ComboFix 10-05-17.05 - JARA_2 19.05.2010  15:02:34.5.2 - x86
Microsoft Windows 7 Home Premium   6.1.7600.0.1250.420.1029.18.3071.2142 [GMT 2:00]
Sputn z: c:\users\JARA_2\Desktop\ComboFix.exe
 * Rezidentn tt AV je zapnut

.

(((((((((((((((((((((((((   Soubory vytvoen od 2010-04-19 do 2010-05-19  )))))))))))))))))))))))))))))))
.

2010-05-19 13:10 . 2010-05-19 13:10	--------	d-----w-	c:\users\Public\AppData\Local\temp
2010-05-19 13:10 . 2010-05-19 13:10	--------	d-----w-	c:\users\Jara1\AppData\Local\temp
2010-05-19 13:10 . 2010-05-19 13:10	--------	d-----w-	c:\users\Guest\AppData\Local\temp
2010-05-19 13:10 . 2010-05-19 13:10	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-05-19 04:50 . 2010-05-19 04:50	--------	d-----w-	c:\windows\system32\Wat
2010-05-17 17:03 . 2010-05-18 02:10	--------	d--h--w-	c:\temp\dvmexp
2010-05-17 17:03 . 2010-05-17 17:03	--------	d-----w-	C:\dvmexp
2010-05-16 18:23 . 2010-01-22 07:56	112592	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
2010-05-16 18:23 . 2010-01-22 07:56	200144	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Program Files\Spyware Doctor\BDT\Utility.dll
2010-05-16 18:23 . 2010-01-22 07:56	698320	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Program Files\Spyware Doctor\BDT\PCTBDUpdate.exe
2010-05-16 18:23 . 2010-01-22 07:55	767952	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Windows\BDTSupport.dll
2010-05-16 18:23 . 2010-01-22 07:56	149456	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Windows\SGDetectionTool.dll
2010-05-16 18:23 . 2010-01-22 07:56	567248	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
2010-05-16 18:23 . 2010-01-22 07:56	165840	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Windows\PCTBDRes.dll
2010-05-16 18:23 . 2010-01-22 07:56	1652688	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Windows\PCTBDCore.dll
2010-05-16 18:23 . 2010-01-22 07:55	751544	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Program Files\Spyware Doctor\BDT\PCTLicReset.dll
2010-05-16 18:23 . 2008-09-26 08:10	640000	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Program Files\Spyware Doctor\BDT\DbgHelp.dll
2010-05-16 18:23 . 2010-05-16 18:23	687576	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Program Files\Spyware Doctor\BDT\unins000.exe
2010-05-16 18:19 . 2010-03-15 10:48	211272	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Users\JARA_2\AppData\Local\temp\is-91QBB.tmp\InnoMonitor.exe
2010-05-16 18:19 . 2009-07-07 10:31	79488	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Users\JARA_2\AppData\Local\temp\is-91QBB.tmp\gtapi.dll
2010-05-16 13:07 . 2009-03-09 13:27	453456	----a-w-	c:\windows\system32\d3dx10_41.dll
2010-05-16 13:07 . 2009-03-09 13:27	4178264	----a-w-	c:\windows\system32\D3DX9_41.dll
2010-05-16 13:07 . 2009-03-09 13:27	1846632	----a-w-	c:\windows\system32\D3DCompiler_41.dll
2010-05-16 13:07 . 2009-03-16 12:18	69448	----a-w-	c:\windows\system32\XAPOFX1_3.dll
2010-05-16 13:07 . 2009-03-16 12:18	517448	----a-w-	c:\windows\system32\XAudio2_4.dll
2010-05-16 13:07 . 2009-03-16 12:18	235352	----a-w-	c:\windows\system32\xactengine3_4.dll
2010-05-16 13:07 . 2009-03-16 12:18	22360	----a-w-	c:\windows\system32\X3DAudio1_6.dll
2010-05-16 13:05 . 2010-05-16 13:05	--------	d-----w-	c:\program files\Common Files\ChessBase
2010-05-16 12:30 . 2010-05-16 12:30	--------	d-----w-	c:\program files\DAMN NFO Viewer
2010-05-15 15:16 . 2008-04-07 03:38	22872	----a-r-	c:\windows\system32\AdobePDFUI.dll
2010-05-14 07:03 . 2010-05-14 07:03	--------	d-----w-	c:\users\JARA_2\AppData\Local\GHISLER
2010-05-13 17:45 . 2010-05-13 17:47	--------	d-----w-	C:\totalcmd
2010-05-13 17:45 . 2010-05-13 17:45	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\GHISLER
2010-05-12 14:52 . 2010-05-12 14:52	17920	----a-r-	c:\users\JARA_2\AppData\Roaming\Microsoft\Installer\{2344785A-7020-4EB9-B8B8-7AAF52FB166C}\Icon2344785A.exe
2010-05-12 14:49 . 2010-05-12 14:49	--------	d-----w-	c:\program files\PJsoft
2010-05-12 14:43 . 2010-05-12 14:43	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
2010-05-12 05:51 . 2009-10-10 02:57	12800	----a-w-	c:\windows\system32\drivers\sffp_sd.sys
2010-05-12 03:59 . 2010-03-04 07:33	740864	----a-w-	c:\windows\system32\inetcomm.dll
2010-05-10 03:38 . 2010-05-13 12:33	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\ChessBase
2010-05-10 03:33 . 2010-05-10 03:38	--------	d-----w-	c:\program files\Fritz 9
2010-05-09 18:05 . 2010-04-12 15:29	411368	----a-w-	c:\windows\system32\deployJava1.dll
2010-05-09 15:40 . 2010-05-12 11:01	--------	d-----w-	c:\users\JARA_2\AppData\Local\Nero
2010-05-09 15:38 . 2010-05-09 15:52	--------	d-----w-	c:\users\JARA_2\AppData\Local\Nero_AG
2010-05-09 15:32 . 2010-05-09 15:32	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Nero
2010-05-09 15:21 . 2010-05-09 15:31	--------	d-----w-	c:\programdata\Nero
2010-05-09 15:21 . 2010-05-09 15:21	--------	d-----w-	c:\program files\Common Files\Nero
2010-05-09 15:20 . 2010-05-09 15:31	--------	d-----w-	c:\program files\Nero
2010-05-09 14:46 . 2009-09-04 15:29	1974616	----a-w-	c:\windows\system32\D3DCompiler_42.dll
2010-05-09 14:46 . 2009-09-04 15:29	1892184	----a-w-	c:\windows\system32\D3DX9_42.dll
2010-05-09 14:45 . 2008-10-15 04:22	4379984	----a-w-	c:\windows\system32\D3DX9_40.dll
2010-05-09 14:45 . 2007-07-19 16:14	3727720	----a-w-	c:\windows\system32\d3dx9_35.dll
2010-05-09 14:44 . 2007-05-16 14:45	3497832	----a-w-	c:\windows\system32\d3dx9_34.dll
2010-05-06 16:19 . 2010-05-15 07:23	--------	d-----w-	c:\program files\iTV
2010-05-06 15:40 . 2010-05-06 15:51	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Zoner
2010-05-06 15:40 . 2010-05-06 15:40	--------	d-----w-	c:\users\JARA_2\AppData\Local\Zoner
2010-05-06 15:39 . 2010-05-06 15:39	--------	d-----w-	c:\program files\Zoner
2010-05-05 17:35 . 2010-05-18 23:18	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\AIMP
2010-05-05 17:35 . 2010-05-05 17:44	--------	d-----w-	c:\program files\AIMP2
2010-05-03 17:56 . 2010-05-03 17:56	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Ahead
2010-05-03 12:17 . 2010-05-10 02:24	--------	d-----w-	c:\users\JARA_2\AppData\Local\Ashampoo Music Studio 3
2010-05-02 18:54 . 2010-05-02 18:54	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\GRETECH
2010-05-02 18:48 . 2010-05-02 18:48	--------	d-----w-	c:\program files\GRETECH
2010-04-28 03:03 . 2009-12-11 07:38	1037312	----a-w-	c:\windows\system32\lsasrv.dll
2010-04-28 03:03 . 2009-12-11 07:44	133720	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2010-04-28 03:03 . 2009-09-26 05:58	194488	----a-w-	c:\windows\system32\drivers\fvevol.sys

.
((((((((((((((((((((((((((((((((((((((((   Find3M vpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-17 17:03 . 2010-03-11 03:49	4194304	----a-w-	c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2010-05-17 13:06 . 2010-02-07 12:49	--------	d-----w-	c:\programdata\ChessBase
2010-05-17 05:24 . 2009-08-26 09:31	656998	----a-w-	c:\windows\system32\perfh005.dat
2010-05-17 05:24 . 2009-08-26 09:31	136058	----a-w-	c:\windows\system32\perfc005.dat
2010-05-16 13:14 . 2010-01-02 01:24	130080	----a-w-	c:\users\JARA_2\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-16 13:05 . 2010-05-16 13:05	--------	d-----w-	c:\program files\Common Files\ChessBase
2010-05-16 13:05 . 2010-02-07 12:36	--------	d-----w-	c:\program files\ChessBase
2010-05-16 13:02 . 2009-08-05 19:56	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-05-15 19:11 . 2010-03-29 07:17	2828	--sha-w-	c:\programdata\KGyGaAvL.sys
2010-05-15 19:11 . 2010-03-29 07:17	2828	--sha-w-	c:\programdata\KGyGaAvL.sys
2010-05-15 01:58 . 2009-08-05 20:01	--------	d-----w-	c:\program files\Google
2010-05-13 17:45 . 2010-05-13 17:45	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\GHISLER
2010-05-13 12:33 . 2010-05-10 03:38	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\ChessBase
2010-05-12 05:47 . 2009-07-14 02:37	--------	d-----w-	c:\program files\Windows Mail
2010-05-09 18:05 . 2009-11-29 23:34	--------	d-----w-	c:\program files\Java
2010-05-09 06:01 . 2010-02-07 05:56	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Vso
2010-05-06 19:06 . 2010-03-01 15:01	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Skype
2010-05-06 19:04 . 2010-03-01 15:31	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\skypePM
2010-05-06 08:36 . 2009-10-31 16:15	221568	------w-	c:\windows\system32\MpSigStub.exe
2010-05-05 15:52 . 2010-04-01 17:08	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-05-03 18:20 . 2010-01-31 04:26	--------	d-----w-	c:\program files\CCleaner
2010-05-03 12:16 . 2010-02-21 08:51	--------	d-----w-	c:\program files\Ashampoo
2010-05-01 20:30 . 2010-03-10 13:32	--------	d-----w-	c:\programdata\SpeedBit
2010-05-01 17:36 . 2009-08-05 20:01	--------	d-----w-	c:\program files\Common Files\PX Storage Engine
2010-05-01 16:52 . 2009-12-24 05:46	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Ashampoo
2010-05-01 14:19 . 2010-03-10 13:40	2560	----a-w-	c:\windows\_MSRSTRT.EXE
2010-05-01 03:58 . 2010-03-06 21:33	--------	d-----w-	c:\program files\Opera
2010-04-29 13:39 . 2010-04-01 17:08	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2010-04-01 17:08	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-04-15 09:51 . 2010-04-15 09:51	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\com.adobe.ExMan
2010-04-15 06:39 . 2010-04-15 06:39	--------	d-----w-	c:\programdata\FLEXnet
2010-04-15 06:34 . 2009-10-22 09:27	--------	d-----w-	c:\program files\Common Files\Adobe
2010-04-15 06:31 . 2010-04-15 06:31	--------	d-----w-	c:\program files\Common Files\Adobe AIR
2010-04-15 06:29 . 2010-04-15 06:29	--------	d-----w-	c:\program files\Common Files\Macrovision Shared
2010-04-14 08:11 . 2010-03-05 17:04	128520	----a-w-	c:\users\Jara1\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-14 07:12 . 2009-08-05 19:56	505128	----a-w-	c:\windows\system32\msvcp71.dll
2010-04-14 07:12 . 2009-08-05 19:56	353576	----a-w-	c:\windows\system32\msvcr71.dll
2010-04-13 14:13 . 2010-04-13 14:13	--------	d-----w-	c:\program files\COMODO
2010-04-10 03:48 . 2010-04-10 03:48	680509	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\ABBYY PDF Transformer 2_0_UIBak\C\Program Files\ABBYY PDF Transformer 2.0\PDF X-Change\unins000.exe
2010-04-10 03:48 . 2010-04-10 03:48	69632	----a-r-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\ABBYY PDF Transformer 2_0_UIBak\C\Windows\Installer\{FA200000-0001-0000-0000-074957833700}\ICON_PDFTransformer.exe
2010-04-10 03:48 . 2010-04-10 03:48	77824	----a-r-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\ABBYY PDF Transformer 2_0_UIBak\C\Windows\Installer\{FA200000-0001-0000-0000-074957833700}\ICON_PDFCreator.exe
2010-04-10 03:48 . 2010-04-10 03:48	69632	----a-r-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\ABBYY PDF Transformer 2_0_UIBak\C\Windows\Installer\{FA200000-0001-0000-0000-074957833700}\ARPPRODUCTICON.exe
2010-04-09 18:17 . 2010-04-09 18:17	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Softland
2010-04-09 18:17 . 2010-04-09 18:17	--------	d-----w-	c:\program files\Softland
2010-04-07 11:40 . 2010-03-01 11:13	--------	d-----w-	c:\program files\IObit
2010-04-07 11:32 . 2010-03-01 12:39	--------	d-----w-	c:\programdata\IObit
2010-04-04 15:47 . 2010-01-30 20:36	--------	d-----w-	c:\programdata\Agnitum
2010-04-04 15:25 . 2010-03-09 10:30	--------	d-----w-	c:\programdata\ashampoo
2010-04-02 11:39 . 2010-04-02 11:38	--------	d-----w-	c:\programdata\WinZip
2010-04-02 02:50 . 2010-04-02 02:50	--------	d-----w-	c:\program files\Common Files\Java
2010-04-01 17:09 . 2010-04-01 17:09	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Malwarebytes
2010-04-01 17:08 . 2010-04-01 17:08	--------	d-----w-	c:\programdata\Malwarebytes
2010-03-29 07:17 . 2010-03-29 07:15	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\Corel
2010-03-29 07:17 . 2010-03-29 07:17	8	--sh--r-	c:\programdata\70BFA2D6CE.sys
2010-03-29 07:17 . 2010-03-29 07:17	8	--sh--r-	c:\programdata\70BFA2D6CE.sys
2010-03-29 07:11 . 2010-03-29 07:11	--------	d-----w-	c:\programdata\Corel
2010-03-29 07:11 . 2010-03-29 07:11	--------	d-----w-	c:\program files\Common Files\Protexis
2010-03-29 07:10 . 2010-03-29 07:10	--------	d-----w-	c:\program files\Common Files\Corel
2010-03-29 07:10 . 2010-03-29 07:10	--------	d-----w-	c:\program files\Corel
2010-03-28 17:12 . 2010-03-28 17:03	--------	d-----w-	c:\program files\ESET
2010-03-23 07:26 . 2010-03-19 21:02	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\AVI ReComp
2010-03-23 07:26 . 2010-03-23 07:24	--------	d-----w-	c:\program files\AVI ReComp
2010-03-23 07:26 . 2010-02-20 17:16	--------	d-----w-	c:\program files\Gabest
2010-03-23 07:25 . 2010-03-23 07:25	--------	d-----w-	c:\program files\Xvid
2010-03-23 07:25 . 2010-03-23 07:25	--------	d-----w-	c:\program files\AviSynth 2.5
2010-03-23 02:38 . 2009-08-05 20:52	--------	d-----w-	c:\programdata\P4G
2010-03-23 02:38 . 2010-03-22 14:34	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\HEXelon
2010-03-22 14:53 . 2010-03-22 14:45	--------	d-----w-	c:\users\JARA_2\AppData\Roaming\XnView
2010-03-10 14:17 . 2010-03-10 13:51	305	----a-w-	c:\windows\system32\secushr.dat
2010-03-10 09:36 . 2010-05-16 18:20	217032	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Windows\System32\drivers\PCTCore.sys
2010-03-08 21:33 . 2010-04-14 01:46	427520	----a-w-	c:\windows\system32\vbscript.dll
2010-03-06 20:50 . 2010-03-06 20:50	74328	----a-w-	c:\windows\system32\drivers\inspect.sys
2010-03-05 12:29 . 2010-05-16 18:20	432080	----a-w-	c:\programdata\ashampoo\Ashampoo UnInstaller 4\Backup\Spyware Doctor 7_0_UIBak\C\Program Files\Spyware Doctor\NetworkLayer\PluginDllSG.dll
2010-03-01 15:31 . 2010-03-01 15:31	56	---ha-w-	c:\programdata\ezsidmv.dat
2010-03-01 08:57 . 2010-03-01 08:58	509552	----a-w-	c:\programdata\Google\Google Toolbar\Update\gtb6D29.tmp.exe
2010-02-27 12:07 . 2010-04-14 01:46	3954568	----a-w-	c:\windows\system32\ntkrnlpa.exe
2010-02-27 12:07 . 2010-04-14 01:46	3899280	----a-w-	c:\windows\system32\ntoskrnl.exe
2010-02-27 07:32 . 2010-04-14 01:46	221696	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2010-02-27 07:32 . 2010-04-14 01:46	95744	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2010-02-27 07:32 . 2010-04-14 01:46	123392	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2010-02-26 04:41 . 2010-02-26 04:41	41312	----a-w-	c:\windows\system32\drivers\epfwwfp.sys
2010-02-26 04:41 . 2010-02-26 04:41	32584	----a-w-	c:\windows\system32\drivers\epfwndis.sys
2010-02-26 04:41 . 2010-02-26 04:41	134488	----a-w-	c:\windows\system32\drivers\epfw.sys
2010-02-26 04:41 . 2010-02-26 04:41	114984	----a-w-	c:\windows\system32\drivers\ehdrv.sys
2010-02-26 04:39 . 2010-02-26 04:39	133512	----a-w-	c:\windows\system32\drivers\eamonm.sys
2010-02-23 07:56 . 2010-03-31 03:23	977920	----a-w-	c:\windows\system32\wininet.dll
2009-04-08 09:31 . 2009-04-08 09:31	106496	----a-w-	c:\program files\Common Files\CPInstallAction.dll
2008-08-11 20:45 . 2008-08-11 20:45	155648	----a-w-	c:\program files\Common Files\MSIactionall.dll
2008-05-22 07:35 . 2008-05-22 07:35	51962	----a-w-	c:\program files\Common Files\banner.jpg
2007-06-12 08:34 . 2007-06-12 08:34	35822	----a-w-	c:\program files\Common Files\ASPG_icon.ico
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((   Spoutc body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznmka* przdn zznamy a legitimn vchoz daje nejsou zobrazeny. 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08	143360	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384]
"UIWatcher"="c:\program files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe" [2010-01-04 2530648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-02-26 2140880]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Aktualizovat ESET licenci.lnk - c:\program files\ESET\MiNODLogin\MiNODLogin.exe [2009-12-10 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0crcnat.exe

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
backup=c:\windows\pss\FancyStart daemon.lnk.CommonStartup
backupExtension=.CommonStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
2009-06-24 11:30	272952	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
2009-08-05 20:54	47672	----a-w-	c:\windows\AsScrProlog.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSTPE]
2007-10-12 04:44	106496	----a-w-	c:\windows\System32\ASUSTPE.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
2009-08-19 19:31	170624	----a-w-	c:\program files\ASUS\ATK Media\DMedia.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
2009-08-17 08:58	6859392	----a-w-	c:\program files\ASUS\ATKOSD2\ATKOSD2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44	31072	----a-w-	c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
2009-06-19 09:29	105016	----a-w-	c:\program files\ASUS\ATK Hotkey\HControlUser.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2010-04-29 13:39	437584	----a-w-	c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
2010-03-26 08:52	1234216	----a-w-	c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2008-07-16 11:00	6253088	----a-w-	c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2008-07-16 11:01	1833504	----a-w-	c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-08-29 16:11	61440	----a-w-	c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-08-05 20:01	39408	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2007-12-06 10:12	1029416	----a-w-	c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

R2 gupdate;Sluba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-06 136176]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
R3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
R3 WatAdminSvc;Sluba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1343400]
R4 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2009-06-18 15416]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-02-26 114984]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-02-26 133512]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-02-26 810120]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-02-26 41312]
S2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\IS360srv.exe [2009-12-24 311568]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 MDES;DVM Meta Data Export Service;c:\asus.sys\DVMExportService.exe [2008-10-21 307200]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 SiSGbeLH;SiS191/SiS190  ovlada NDIS 6.0 zazen st Ethernet;c:\windows\system32\DRIVERS\SiSGB6.sys [2009-07-13 48128]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]


--- Ostatn sluby/ovladae v pamti ---

*Deregistered* - cmdGuard
*Deregistered* - cmdHlp
*Deregistered* - inspect
*Deregistered* - sp_rsdrv2

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
Obsah adrese 'Naplnovan lohy'

2010-04-23 c:\windows\Tasks\At1.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]

2010-04-23 c:\windows\Tasks\At2.job
- c:\windows\system32\Shutdown.exe [2009-07-13 01:14]

2010-05-17 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-04-07 12:11]

2010-05-17 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2010-04-07 12:54]

2010-05-18 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-04-07 11:38]

2010-05-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-06 16:51]

2010-05-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-06 16:51]

2009-11-25 c:\windows\Tasks\User_Feed_Synchronization-{98EEE44C-6E55-4FD8-900C-1E4FAB2CF1F0}.job
- c:\windows\system32\msfeedssync.exe [2009-07-13 01:14]

2009-11-02 c:\windows\Tasks\Wise Registry Cleaner 4.job
- c:\program files\Wise Registry Cleaner\WiseRegistryCleaner.exe [2009-12-17 22:48]
.
.
------- Doplkov sken -------
.
uStart Page = hxxp://home.speedbit.com/?aff=105
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Prevst cl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Prevst cl vazby do existujcho PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Prevst do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Pridat do stvajcho PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Stahnou vse FlashGet3
IE: Stahnout FlashGet3
IE: WikiKomente Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
Trusted Zone: kuaiche.com\software
TCP: {30DF29B2-9651-40C4-B658-E5BE739701EB} = 10.0.0.138
FF - ProfilePath - c:\users\JARA_2\AppData\Roaming\Mozilla\Firefox\Profiles\zfsqyflc.default\
FF - prefs.js: browser.search.selectedEngine - Slunečnice
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://home.speedbit.com/search.aspx?aff=106&q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVEN FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
.
--------------------- ZAMKNUT KLE V REGISTRU ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,dc,de,4f,be,27,a0,4a,9a,1d,d9,\
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,dc,de,4f,be,27,a0,4a,9a,1d,d9,\

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navzan na bc procesy ---------------------

- - - - - - - > 'Explorer.exe'(5408)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
Celkov as: 2010-05-19  15:14:21
ComboFix-quarantined-files.txt  2010-05-19 13:14
ComboFix2.txt  2010-04-09 02:33
ComboFix3.txt  2010-03-25 16:34
ComboFix4.txt  2010-03-04 20:22
ComboFix5.txt  2010-05-19 13:01

Ped sputnm: Volnch bajt: 164141490176
Po sputn: Volnch bajt: 164079755264

- - End Of File - - 65D2FA499882A94D1B2E8AEDEDBA72CE
