
[Ad-Aware 2007 Service / aawservice][Stopped/Disabled]
  <><N/A>
[ATK Keyboard Service / ATKKeyboardService][Running/Auto Start]
  <C:\WINDOWS\ATKKBService.exe><ASUSTeK COMPUTER INC.>
[Active Virus Shield / AVP][Running/Auto Start]
  <"C:\Program Files\AOL\Active Virus Shield\avp.exe" -r><AOL>
[Comodo Application Agent / CmdAgent][Running/Auto Start]
  <C:\Program Files\Comodo\Firewall\cmdagent.exe><COMODO>
[DVD-RAM_Service / DVD-RAM_Service][Running/Auto Start]
  <C:\WINDOWS\system32\DVDRAMSV.exe><Matsushita Electric Industrial Co., Ltd.>
[NBService / NBService][Stopped/Manual Start]
  <C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe><Nero AG>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[O&O Defrag / O&O Defrag][Running/Auto Start]
  <C:\WINDOWS\system32\oodag.exe><O&O Software GmbH>

==================================
Drivers
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start]
  <system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
[AE Audio Service / AEAudio][Running/Manual Start]
  <system32\drivers\AEAudio.sys><Andrea Electronics Corporation>
[ASAPIW2k / ASAPIW2k][Running/Manual Start]
  <system32\drivers\ASAPIW2k.sys><Pinnacle Systems GmbH>
[AsIO / AsIO][Running/System Start]
  <system32\drivers\AsIO.sys><N/A>
[ASPI32 / ASPI32][Running/Auto Start]
  <System32\drivers\aspi32.sys><Adaptec>
[Enhanced Display Driver Helper Service / asuskbnt][Running/System Start]
  <system32\drivers\atkkbnt.sys><ASUSTeK COMPUTER INC.>
[ATITool Overclocking Utility / ATITool][Stopped/System Start]
  <system32\DRIVERS\ATITool.sys><>
[Comodo Application Engine / CmdMon][Running/System Start]
  <System32\DRIVERS\cmdmon.sys><Comodo Research Lab., Inc.>
[dtscsi / dtscsi][Running/Manual Start]
  <\SystemRoot\System32\Drivers\dtscsi.sys><N/A>
[EIO / EIO][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\EIO.sys><ASUSTeK Computer Inc.>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Comodo Network Engine / Inspect][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\inspect.sys><COMODO>
[IVI ASPI Shell / Iviaspi][Running/Manual Start]
  <system32\drivers\iviaspi.sys><InterVideo, Inc.>
[JMicron Hot-Plug Driver / JGOGO][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\JGOGO.sys><JMicron>
[JRAID / JRAID][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\jraid.sys><JMicron Technology Corp.>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[meiudf / meiudf][Running/System Start]
  <System32\Drivers\meiudf.sys><Matsushita Electric Industrial Co.,Ltd.>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
  <system32\DRIVERS\ASACPI.sys><>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[VSO Software pcouffin / pcouffin][Running/Manual Start]
  <System32\Drivers\pcouffin.sys><VSO Software>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation>
[SASDIFSV / SASDIFSV][Running/System Start]
  <\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS><>
[SASENUM / SASENUM][Running/Manual Start]
  <\??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS><SuperAdBlocker, Inc.>
[SASKUTIL / SASKUTIL][Running/System Start]
  <\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys><>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SenFilt Service / SenFiltService][Running/Manual Start]
  <system32\drivers\Senfilt.sys><Sensaura>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>

==================================
Browser Add-ons
[IDMIEHlprObj Class]
  {0055C089-8582-441B-A0BF-17B458C2A3A8} <C:\program files\internet download manager\IDMIECC.dll, Tonec Inc.>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[WebTransBHO Class]
  {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} <C:\WINDOWS\WebIE.dll, >
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO_1.1.5.19.dll, BitComet>
[]
  {53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[Groove GFS Browser Helper]
  {72853161-30C5-4D22-B7F9-0BBC1D38A37E} <C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL, Microsoft Corporation>
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_01]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[Send to OneNote from Internet Explorer button]
  {2670000A-7350-4f3c-8081-5663EE0C6C49} <C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll, Microsoft Corporation>
[ToolBarButton Class]
  {7E6A20FB-153F-402c-A84B-1A64E1955D3D} <C:\WINDOWS\WebIE.dll, >
[&Zdroje informací]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL, Microsoft Corporation>
[ICQ Lite]
  {B863453A-26C3-4e1f-A54D-A2CD196348E9} <C:\Program Files\ICQLite\ICQLite.exe, ICQ Ltd.>
[MenuItem4 Class]
  {CC963627-B1DC-40E0-B52A-CF21EE748449} <C:\WINDOWS\WebIE.dll, >
[MenuItem4 Class]
  {CC963627-B1DC-40E0-B52A-CF21EE748450} <C:\WINDOWS\WebIE.dll, >
[MenuItem2 Class]
  {CC963627-B1DC-40E0-B52A-CF21EE748451} <C:\WINDOWS\WebIE.dll, >
[MenuItem1 Class]
  {CC963627-B1DC-40E0-B52A-CF21EE748452} <C:\WINDOWS\WebIE.dll, >
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[ICQ  Toolbar]
  {855F3B16-6D32-4fe6-8A56-BBB695989046} <C:\Program Files\ICQToolbar\toolbaru.dll, ICQ Inc.>
[WebTranslator]
  {BFC32E1D-EE75-4A48-BC60-104E11EE2431} <C:\WINDOWS\WebIE.dll, >
[&S-Rank]
  {B71B15CF-3093-459C-B764-AEB2486F2273} <C:\Program Files\Seznam\Postak\SRank.dll, Seznam.cz a.s.>
[Installation Support]
  {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} <C:\Program Files\Yahoo!\Common\Yinsthelper.dll, Yahoo! Inc.>
[Java Plug-in 1.6.0_01]
  {8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_01]
  {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_01]
  {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[IDMIEHlprObj Class]
  {0055C089-8582-441B-A0BF-17B458C2A3A8} <C:\program files\internet download manager\IDMIECC.dll, Tonec Inc.>
[Yahoo! Toolbar Helper]
  {02478D38-C3F9-4EFB-9B51-7695ECA05670} <, N/A>
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[WebTransBHO Class]
  {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} <C:\WINDOWS\WebIE.dll, >
[BitComet Helper]
  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO_1.1.5.19.dll, BitComet>
[]
  {53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[Groove GFS Browser Helper]
  {72853161-30C5-4D22-B7F9-0BBC1D38A37E} <C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL, Microsoft Corporation>
[SSVHelper Class]
  {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll, Sun Microsystems, Inc.>
[ToolBarButton Class]
  {7E6A20FB-153F-402C-A84B-1A64E1955D3D} <C:\WINDOWS\WebIE.dll, >
[ICQ  Toolbar]
  {855F3B16-6D32-4FE6-8A56-BBB695989046} <C:\Program Files\ICQToolbar\toolbaru.dll, ICQ Inc.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[&S-Rank]
  {B71B15CF-3093-459C-B764-AEB2486F2273} <C:\Program Files\Seznam\Postak\SRank.dll, Seznam.cz a.s.>
[WebTranslator]
  {BFC32E1D-EE75-4A48-BC60-104E11EE2431} <C:\WINDOWS\WebIE.dll, >
[MenuItem3 Class]
  {CC963627-B1DC-40E0-B52A-CF21EE748449} <C:\WINDOWS\WebIE.dll, >
[MenuItem4 Class]
  {CC963627-B1DC-40E0-B52A-CF21EE748450} <C:\WINDOWS\WebIE.dll, >
[MenuItem2 Class]
  {CC963627-B1DC-40E0-B52A-CF21EE748451} <C:\WINDOWS\WebIE.dll, >
[MenuItem1 Class]
  {CC963627-B1DC-40E0-B52A-CF21EE748452} <C:\WINDOWS\WebIE.dll, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[Yahoo! Toolbar]
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} <, N/A>
[&ICQ Toolbar Search]
  <res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML, N/A>
[Download All Links with IDM]
  <C:\program files\internet download manager\IEGetAll.htm, N/A>
[Download with IDM]
  <C:\program files\internet download manager\IEExt.htm, N/A>
[E&xportovat do aplikace Microsoft Excel]
  <res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000, N/A>
[Sprejmi z &BitSpiritom]
  <, N/A>
[Stáhnout odkaz s použitím BitCometu]
  <res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm, N/A>
[Stáhnout všechna videa s použitím BitCometu]
  <res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm, N/A>
[Stáhnout všechny odkazy s použitím BitCometu]
  <res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm, N/A>

==================================
Running Processes
[PID: 728][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 784][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 808][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\SUPERAntiSpyware\SASWINLO.dll]  [SUPERAntiSpyware.com, 1, 0, 0, 1046]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 6.0.0.299]
[PID: 1884][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\BROWSEUI.dll]  [Společnost Microsoft, 6.00.2900.3121 (xpsp_sp2_gdr.070418-1302)]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\program files\internet download manager\idmmkb.dll]  [Tonec Inc., 4, 0, 0, 1]
    [C:\program files\internet download manager\IDMIECC.dll]  [Tonec Inc., 3, 0, 2, 1]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.5.2005092300]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Unlocker\UnlockerCOM.dll]  [N/A, ]
    [C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll]  [Nero AG, 2, 2, 7, 0]
    [C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL]  [SUPERAntiSpyware.com, 1, 0, 0, 1004]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\WinRAR\rarlng.dll]  [, ]
    [C:\Program Files\PowerISO\PWRISOSH.DLL]  [PowerISO Computing, Inc., 3, 7, 0, 0]
    [C:\PROGRA~1\OOSOFT~1\DEFRAG~1\oodsh.dll]  [O&O Software GmbH, 1.0.1.5418]
    [C:\PROGRA~1\OOSOFT~1\DEFRAG~1\OODSHRS.DLL]  [O&O Software GmbH, 1.0.11.2402]
    [C:\Program Files\AOL\Active Virus Shield\shellex.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\ICQLite\ICQLiteShell.dll]  [, 20, 52, 2573, 0]
    [C:\WINDOWS\system32\xpsp1res.dll]  [Společnost Microsoft, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll]  [Nero AG, 2, 0, 0, 8]
    [C:\Program Files\Common Files\Ahead\Lib\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.9147]
    [C:\WINDOWS\system32\NVRSCS.DLL]  [NVIDIA Corporation, 6.14.10.9147]
    [C:\WINDOWS\system32\nvapi.dll]  [N/A, ]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\TRANSLAT\WWWHook.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\WebIE.dll]  [, 1, 0, 0, 1]
    [C:\PROGRA~1\SPYBOT~1\SDHelper.dll]  [Safer Networking Limited, 1, 4, 0, 0]
[PID: 1984][C:\Program Files\Analog Devices\Core\smax4pnp.exe]  [Analog Devices, Inc., 6, 0, 0, 61]
    [C:\Program Files\Analog Devices\Core\SMWDMIF.dll]  [Analog Devices, Inc., 6, 0, 4400, 9]
[PID: 1992][C:\program files\analog devices\soundmax\smax4.exe]  [Analog Devices, Inc., 5, 2, 0, 28]
[PID: 208][C:\Program Files\Winamp\winampa.exe]  [N/A, ]
    [C:\Program Files\Winamp\NSCRT.dll]  [Nullsoft, Inc., 7.10.0000]
[PID: 236][C:\Program Files\ASUS\AASP\1.00.05\aaCenter.exe]  [, 0.1.0.5]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\AsIO.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\ASUS\AASP\1.00.05\PowerDll.dll]  [N/A, ]
    [C:\Program Files\ASUS\AASP\1.00.05\cpuutil.dll]  [N/A, ]
[PID: 244][C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe]  [Microsoft Corporation, 12.0.4518.1014]
[PID: 248][C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe]  [Sun Microsystems, Inc., 6.0.10.6]
    [C:\Program Files\Java\jre1.6.0_01\bin\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 256][C:\Program Files\Unlocker\UnlockerAssistant.exe]  [N/A, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 264][C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe]  [Macrovision Corporation, 5, 01, 100, 47363]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 284][C:\Program Files\Seznam\Postak\Postak.exe]  [Seznam.cz a.s., 1.0.0.7]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 308][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 316][C:\program files\internet download manager\idman.exe]  [Tonec Inc., 5.08.1]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\program files\internet download manager\idmmkb.dll]  [Tonec Inc., 4, 0, 0, 1]
[PID: 392][C:\Program Files\BitComet\BitComet.exe]  [www.BitComet.com, 0.89]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\WINDOWS\system32\browseui.dll]  [Společnost Microsoft, 6.00.2900.3121 (xpsp_sp2_gdr.070418-1302)]
    [C:\program files\internet download manager\idmmkb.dll]  [Tonec Inc., 4, 0, 0, 1]
[PID: 1768][C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe]  [InterVideo Inc., 1.8.1]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 2092][C:\WINDOWS\system32\RAMASST.exe]  [Matsushita Electric Industrial Co., Ltd., 1, 1, 0, 0]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 2244][C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe]  [Yahoo! Inc., 4.0.3]
    [C:\Program Files\Yahoo!\Widgets\js32.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Widgets\sqlite3.dll]  [N/A, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\program files\internet download manager\idmmkb.dll]  [Tonec Inc., 4, 0, 0, 1]
    [C:\TRANSLAT\WWWHook.dll]  [, 1, 0, 0, 1]
    [C:\TRANSLAT\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\TRANSLAT\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\K-Lite Codec Pack\filters\vsfilter.dll]  [Gabest, 1, 0, 1, 4]
    [C:\Program Files\K-Lite Codec Pack\filters\FLVSplitter.ax]  [Gabest, 1, 0, 0, 2]
    [C:\Program Files\K-Lite Codec Pack\filters\MP4Splitter.ax]  [Gabest, 1, 0, 0, 2]
    [C:\Program Files\Real Alternative\RealMediaSplitter.ax]  [Gabest, 1, 0, 1, 1]
    [C:\Program Files\Common Files\Ahead\DSFilter\NeSplitter.ax]  [Nero AG, 4,2,12,9]
    [C:\Program Files\K-Lite Codec Pack\filters\ac3filter.ax]  [, 1.31b]
    [C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax]  [, 1.0.3.1280]
    [C:\Program Files\Common Files\Ahead\DSFilter\NeResize.ax]  [Nero AG, 4,2,12,]
[PID: 3568][C:\program files\internet download manager\IEMonitor.exe]  [Tonec Inc., 1, 0, 0, 1]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\program files\internet download manager\idmmkb.dll]  [Tonec Inc., 4, 0, 0, 1]
[PID: 3576][C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe]  [Yahoo! Inc., 4.0.3]
    [C:\Program Files\Yahoo!\Widgets\js32.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Widgets\sqlite3.dll]  [N/A, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 3604][C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe]  [Yahoo! Inc., 4.0.3]
    [C:\Program Files\Yahoo!\Widgets\js32.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Widgets\sqlite3.dll]  [N/A, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\program files\internet download manager\idmmkb.dll]  [Tonec Inc., 4, 0, 0, 1]
[PID: 3640][C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe]  [Yahoo! Inc., 4.0.3]
    [C:\Program Files\Yahoo!\Widgets\js32.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Widgets\sqlite3.dll]  [N/A, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 3656][C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe]  [Yahoo! Inc., 4.0.3]
    [C:\Program Files\Yahoo!\Widgets\js32.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Widgets\sqlite3.dll]  [N/A, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\program files\internet download manager\idmmkb.dll]  [Tonec Inc., 4, 0, 0, 1]
[PID: 3676][C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe]  [Yahoo! Inc., 4.0.3]
    [C:\Program Files\Yahoo!\Widgets\js32.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Widgets\sqlite3.dll]  [N/A, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 3700][C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe]  [Yahoo! Inc., 4.0.3]
    [C:\Program Files\Yahoo!\Widgets\js32.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Widgets\sqlite3.dll]  [N/A, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 3732][C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe]  [Yahoo! Inc., 4.0.3]
    [C:\Program Files\Yahoo!\Widgets\js32.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Widgets\sqlite3.dll]  [N/A, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 3752][C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe]  [Yahoo! Inc., 4.0.3]
    [C:\Program Files\Yahoo!\Widgets\js32.dll]  [N/A, ]
    [C:\Program Files\Yahoo!\Widgets\sqlite3.dll]  [N/A, ]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
[PID: 3192][C:\TRANSLAT\MAILTRAN.EXE]  [, 1, 0, 0, 1]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\TRANSLAT\RICHED32.DLL]  [Microsoft Corporation, 4.00.993.4]
    [C:\TRANSLAT\TRNCOM.DLL]  [, 1, 0, 0, 1]
    [C:\TRANSLAT\C4dll323.dll]  [Sequiter Software Inc., 1, 0, 0, 1]
    [C:\TRANSLAT\zlib.dll]  [N/A, ]
    [C:\TRANSLAT\cnxfdg1en.dll]  [N/A, ]
    [C:\TRANSLAT\WWWHook.dll]  [, 1, 0, 0, 1]
    [C:\TRANSLAT\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\TRANSLAT\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\program files\internet download manager\idmmkb.dll]  [Tonec Inc., 4, 0, 0, 1]
[PID: 3456][C:\Program Files\Opera\Opera.exe]  [Opera Software, 8776]
    [C:\Program Files\Opera\Opera.dll]  [Opera Software, 8776]
    [C:\Program Files\Unlocker\UnlockerHook.dll]  [N/A, ]
    [C:\program files\internet download manager\idmmkb.dll]  [Tonec Inc., 4, 0, 0, 1]
    [C:\WINDOWS\system32\browseui.dll]  [Společnost Microsoft, 6.00.2900.3121 (xpsp_sp2_gdr.070418-1302)]
[PID: 3632][C:\Documents and Settings\user\Plocha\Sreng2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  Error. []
.JS   Error. []
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
N/A

==================================
API HOOK
RVA Error:  LoadLibraryA (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xB7307B25)
RVA Error:  LoadLibraryExA (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xB7307D67)
RVA Error:  LoadLibraryExW (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xB7307F0B)
RVA Error:  LoadLibraryW (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xB7307C49)
RVA Error:  GetProcAddress (Dangerous Level: High,  Hooked by Module: Dest Addr: 0xB7307E8F)

==================================
Hidden Process
N/A

==================================




[sakiri]

Takže jo zkus toto:
Stáhni si SDFix a spusť ho ,vybalí se do vlastní složky (bude asi na C:\SDfix).

Poté restartuj PC do nouzového režimu.Otevři složku kde je vybalený SDFix a spusť soubor RunThis.bat a stiskni Y pro zahájení čistícího procesu.
Pro dokončení bude třeba stisknout libovolnou klávesu a počítač se restartuje.
Při nabíhání operačního systému budeš muset po vyzvání stisknout libovolnou klávesu pro vstup do do Win.

Po naběhnutí OS by ti měl zobrazit výpis SDFixu tak ho sem zkopíruj pokud by ti nevyběhne tak je umístěný ve své vlastní složce jako Report.txt (nezapomeň sem zkopírovat jeho obsah).

A zkus znovu spustit IE a řekni jestli ti to ještě blbne.

[Kule]

Trochu sem se zapotil,nešlo to dát do nouzového režimu,ale podařilo se.

SDFix: Version 1.88

Run by user on Łt 19.06.2007 at 21:37

Microsoft Windows XP [Verze 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:






Restoring Windows Registry Values
Restoring Windows Default Hosts File
Restoring Missing Security Center Service
Restoring Missing SharedAccess Service

Rebooting...


Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\WINDOWS\regedit.com - Deleted



Removing Temp Files...

ADS Check:

Checking C:\WINDOWS
C:\WINDOWS
No streams found.

Checking C:\WINDOWS\system32
C:\WINDOWS\system32
No streams found.

Checking C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.

Checking C:\WINDOWS\system32\ntoskrnl.exe
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.



Final Check:

Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\FreeCall.com\\FreeCall\\freecall.exe"="C:\\Program Files\\FreeCall.com\\FreeCall\\freecall.exe:*:Enabled:FreeCall"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip

Listing Files with Hidden Attributes:


Listing User Accounts:


Administrator Guest HelpAssistant
SUPPORT_388945a0 user
Pýˇkaz byl ŁspŘçnŘ dokonźen.


Finished

[sakiri]

Ještě ti blbne načítání stránek v IE?

[Kule]

Až na to,že to zaplo Widows Firewal anemohl se dostat vubec na internet se nic podstatného nezměnilo.
Hlásí to: Chyba načítání stranky, až po několikrát klepnutí na OPAKUJTE AKCI se stranka zobrazí.Skusil sem OPERU místo MOZILLY a je to to samí,takže v prohlížeči to asi nebude.

[Kule]

Tak sem vyskoušel snad všechny varianty a pak taky IE a tam se stránky načítaj dobře,ale když IE vypnu tak mě vyskočí okno:

IEXPLORE.EXE - Chyba aplikace

Instrukce na adrese 0x0108d4c4 odkazovala na adresu paměti 0x018d4c4.Spamětí nelze provést operaci:read

Klepnutím na tlačítko OK ukončete program.

A děla to při každém vypnutí IE. Co stím ?