prosba o pomoc při ostranění viru z FB

Zpráva

Jarda63 · #1 Příspěvek od **Jarda63** » 29 črc 2011 13:26

Dobrý den, prosím o pomoc při odstranění viru z FB o kterém píšete ve svém článku.
Předem moc děkuji J. Nosek

Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2011-07-29 13:34:28
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 184 MB (0%) free of 50 GB
Total RAM: 1790 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:34:39, on 29.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Replay Media Catcher\FLVSrvc.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\Program Files\Global Graphics\gDoc\DocCreatorClient.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\update.tray-12-0\svchost.exe
C:\WINDOWS\update.tray-7-0\svchost.exe
C:\WINDOWS\update.tray-2-0\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Program Files\ICQ7.5\ICQ.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Cucku\Cucku Backup\CuckuSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\update.5.0\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\update.1\svchost.exe
C:\PROGRA~1\Bandoo\Bandoo.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\DCMessages.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\update.tray-2-0-lnk\svchost.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\ufa\ufa.exe
C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.5\iobitToolbarIE.dll
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - *{95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: (no name) - *{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: (no name) - *{855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - *{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
R3 - URLSearchHook: (no name) - *{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
R3 - URLSearchHook: (no name) - *{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - (no file)
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - (no file)
R3 - URLSearchHook: (no name) - *{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.5\iobitToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\GamePlayLabs Plugin\BHO.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: DVDVideoSoftTB - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\prxtbDVD0.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\prxtbDVD0.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.5\iobitToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Ask and Record FLV Service] "C:\Program Files\Replay Media Catcher\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [DocCreatorClient] "C:\Program Files\Global Graphics\gDoc\DocCreatorClient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [wxpdrv] C:\WINDOWS\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\WINDOWS\update.tray-12-0\svchost.exe
O4 - HKLM\..\Run: [4249244.exe] "C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\4249244.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\WINDOWS\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\WINDOWS\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [1142503.exe] "C:\WINDOWS\TEMP\1142503.exe"
O4 - HKLM\..\Run: [8719607-loader2.exe] "C:\WINDOWS\TEMP\8719607-loader2.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\WINDOWS\l1rezerv.exe"
O4 - HKLM\..\Run: [systemup] "C:\WINDOWS\systemup.exe" stand
O4 - HKLM\..\Run: [9585967.exe] "C:\WINDOWS\TEMP\9585967.exe"
O4 - HKLM\..\Run: [5739823.exe] "C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\5739823.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [tray_ico1] C:\WINDOWS\update.tray-7-0\svchost.exe
O4 - HKLM\..\Run: [tray_ico2] C:\WINDOWS\update.tray-2-0\svchost.exe
O4 - HKLM\..\Run: [4187042.exe] "C:\WINDOWS\TEMP\4187042.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Advanced SystemCare 4] "C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Local Website Archive - C:\Documents and Settings\Uživatel\Data aplikací\aignes\Local Website Archive\config\iearc.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Start Local Website Archive - {24593385-E620-4477-B330-352715AD5272} - C:\Program Files\Local Website Archive\wsarc.exe (HKCU)
O9 - Extra button: Add to Local Website Archive - {31709507-3A3F-4142-8477-E71F31B93BB4} - C:\Program Files\Local Website Archive\wsarc_add.exe (HKCU)
O9 - Extra button: (no name) - {577B7613-E95C-4D5D-A6D0-5749BC820C7F} - C:\Program Files\Local Website Archive\wsarc_add.exe (HKCU)
O9 - Extra 'Tools' menuitem: Add to Local Website Archive - {577B7613-E95C-4D5D-A6D0-5749BC820C7F} - C:\Program Files\Local Website Archive\wsarc_add.exe (HKCU)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/softwa ... Plugin.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG Free8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Cucku Backup (CuckuSrv) - Cucku, Inc - C:\Program Files\Cucku\Cucku Backup\CuckuSrv.exe
O23 - Service: DCMessages - Global Graphics Software Ltd - C:\WINDOWS\system32\DCMessages.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: srvbtcclient - Unknown owner - C:\WINDOWS\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\WINDOWS\update.2\svchost.exe (file missing)
O23 - Service: srvsysdriver32 - Unknown owner - C:\WINDOWS\sysdriver32.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: wxpdrivers - Unknown owner - C:\WINDOWS\update.1\svchost.exe

--
End of file - 19849 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-1960408961-725345543-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-606747145-1960408961-725345543-1004UA.job
C:\WINDOWS\tasks\Norton Security Scan for Uživatel.job
C:\WINDOWS\tasks\RMSchedule.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\npxe7mlk.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://start.icq.com/"
prefs.js - "extensions.enabledItems" - "xmlfiller@software602.cz:3.16.2, toolbar@ask.com:3.8.0.99999, DTToolbar@toolbarnet.com:1.0.7.0088, dealio@mybrowserbar.com:4.4, {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6, fdm_ffext@freedownloadmanager.org:1.3.2, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {d51d388b-f5dc-471a-a1ce-5e2d671091c0}:2.7.2.0, {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3, avg@igeared:3.011.025.005, wtxpcom@mybrowserbar.com:4.4, iobit@mybrowserbar.com:4.4, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, firefox@bandoo.com:5.0, plugin2@gameplaylabs.com:2.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =867034&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
"avg@igeared"=C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
xmlfiller@software602.cz
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
AskHPRFF.js
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIFillerPlugin.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npfiller.dll
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprpjplug.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\npxe7mlk.default\extensions\
engine@conduit.com
firefox@bandoo.com
plugin2@gameplaylabs.com
toolbar@ask.com
xmlfiller@software602.cz
{20a82645-c095-46ed-80e3-08825760534b}
{7b13ec3e-999a-4b70-b9cb-2617b8323822}
{800b5000-a755-47e1-992b-48a1c1357f07}
{d51d388b-f5dc-471a-a1ce-5e2d671091c0}
{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}

C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\npxe7mlk.default\searchplugins\
askcom.xml
conduit.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
qipsearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2008-03-28 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
IObit Toolbar - C:\Program Files\IObit Toolbar\IE\4.5\iobitToolbarIE.dll [2011-06-24 734048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-02-12 119808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\GamePlayLabs Plugin\BHO.dll [2011-03-08 432640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}]
myBabylon English Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-06-18 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoft\prxtbDVD0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}]
BandooIEPlugin Class - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll [2011-01-13 2444688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-28 501056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-12-10 929224]
{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} -
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoft\prxtbDVD0.dll [2011-01-17 175912]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - IObit Toolbar - C:\Program Files\IObit Toolbar\IE\4.5\iobitToolbarIE.dll [2011-06-24 734048]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2006-11-24 487424]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-08-26 16851456]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"Ask and Record FLV Service"=C:\Program Files\Replay Media Catcher\FLVSrvc.exe [2009-09-22 156672]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-06-24 534880]
"DivX Download Manager"=C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]
"DocCreatorClient"=C:\Program Files\Global Graphics\gDoc\DocCreatorClient.exe [2009-11-24 292248]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"wxpdrv"=C:\WINDOWS\services32.exe [2011-07-24 1185792]
"tray_ico0"=C:\WINDOWS\update.tray-12-0\svchost.exe [2011-07-24 1185792]
"4249244.exe"=C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\4249244.exe [2011-07-24 247296]
"sysdriver32.exe"=C:\WINDOWS\sysdriver32.exe rezerv []
"sysdriver32_.exe"=C:\WINDOWS\sysdriver32_.exe rezerv []
"1142503.exe"=C:\WINDOWS\TEMP\1142503.exe [2011-07-24 247296]
"8719607-loader2.exe"=C:\WINDOWS\TEMP\8719607-loader2.exe [2011-07-24 247296]
"l1rezerv.exe"=C:\WINDOWS\l1rezerv.exe []
"systemup"=C:\WINDOWS\systemup.exe stand []
"9585967.exe"=C:\WINDOWS\TEMP\9585967.exe [2011-07-24 247296]
"5739823.exe"=C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\5739823.exe [2011-07-24 247296]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui []
"tray_ico"= []
"tray_ico1"=C:\WINDOWS\update.tray-7-0\svchost.exe [2011-07-24 1185792]
"tray_ico2"=C:\WINDOWS\update.tray-2-0\svchost.exe [2011-07-24 1185792]
"tray_ico3"= []
"tray_ico4"= []
"4187042.exe"=C:\WINDOWS\TEMP\4187042.exe [2011-07-25 256000]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Google Update"=C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-03-29 136176]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-07-29 95576]
"Advanced SystemCare 4"=C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe [2011-05-28 412560]
"ICQ"=C:\Program Files\ICQ7.5\ICQ.exe [2011-06-29 124216]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-06-15 15141768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
C:\Program Files\eMule\emule.exe -AutoStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fsm]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GEST]
= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Cucku Backup.lnk]
C:\PROGRA~1\Cucku\CUCKUB~1\Cucku.exe [2009-07-25 382256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2008-03-25 214360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\bandoo\bndhook.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-05-25 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-08-23 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x5F000000
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\WinFast\WFDTV\LiveUpdate\LiveUpdate.exe"="C:\Program Files\WinFast\WFDTV\LiveUpdate\LiveUpdate.exe:*:Enabled:WF LiveUpdate Application"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox"
"D:\GAMES\Warcraft III\Warcraft III.exe"="D:\GAMES\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\WinFast\WFDTV\DVBTAP.exe"="C:\Program Files\WinFast\WFDTV\DVBTAP.exe:*:Enabled:WinFast DTV Application"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="D:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"D:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="D:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"D:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="D:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\Cucku\Cucku Backup\Cucku.exe"="C:\Program Files\Cucku\Cucku Backup\Cucku.exe:*:Enabled:Cucku Backup"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"D:\Program Files\QIP Infium\infium.exe"="D:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\WINDOWS\services32.exe"="C:\WINDOWS\services32.exe:*:Enabled:C:\WINDOWS\services32.exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"
"D:\Downloads\Flash-Player.exe"="D:\Downloads\Flash-Player.exe:*:Enabled:D:\Downloads\Flash-Player.exe"
"C:\WINDOWS\update.tray-12-0\svchost.exe"="C:\WINDOWS\update.tray-12-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-12-0\svchost.exe"
"C:\WINDOWS\update.2\svchost.exe"="C:\WINDOWS\update.2\svchost.exe:*:Enabled:C:\WINDOWS\update.2\svchost.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.divxa32"=msaud32_divx.acm
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.ctmp3"=C:\WINDOWS\system32\ctmp3.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.MP43"=mpg4c32.dll
"vidc.dvsd"=dvc.dll
"VIDC.VQC6"=V2210dec.dll
"vidc.mjpg"=pvmjpg30.dll
"wave"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=ctwdm32.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2011-07-29 13:34:28 ----D---- C:\rsit
2011-07-29 13:34:28 ----D---- C:\Program Files\trend micro
2011-07-29 13:16:58 ----HD---- C:\WINDOWS\update.tray-2-0-lnk
2011-07-29 13:16:58 ----HD---- C:\WINDOWS\update.tray-2-0
2011-07-28 09:03:40 ----D---- C:\Program Files\FreeSwiftAntiVirus
2011-07-28 09:03:06 ----A---- C:\ioY.ini
2011-07-27 11:23:39 ----A---- C:\Zástupce - Jednotka CD-ROM.lnk
2011-07-26 18:10:15 ----A---- C:\WINDOWS\system32\lsdelete.exe
2011-07-24 08:43:44 ----HD---- C:\WINDOWS\update.tray-7-0-lnk
2011-07-24 08:43:44 ----HD---- C:\WINDOWS\update.tray-7-0
2011-07-24 08:37:20 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-07-24 08:37:19 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-07-24 08:37:18 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-07-24 08:37:17 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-07-24 08:37:17 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-07-24 08:37:16 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-07-24 08:37:16 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-07-24 08:37:16 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-07-24 08:37:02 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-07-24 08:37:02 ----A---- C:\WINDOWS\avastSS.scr
2011-07-24 00:51:08 ----A---- C:\WINDOWS\system32\ativvamv.dll
2011-07-24 00:51:08 ----A---- C:\WINDOWS\system32\atimpc32.dll
2011-07-24 00:51:08 ----A---- C:\WINDOWS\system32\aticalrt.dll
2011-07-24 00:51:08 ----A---- C:\WINDOWS\system32\aticaldd.dll
2011-07-24 00:51:08 ----A---- C:\WINDOWS\system32\aticalcl.dll
2011-07-24 00:51:08 ----A---- C:\WINDOWS\system32\atibtmon.exe
2011-07-24 00:51:08 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2011-07-24 00:40:17 ----D---- C:\ATI
2011-07-24 00:35:21 ----D---- C:\WINDOWS\ufa
2011-07-24 00:35:21 ----D---- C:\WINDOWS\rpcminer
2011-07-24 00:35:21 ----D---- C:\WINDOWS\phoenix
2011-07-24 00:33:49 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-07-24 00:33:37 ----A---- C:\WINDOWS\ddh_iplist.txt
2011-07-24 00:32:38 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-07-24 00:32:12 ----HD---- C:\WINDOWS\update.5.0
2011-07-24 00:31:39 ----A---- C:\WINDOWS\unrar.exe
2011-07-24 00:30:50 ----HD---- C:\WINDOWS\update.2
2011-07-24 00:29:57 ----A---- C:\WINDOWS\iplist.txt
2011-07-24 00:23:26 ----A---- C:\WINDOWS\front_ip_list.txt
2011-07-24 00:23:21 ----D---- C:\WINDOWS\av_ico
2011-07-24 00:21:44 ----HD---- C:\WINDOWS\update.1
2011-07-24 00:20:59 ----HD---- C:\WINDOWS\update.tray-12-0-lnk
2011-07-24 00:20:59 ----HD---- C:\WINDOWS\update.tray-12-0
2011-07-24 00:09:55 ----A---- C:\WINDOWS\winlog-ids.txt
2011-07-24 00:09:55 ----A---- C:\WINDOWS\winlog-dirs.txt
2011-07-24 00:09:49 ----A---- C:\WINDOWS\services32.exe
2011-07-16 02:59:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-16 02:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-15 20:29:02 ----D---- C:\Program Files\IObit Toolbar
2011-07-07 19:24:40 ----A---- C:\WINDOWS\fonts\WING32.DLL
2011-07-07 19:24:34 ----D---- C:\Program Files\BSP Multimedia
2011-07-05 17:42:56 ----A---- C:\WINDOWS\system32\drivers\wceusbsh.sys
2011-07-05 15:57:33 ----D---- C:\Program Files\FDRLab
2011-07-04 07:46:43 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Registry Mechanic
2011-07-04 07:44:16 ----D---- C:\Program Files\Registry Mechanic

======List of files/folders modified in the last 1 month======

2011-07-29 13:34:28 ----RD---- C:\Program Files
2011-07-29 13:34:21 ----D---- C:\Program Files\Mozilla Firefox
2011-07-29 13:22:07 ----D---- C:\WINDOWS\Temp
2011-07-29 13:20:59 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-29 13:20:39 ----SD---- C:\WINDOWS\Tasks
2011-07-29 13:20:37 ----D---- C:\WINDOWS
2011-07-29 13:20:05 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2011-07-29 13:17:13 ----A---- C:\boot.ini
2011-07-29 13:14:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-29 13:13:47 ----HD---- C:\Config.Msi
2011-07-29 13:13:43 ----SHD---- C:\WINDOWS\Installer
2011-07-29 13:13:37 ----HD---- C:\WINDOWS\inf
2011-07-29 13:13:37 ----D---- C:\WINDOWS\system32\drivers
2011-07-28 09:07:14 ----D---- C:\WINDOWS\Prefetch
2011-07-28 07:55:26 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\ICQ
2011-07-27 23:15:21 ----D---- C:\WINDOWS\system32
2011-07-27 23:12:24 ----D---- C:\Program Files\eMule
2011-07-27 15:00:22 ----D---- C:\WINDOWS\system32\Restore
2011-07-27 13:43:24 ----D---- C:\WINDOWS\WinSxS
2011-07-27 13:27:20 ----SD---- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft
2011-07-26 17:58:33 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-07-24 08:48:38 ----RD---- C:\Program Files\Skype
2011-07-24 08:48:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-07-24 08:48:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-07-24 08:06:56 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\go
2011-07-24 07:46:57 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\PriceGong
2011-07-24 01:01:18 ----D---- C:\Program Files\Ask.com
2011-07-24 00:51:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-24 00:51:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-07-24 00:51:05 ----D---- C:\Program Files\ATI Technologies
2011-07-24 00:50:59 ----D---- C:\Program Files\ATI
2011-07-24 00:33:58 ----SHD---- C:\System Volume Information
2011-07-24 00:31:14 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-24 00:22:49 ----D---- C:\WINDOWS\system32\drivers\Avg
2011-07-23 08:52:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-07-21 23:10:49 ----D---- C:\WINDOWS\Debug
2011-07-21 16:49:35 ----D---- C:\temp
2011-07-16 02:55:20 ----A---- C:\WINDOWS\system32\MRT.exe
2011-07-15 20:30:12 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-15 20:29:03 ----D---- C:\Program Files\Application Updater
2011-07-07 19:24:40 ----RSD---- C:\WINDOWS\Fonts
2011-07-07 19:24:34 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-04 10:18:07 ----D---- C:\Program Files\Common Files
2011-07-04 07:47:20 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-07-03 22:14:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2011-07-03 22:14:12 ----D---- C:\Program Files\DivX
2011-06-30 07:13:42 ----D---- C:\Program Files\ICQ7.5

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2011-06-20 64512]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-05 691696]
R0 TPkd;TPkd; C:\WINDOWS\system32\drivers\TPkd.sys [2001-05-30 57600]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-23 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-23 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-02 108552]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-04-07 278984]
R2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2003-07-29 40448]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-04-07 25416]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R2 RVIEG01;VSC Engine; \??\C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-05-25 6554624]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 EuMusDesignVirtualAudioCableWdm_s2x;Sound2x Audio Cable (WDM); C:\WINDOWS\system32\DRIVERS\vacs2xkd.sys [2007-11-01 42880]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-27 4754432]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-24 171520]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 PhilCap;WinFast PxDTV2300 H service; C:\WINDOWS\system32\DRIVERS\PhilCap.sys [2008-10-31 922496]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2008-08-26 3684352]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-08-07 111360]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 ade300i9;ade300i9; C:\WINDOWS\system32\drivers\ade300i9.sys []
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys []
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
S3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
S3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
S3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-01-24 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-01-24 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-01-24 21568]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 se45bus;Sony Ericsson Device 069 driver (WDM); C:\WINDOWS\system32\DRIVERS\se45bus.sys [2006-11-30 61536]
S3 se45mdfl;Sony Ericsson Device 069 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se45mdfl.sys [2006-11-30 9360]
S3 se45mdm;Sony Ericsson Device 069 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se45mdm.sys [2006-11-30 97088]
S3 se45mgmt;Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se45mgmt.sys [2006-11-30 88624]
S3 se45nd5;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS); C:\WINDOWS\system32\DRIVERS\se45nd5.sys [2006-11-30 18704]
S3 se45obex;Sony Ericsson Device 069 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se45obex.sys [2006-11-30 86432]
S3 se45unic;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM); C:\WINDOWS\system32\DRIVERS\se45unic.sys [2006-11-30 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 V2210VID;DigitalCam Pro; C:\WINDOWS\system32\DRIVERS\V2210vid.sys [2002-10-31 434368]
S3 W700bus;Sony Ericsson W700 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\W700bus.sys [2009-05-20 61536]
S3 W700mdfl;Sony Ericsson W700 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\W700mdfl.sys [2009-05-20 9264]
S3 W700mdm;Sony Ericsson W700 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\W700mdm.sys [2009-05-20 97056]
S3 W700mgmt;Sony Ericsson W700 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\W700mgmt.sys [2009-05-20 88560]
S3 W700obex;Sony Ericsson W700 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\W700obex.sys [2009-05-20 86368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-06-24 393112]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-05-25 643072]
R2 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2011-01-13 1960336]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-13 44032]
R2 CuckuSrv;Cucku Backup; C:\Program Files\Cucku\Cucku Backup\CuckuSrv.exe [2009-07-25 63280]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-06-01 821080]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-06-28 2151640]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 srvbtcclient;srvbtcclient; C:\WINDOWS\update.5.0\svchost.exe [2011-07-26 348672]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
R2 wxpdrivers;wxpdrivers; C:\WINDOWS\update.1\svchost.exe [2011-07-24 1185792]
R3 DCMessages;DCMessages; C:\WINDOWS\system32\DCMessages.exe [2009-11-24 99720]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-10-28 593920]
S2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe []
S2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe []
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-29 136176]
S2 srviecheck;srviecheck; C:\WINDOWS\update.2\svchost.exe srv []
S2 srvsysdriver32;srvsysdriver32; C:\WINDOWS\sysdriver32.exe srv []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-29 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Roli** » 29 črc 2011 13:48

Zdravím, tohle fixni v HJT :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.5\iobitToolbarIE.dll
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: (no name) - *{95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: (no name) - *{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: (no name) - *{855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - *{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
R3 - URLSearchHook: (no name) - *{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
R3 - URLSearchHook: (no name) - *{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - (no file)
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - (no file)
R3 - URLSearchHook: (no name) - *{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.5\iobitToolbarIE.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files\Bandoo\Plugins\IE\ieplugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: myBabylon English Toolbar - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.5\iobitToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (file missing)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [wxpdrv] C:\WINDOWS\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\WINDOWS\update.tray-12-0\svchost.exe
O4 - HKLM\..\Run: [4249244.exe] "C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\4249244.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\WINDOWS\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\WINDOWS\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [1142503.exe] "C:\WINDOWS\TEMP\1142503.exe"
O4 - HKLM\..\Run: [8719607-loader2.exe] "C:\WINDOWS\TEMP\8719607-loader2.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\WINDOWS\l1rezerv.exe"
O4 - HKLM\..\Run: [systemup] "C:\WINDOWS\systemup.exe" stand
O4 - HKLM\..\Run: [9585967.exe] "C:\WINDOWS\TEMP\9585967.exe"
O4 - HKLM\..\Run: [5739823.exe] "C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\5739823.exe"
O4 - HKLM\..\Run: [tray_ico1] C:\WINDOWS\update.tray-7-0\svchost.exe
O4 - HKLM\..\Run: [tray_ico2] C:\WINDOWS\update.tray-2-0\svchost.exe
O4 - HKLM\..\Run: [4187042.exe] "C:\WINDOWS\TEMP\4187042.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG Free8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (file missing)
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: srviecheck - Unknown owner - C:\WINDOWS\update.2\svchost.exe (file missing)
O23 - Service: srvsysdriver32 - Unknown owner - C:\WINDOWS\sysdriver32.exe (file missing)

HJT najdeš zde :

C:\Program Files\trend micro\Uživatel.exe

Fix znamená že spustíš HJT Obrázek

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

Nero BackItUp Scheduler 4.0

srvbtcclient

wxpdrivers

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.

Dále by bylo dobré si ujasnit který antivir chceš používat, protože jich tam na můj vkus máš nějak moc.

Osobně bych to viděl asi takhle :

přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj NOD32, Advanced SystemCare 4, AVG a ICQ6Toolbar

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

Jarda63 · #3 Příspěvek od **Jarda63** » 29 črc 2011 14:42

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

29.7.2011 15:41:48
mbam-log-2011-07-29 (15-41-38).txt

Typ: Rychlá kontrola
Kontrolované objekty: 178758
Uplynulý čas: 2 minut, 56 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 14
Infikované hodnoty v registru: 2
Infikované datové položky v registru: 3
Infikované složky: 1
Infikované soubory: 9

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Trojan.Dropper) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{CDC73256-A88D-4642-844E-A8F20B76789C} (Adware.Softomate) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{D1063603-F045-475F-AFBC-8CBA7D5797FB} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\HostOL.MailAnim (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\HostOL.MailAnim (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SRVSYSDRIVER32 (Trojan.Agent) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run\NVIDIA driver monitor (Backdoor.Agent) -> Value: NVIDIA driver monitor -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> No action taken.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
c:\documents and settings\all users\data aplikací\HotbarSA (Adware.Hotbar) -> No action taken.

Infikované soubory:
c:\WINDOWS\update.1\svchost.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\services32.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\update.5.0\svchost.exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\all users\data aplikací\HotbarSA\HotbarSA.dat (Adware.Hotbar) -> No action taken.
c:\documents and settings\all users\data aplikací\HotbarSA\hotbarsaabout.mht (Adware.Hotbar) -> No action taken.
c:\documents and settings\all users\data aplikací\HotbarSA\hotbarsaau.dat (Adware.Hotbar) -> No action taken.
c:\documents and settings\all users\data aplikací\HotbarSA\hotbarsaeula.mht (Adware.Hotbar) -> No action taken.
c:\documents and settings\all users\data aplikací\HotbarSA\hotbarsa_hpk.dat (Adware.Hotbar) -> No action taken.
c:\documents and settings\all users\data aplikací\HotbarSA\hotbarsa_kyf.dat (Adware.Hotbar) -> No action taken.

#4 Příspěvek od **Roli** » 29 črc 2011 20:59

Vše co Mbam našel nech smazat.

Nyní použijeme větší kalibr tak že pozorně čti, protože tenhle softík netoleruje chyby.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

Jarda63 · #5 Příspěvek od **Jarda63** » 29 črc 2011 21:54

ComboFix 11-07-29.03 - Uživatel 29.07.2011 22:43:35.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1790.963 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\btc_client_iplist.txt
c:\windows\ddh_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\iun6002.exe
c:\windows\loader2.exe_ok
c:\windows\phoenix
c:\windows\phoenix.rar
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\proc_list1.log
c:\windows\rpcminer
c:\windows\rpcminer.rar
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\system32\win32.dll
c:\windows\ufa.rar
c:\windows\update.1
c:\windows\update.2
c:\windows\update.5.0
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
C:\wmcodec_update.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SRVBTCCLIENT
-------\Legacy_SRVIECHECK
-------\Legacy_WXPDRIVERS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-28 do 2011-07-29 )))))))))))))))))))))))))))))))
.
.
2011-07-29 13:26 . 2011-07-29 13:26 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Malwarebytes
2011-07-29 13:26 . 2011-07-29 13:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-07-29 13:26 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-29 13:26 . 2011-07-29 13:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-29 13:26 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-29 13:16 . 2011-07-29 13:16 -------- d-----w- c:\program files\CCleaner
2011-07-29 11:34 . 2011-07-29 12:59 -------- d-----w- c:\program files\trend micro
2011-07-29 11:34 . 2011-07-29 11:35 -------- d-----w- C:\rsit
2011-07-29 11:16 . 2011-07-29 11:16 -------- d--h--w- c:\windows\update.tray-2-0
2011-07-29 11:16 . 2011-07-29 11:16 -------- d--h--w- c:\windows\update.tray-2-0-lnk
2011-07-28 07:04 . 2011-07-28 07:04 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\AppZilla_Software
2011-07-28 07:03 . 2011-07-29 20:40 -------- d-----w- c:\program files\FreeSwiftAntiVirus
2011-07-26 16:10 . 2011-06-20 15:48 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-07-24 06:43 . 2011-07-27 11:47 -------- d--h--w- c:\windows\update.tray-7-0
2011-07-24 06:43 . 2011-07-24 06:43 -------- d--h--w- c:\windows\update.tray-7-0-lnk
2011-07-24 06:37 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-24 06:37 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-24 06:37 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-24 06:37 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-24 06:37 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-24 06:37 . 2011-07-04 11:35 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-24 06:37 . 2011-07-04 11:35 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-24 06:37 . 2011-07-04 11:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-24 06:37 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-24 06:37 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-23 22:51 . 2011-05-25 03:53 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-07-23 22:51 . 2011-05-25 03:53 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-07-23 22:51 . 2011-05-25 03:42 5922816 ----a-w- c:\windows\system32\aticaldd.dll
2011-07-23 22:51 . 2011-05-25 03:07 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-07-23 22:51 . 2011-05-25 02:38 64512 ----a-w- c:\windows\system32\atimpc32.dll
2011-07-23 22:51 . 2011-05-25 02:34 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-07-23 22:51 . 2009-05-11 21:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2011-07-23 22:50 . 2011-07-23 22:50 -------- d-----w- c:\documents and settings\Default User\Local Settings\Data aplikací\ATI
2011-07-23 22:50 . 2011-07-23 22:50 -------- d-----w- c:\documents and settings\Default User\Data aplikací\ATI
2011-07-23 22:40 . 2011-07-23 22:40 -------- d-----w- C:\ATI
2011-07-23 22:35 . 2011-07-23 22:35 -------- d-----w- c:\windows\ufa
2011-07-23 22:31 . 2011-07-23 22:35 246272 ----a-w- c:\windows\unrar.exe
2011-07-23 22:23 . 2011-07-24 06:45 -------- d-----w- c:\windows\av_ico
2011-07-23 22:20 . 2011-07-27 11:47 -------- d--h--w- c:\windows\update.tray-12-0
2011-07-23 22:20 . 2011-07-23 22:20 -------- d--h--w- c:\windows\update.tray-12-0-lnk
2011-07-23 22:09 . 2011-07-23 22:09 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2011-07-15 18:29 . 2011-07-15 18:29 -------- d-----w- c:\program files\IObit Toolbar
2011-07-07 17:24 . 2011-07-07 17:24 -------- d-----w- c:\program files\BSP Multimedia
2011-07-05 15:42 . 2008-04-14 05:43 31744 ----a-w- c:\windows\system32\drivers\wceusbsh.sys
2011-07-05 13:57 . 2011-07-05 13:57 -------- d-----w- c:\program files\FDRLab
2011-07-04 05:46 . 2011-07-04 05:46 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Registry Mechanic
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-02 17:48 . 2011-06-20 15:49 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-20 08:31 . 2011-06-20 15:42 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-06-13 06:07 . 2011-05-19 18:18 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-06 11:35 . 2008-04-14 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-06-02 17:53 . 2011-06-02 17:53 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-05-25 04:21 . 2008-10-28 19:11 6554624 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2011-05-25 04:15 . 2009-04-03 06:37 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2011-05-25 03:47 . 2008-10-28 18:11 17989632 ----a-w- c:\windows\system32\atioglxx.dll
2011-05-25 03:14 . 2008-10-28 17:58 4059328 ----a-w- c:\windows\system32\ati3duag.dll
2011-05-25 03:05 . 2008-10-28 17:18 503808 ----a-w- c:\windows\system32\atiok3x2.dll
2011-05-25 02:58 . 2008-10-28 17:18 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 02:56 . 2009-04-03 06:37 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-05-25 02:55 . 2008-10-28 18:22 302592 ----a-w- c:\windows\system32\ati2dvag.dll
2011-05-25 02:54 . 2008-10-28 17:41 3152384 ----a-w- c:\windows\system32\ativvaxx.dll
2011-05-25 02:39 . 2008-10-28 18:11 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2011-05-25 02:39 . 2008-10-28 18:11 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2011-05-25 02:39 . 2008-10-28 18:11 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-05-25 02:39 . 2008-10-28 18:11 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-05-25 02:38 . 2008-10-28 17:25 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2011-05-25 02:38 . 2008-10-28 18:10 188416 ----a-w- c:\windows\system32\ati2evxx.dll
2011-05-25 02:37 . 2008-10-28 18:09 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2011-05-25 02:36 . 2008-10-28 18:07 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-05-25 02:31 . 2008-10-28 17:21 651264 ----a-w- c:\windows\system32\atikvmag.dll
2011-05-25 02:27 . 2008-10-28 17:19 200704 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:27 . 2008-10-28 17:19 17408 ----a-w- c:\windows\system32\atitvo32.dll
2011-05-25 02:22 . 2008-10-28 17:12 856064 ----a-w- c:\windows\system32\ati2cqag.dll
2011-05-04 02:52 . 2011-06-28 07:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2009-04-21 07:59 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-05-02 15:32 . 2009-04-03 06:19 692736 ----a-w- c:\windows\system32\inetcomm.dll
2009-07-15 08:54 . 2009-11-03 08:00 78823633 ----a-w- c:\program files\band-in-a-box-2006.exe
2011-06-07 22:26 . 2011-06-07 22:26 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Cucku Backup.lnk]
backup=c:\windows\pss\Cucku Backup.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GEST]
= [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\LiveUpdate\\LiveUpdate.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\DVBTAP.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\Cucku\\Cucku Backup\\Cucku.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"d:\\Program Files\\QIP Infium\\infium.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"d:\\Downloads\\Flash-Player.exe"=
"c:\\WINDOWS\\update.tray-12-0\\svchost.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [20.6.2011 17:42 64512]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5.4.2009 18:53 691696]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [3.4.2009 10:45 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [3.4.2009 10:45 108552]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2010 13:47 94872]
R2 CuckuSrv;Cucku Backup;c:\program files\Cucku\Cucku Backup\CuckuSrv.exe [25.7.2009 4:31 63280]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [20.6.2011 11:33 821080]
R3 EuMusDesignVirtualAudioCableWdm_s2x;Sound2x Audio Cable (WDM);c:\windows\system32\drivers\vacs2xkd.sys [23.8.2009 0:32 42880]
R3 PhilCap;WinFast PxDTV2300 H service;c:\windows\system32\drivers\PhilCap.sys [8.4.2009 20:22 922496]
S2 ekrn;ESET Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26.6.2010 21:29 136176]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [23.8.2009 0:32 16512]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [5.3.2011 12:25 36608]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [26.6.2010 21:29 136176]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [20.6.2011 10:31 15232]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [29.7.2011 15:26 41272]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [6.3.2011 19:58 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [6.3.2011 19:58 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [6.3.2011 19:58 123648]
S3 V2210VID;DigitalCam Pro;c:\windows\system32\drivers\V2210vid.sys [29.10.2009 1:49 434368]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 14:00 14336]
S4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [24.6.2011 17:30 393112]
S4 DCMessages;DCMessages;c:\windows\system32\DCMessages.exe [30.1.2011 15:37 99720]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [20.6.2011 10:31 2151640]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-29 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-06-20 11:19]
.
2011-07-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 05:12]
.
2011-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 05:12]
.
2011-07-29 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-02-04 15:50]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 84.244.102.11 192.168.1.1
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\npxe7mlk.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=DVSV5&o=15012&locale=en_EU&apn_uid=211C47E3-F2E7-4FCD-87E7-AF742A640F08&apn_ptnrs=U9&apn_sauid=F0518B71-AC3A-4928-8F4A-42DF800313E3&apn_dtid=YYY-YYYB8&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file)
WebBrowser-{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-tray_ico - (no file)
HKLM-Run-tray_ico3 - (no file)
HKLM-Run-tray_ico4 - (no file)
MSConfigStartUp-eMuleAutoStart - c:\program files\eMule\emule.exe
AddRemove-FreeOCR.net - c:\windows\FreeOCR.net
AddRemove-MusicTime Deluxe - c:\program files\GVOX\MusicTime Deluxe\Uninst.isu
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-29 22:50
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(892)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(1288)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\MsPMSPSv.exe
c:\windows\system32\devldr32.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2011-07-29 22:52:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-29 20:52
.
Před spuštěním: 1 534 787 584
Po spuštění: 1 710 968 832
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=AlwaysOff /fastdetect /usepmtimer
.
- - End Of File - - 3B9BCE1BC076F232C55BA0FC75BC6477

#6 Příspěvek od **Roli** » 30 črc 2011 10:46

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

KillAll::

File::  
c:\windows\unrar.exe
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

Folder::
c:\windows\update.tray-2-0
c:\windows\update.tray-2-0-lnk
c:\program files\FreeSwiftAntiVirus
c:\windows\update.tray-7-0
c:\windows\update.tray-7-0-lnk
c:\windows\ufa
c:\windows\av_ico
c:\windows\update.tray-12-0
c:\windows\update.tray-12-0-lnk
c:\program files\IObit Toolbar
c:\program files\Ask.com

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000000
"DisableThumbnailCache"=dword:00000000
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Downloads\\Flash-Player.exe"=-
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\update.tray-12-0\\svchost.exe"=-

FireFox::
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\npxe7mlk.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?clien ... Y-YYYB8&q=

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Jarda63 · #7 Příspěvek od **Jarda63** » 30 črc 2011 11:08

mám problém, hlásí mi to, že mám zaplé rezidenční štíty AVG, Avast, a ESET NOD. Podařilo se mi vypnout pouze Avast. Ostatní antiviry jsou ale nefunkční a tak nevím jak je vypnout.

#8 Příspěvek od **Roli** » 30 črc 2011 15:36

No a je to tu, však jsem ti psal že tam máš nacpáno vícero antivirů.

Tu hlášku ignoruj a uvidíme co to provede.

Jarda63 · #9 Příspěvek od **Jarda63** » 30 črc 2011 16:15

ComboFix 11-07-29.03 - Uživatel 30.07.2011 17:00:25.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1790.929 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Uživatel\Plocha\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
.
FILE ::
"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"
"c:\windows\unrar.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\UIVATE~1\LOCALS~1\Temp\9112134.exe
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_32.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\FreeSwiftAntiVirus
c:\program files\FreeSwiftAntiVirus\db\daily.cvd
c:\program files\FreeSwiftAntiVirus\db\main.cvd
c:\program files\FreeSwiftAntiVirus\db\mirrors.dat
c:\program files\FreeSwiftAntiVirus\Images\appl.png
c:\program files\FreeSwiftAntiVirus\Images\appl_h.png
c:\program files\FreeSwiftAntiVirus\Images\exe.png
c:\program files\FreeSwiftAntiVirus\Images\exe_h.png
c:\program files\FreeSwiftAntiVirus\Images\fast.png
c:\program files\FreeSwiftAntiVirus\Images\fast_h.png
c:\program files\FreeSwiftAntiVirus\Images\fullscan.png
c:\program files\FreeSwiftAntiVirus\Images\fullscan_h.png
c:\program files\FreeSwiftAntiVirus\Images\help.png
c:\program files\FreeSwiftAntiVirus\Images\help_h.png
c:\program files\FreeSwiftAntiVirus\Images\intro.PNG
c:\program files\FreeSwiftAntiVirus\Images\memory.png
c:\program files\FreeSwiftAntiVirus\Images\memory_h.png
c:\program files\FreeSwiftAntiVirus\Images\settings.png
c:\program files\FreeSwiftAntiVirus\Images\settings_h.png
c:\program files\FreeSwiftAntiVirus\Images\schedual.png
c:\program files\FreeSwiftAntiVirus\Images\schedual_h.png
c:\program files\FreeSwiftAntiVirus\Images\splash2.PNG
c:\program files\FreeSwiftAntiVirus\Images\Thumbs.db
c:\program files\FreeSwiftAntiVirus\Images\updatedb.png
c:\program files\FreeSwiftAntiVirus\Images\updatedb_h.png
c:\program files\FreeSwiftAntiVirus\tools\register.exe
c:\program files\FreeSwiftAntiVirus\tools\register_y.exe
c:\program files\IObit Toolbar
c:\program files\IObit Toolbar\FF\chrome.manifest
c:\program files\IObit Toolbar\FF\chrome\content\chevron.js
c:\program files\IObit Toolbar\FF\chrome\content\chevron.xul
c:\program files\IObit Toolbar\FF\chrome\content\login.js
c:\program files\IObit Toolbar\FF\chrome\content\login.xul
c:\program files\IObit Toolbar\FF\chrome\content\parser.js
c:\program files\IObit Toolbar\FF\chrome\content\RssTickerWidget.js
c:\program files\IObit Toolbar\FF\chrome\content\searchbox.js
c:\program files\IObit Toolbar\FF\chrome\content\searchbox.xul
c:\program files\IObit Toolbar\FF\chrome\content\utils.js
c:\program files\IObit Toolbar\FF\chrome\content\widgicomm.js
c:\program files\IObit Toolbar\FF\chrome\content\widgihandling.js
c:\program files\IObit Toolbar\FF\chrome\content\widgichevron.js
c:\program files\IObit Toolbar\FF\chrome\content\widgilisteners.js
c:\program files\IObit Toolbar\FF\chrome\content\widgitoolbarplugin.js
c:\program files\IObit Toolbar\FF\chrome\content\widgitoolbarplugin.xul
c:\program files\IObit Toolbar\FF\chrome\content\widgiui.js
c:\program files\IObit Toolbar\FF\chrome\locale\EN-US\searchbox.dtd
c:\program files\IObit Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd
c:\program files\IObit Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties
c:\program files\IObit Toolbar\FF\chrome\locale\EN-US\yahoo-search.gif
c:\program files\IObit Toolbar\FF\chrome\skin\amazon.gif
c:\program files\IObit Toolbar\FF\chrome\skin\ebay.gif
c:\program files\IObit Toolbar\FF\chrome\skin\chevron.gif
c:\program files\IObit Toolbar\FF\chrome\skin\icon_settings.gif
c:\program files\IObit Toolbar\FF\chrome\skin\iobit_logo.gif
c:\program files\IObit Toolbar\FF\chrome\skin\iobit_logo_hover.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search-button-hover.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search-button.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search-chevron-hover.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search-chevron.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search_amazon.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search_ebay.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search_yahoo.gif
c:\program files\IObit Toolbar\FF\chrome\skin\searchbox.css
c:\program files\IObit Toolbar\FF\chrome\skin\security.gif
c:\program files\IObit Toolbar\FF\chrome\skin\splitter.gif
c:\program files\IObit Toolbar\FF\chrome\skin\system.gif
c:\program files\IObit Toolbar\FF\chrome\skin\widgitoolbarplugin.css
c:\program files\IObit Toolbar\FF\install.rdf
c:\program files\IObit Toolbar\IE\4.5\config.ini
c:\program files\IObit Toolbar\Res\amazon.gif
c:\program files\IObit Toolbar\Res\ebay.gif
c:\program files\IObit Toolbar\Res\icon_settings.gif
c:\program files\IObit Toolbar\Res\iobit_logo.gif
c:\program files\IObit Toolbar\Res\iobit_logo_hover.gif
c:\program files\IObit Toolbar\Res\search-button-hover.gif
c:\program files\IObit Toolbar\Res\search-button.gif
c:\program files\IObit Toolbar\Res\search-chevron-hover.gif
c:\program files\IObit Toolbar\Res\search-chevron.gif
c:\program files\IObit Toolbar\Res\search_amazon.gif
c:\program files\IObit Toolbar\Res\search_ebay.gif
c:\program files\IObit Toolbar\Res\search_yahoo.gif
c:\program files\IObit Toolbar\Res\security.gif
c:\program files\IObit Toolbar\Res\system.gif
c:\program files\IObit Toolbar\Res\widgets.xml
c:\program files\IObit Toolbar\WidgiHelper.exe
c:\windows\av_ico
c:\windows\av_ico\ico_avast_desktop.ico
c:\windows\av_ico\ico_avast_start.ico
c:\windows\av_ico\ico_NOD_AV_START.ico
c:\windows\av_ico\ico_NOD_SYSINSP.ico
c:\windows\av_ico\ico_NOD_SYSRESC.ico
c:\windows\av_ico\ico_NOD_TXT.ico
c:\windows\av_ico\ico_NOD_UNINSTALL.ico
c:\windows\btc_client_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\geoiplist
c:\windows\geoiplist.rar
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\l1rezerv.exe
c:\windows\loader2.exe_ok
c:\windows\phoenix
c:\windows\phoenix.rar
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\proc_list1.log
c:\windows\rpcminer
c:\windows\rpcminer.rar
c:\windows\rpcminer\bitcoinminercuda_10.cubin
c:\windows\rpcminer\bitcoinminercuda_11.cubin
c:\windows\rpcminer\bitcoinminercuda_20.cubin
c:\windows\rpcminer\bitcoinmineropencl.cl
c:\windows\rpcminer\cudart32_32_16.dll
c:\windows\rpcminer\curllib.dll
c:\windows\rpcminer\libeay32.dll
c:\windows\rpcminer\libsasl.dll
c:\windows\rpcminer\openldap.dll
c:\windows\rpcminer\rpcminer-4way.exe
c:\windows\rpcminer\rpcminer-cpu.exe
c:\windows\rpcminer\rpcminer-cuda.exe
c:\windows\rpcminer\rpcminer-opencl.exe
c:\windows\rpcminer\ssleay32.dll
c:\windows\sysdriver32.exe
c:\windows\sysdriver32_.exe
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
c:\windows\TEMP\3224990.exe
c:\windows\ufa
c:\windows\ufa.rar
c:\windows\ufa\ufa.exe
c:\windows\unrar.exe
c:\windows\update.2
c:\windows\update.2\svchost.exe
c:\windows\update.5.0
c:\windows\update.5.0\svchost.exe
c:\windows\update.tray-12-0-lnk
c:\windows\update.tray-12-0-lnk\svchost.exe
c:\windows\update.tray-12-0
c:\windows\update.tray-12-0\svchost.exe
c:\windows\update.tray-2-0-lnk
c:\windows\update.tray-2-0-lnk\svchost.exe
c:\windows\update.tray-2-0
c:\windows\update.tray-2-0\svchost.exe
c:\windows\update.tray-7-0-lnk
c:\windows\update.tray-7-0-lnk\svchost.exe
c:\windows\update.tray-7-0
c:\windows\update.tray-7-0\svchost.exe
c:\windows\winsetupapi.log
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SRVBTCCLIENT
-------\Legacy_SRVIECHECK
-------\Legacy_SRVSYSDRIVER32
-------\Service_srvbtcclient
-------\Service_srviecheck
-------\Service_srvsysdriver32
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-28 do 2011-07-30 )))))))))))))))))))))))))))))))
.
.
2011-07-30 06:31 . 2011-07-30 06:31 -------- d-----w- c:\program files\AVAST Software
2011-07-30 06:31 . 2011-07-30 06:31 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-07-29 13:26 . 2011-07-29 13:26 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Malwarebytes
2011-07-29 13:26 . 2011-07-29 13:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-07-29 13:26 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-29 13:26 . 2011-07-29 13:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-29 13:26 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-29 13:16 . 2011-07-29 13:16 -------- d-----w- c:\program files\CCleaner
2011-07-29 11:34 . 2011-07-29 12:59 -------- d-----w- c:\program files\trend micro
2011-07-29 11:34 . 2011-07-29 11:35 -------- d-----w- C:\rsit
2011-07-28 07:04 . 2011-07-28 07:04 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\AppZilla_Software
2011-07-26 16:10 . 2011-06-20 15:48 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-07-24 06:37 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-24 06:37 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-24 06:37 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-24 06:37 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-24 06:37 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-24 06:37 . 2011-07-04 11:35 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-24 06:37 . 2011-07-04 11:35 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-24 06:37 . 2011-07-04 11:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-24 06:37 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-24 06:37 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-23 22:51 . 2011-05-25 03:53 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-07-23 22:51 . 2011-05-25 03:53 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-07-23 22:51 . 2011-05-25 03:42 5922816 ----a-w- c:\windows\system32\aticaldd.dll
2011-07-23 22:51 . 2011-05-25 03:07 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-07-23 22:51 . 2011-05-25 02:38 64512 ----a-w- c:\windows\system32\atimpc32.dll
2011-07-23 22:51 . 2011-05-25 02:34 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-07-23 22:51 . 2009-05-11 21:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2011-07-23 22:50 . 2011-07-23 22:50 -------- d-----w- c:\documents and settings\Default User\Local Settings\Data aplikací\ATI
2011-07-23 22:50 . 2011-07-23 22:50 -------- d-----w- c:\documents and settings\Default User\Data aplikací\ATI
2011-07-23 22:40 . 2011-07-23 22:40 -------- d-----w- C:\ATI
2011-07-23 22:09 . 2011-07-23 22:09 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2011-07-07 17:24 . 2011-07-07 17:24 -------- d-----w- c:\program files\BSP Multimedia
2011-07-05 15:42 . 2008-04-14 05:43 31744 ----a-w- c:\windows\system32\drivers\wceusbsh.sys
2011-07-05 13:57 . 2011-07-05 13:57 -------- d-----w- c:\program files\FDRLab
2011-07-04 05:46 . 2011-07-04 05:46 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Registry Mechanic
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-02 17:48 . 2011-06-20 15:49 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-20 08:31 . 2011-06-20 15:42 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-06-13 06:07 . 2011-05-19 18:18 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-06 11:35 . 2008-04-14 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-06-02 17:53 . 2011-06-02 17:53 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-05-25 04:21 . 2008-10-28 19:11 6554624 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2011-05-25 04:15 . 2009-04-03 06:37 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2011-05-25 03:47 . 2008-10-28 18:11 17989632 ----a-w- c:\windows\system32\atioglxx.dll
2011-05-25 03:14 . 2008-10-28 17:58 4059328 ----a-w- c:\windows\system32\ati3duag.dll
2011-05-25 03:05 . 2008-10-28 17:18 503808 ----a-w- c:\windows\system32\atiok3x2.dll
2011-05-25 02:58 . 2008-10-28 17:18 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 02:56 . 2009-04-03 06:37 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-05-25 02:55 . 2008-10-28 18:22 302592 ----a-w- c:\windows\system32\ati2dvag.dll
2011-05-25 02:54 . 2008-10-28 17:41 3152384 ----a-w- c:\windows\system32\ativvaxx.dll
2011-05-25 02:39 . 2008-10-28 18:11 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2011-05-25 02:39 . 2008-10-28 18:11 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2011-05-25 02:39 . 2008-10-28 18:11 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-05-25 02:39 . 2008-10-28 18:11 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-05-25 02:38 . 2008-10-28 17:25 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2011-05-25 02:38 . 2008-10-28 18:10 188416 ----a-w- c:\windows\system32\ati2evxx.dll
2011-05-25 02:37 . 2008-10-28 18:09 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2011-05-25 02:36 . 2008-10-28 18:07 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-05-25 02:31 . 2008-10-28 17:21 651264 ----a-w- c:\windows\system32\atikvmag.dll
2011-05-25 02:27 . 2008-10-28 17:19 200704 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:27 . 2008-10-28 17:19 17408 ----a-w- c:\windows\system32\atitvo32.dll
2011-05-25 02:22 . 2008-10-28 17:12 856064 ----a-w- c:\windows\system32\ati2cqag.dll
2011-05-04 02:52 . 2011-06-28 07:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2009-04-21 07:59 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-05-02 15:32 . 2009-04-03 06:19 692736 ----a-w- c:\windows\system32\inetcomm.dll
2009-07-15 08:54 . 2009-11-03 08:00 78823633 ----a-w- c:\program files\band-in-a-box-2006.exe
2011-06-07 22:26 . 2011-06-07 22:26 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.

Kód: Vybrat vše

<pre>
c:\program files\eMule\Incoming\(CD version) aebersold trumpet book jazz .exe
</pre>

.
((((((((((((((((((((((((((((( SnapShot@2011-07-29_20.49.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-30 15:09 . 2011-07-30 15:09 16384 c:\windows\temp\Perflib_Perfdata_348.dat
+ 2011-07-30 10:31 . 2001-11-09 15:01 24064 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ativcoxx.dll
+ 2011-07-30 10:31 . 2011-05-25 02:27 17408 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atitvo32.dll
+ 2011-07-30 10:31 . 2009-06-22 15:34 45056 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ATIODCLI.exe
+ 2011-07-30 10:31 . 2011-05-25 02:38 64512 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atimpc32.dll
+ 2011-07-30 10:31 . 2011-05-25 02:36 53248 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ATIDDC.DLL
+ 2011-07-30 10:31 . 2011-05-25 03:53 57344 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\aticalrt.dll
+ 2011-07-30 10:31 . 2011-05-25 03:53 53248 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\aticalcl.dll
+ 2011-07-30 10:31 . 2011-05-25 02:39 26112 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\Ati2mdxx.exe
+ 2011-07-30 10:31 . 2011-05-25 02:58 53248 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati2erec.dll
+ 2011-07-30 10:31 . 2011-05-25 02:39 43520 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati2edxx.dll
- 2011-07-23 22:50 . 2011-07-23 22:50 10134 c:\windows\Installer\{5ECA5B22-4073-8A6D-2E7E-8F4C39FC4309}\ARPPRODUCTICON.exe
+ 2011-07-30 10:31 . 2011-07-30 10:31 10134 c:\windows\Installer\{5ECA5B22-4073-8A6D-2E7E-8F4C39FC4309}\ARPPRODUCTICON.exe
+ 2011-07-23 22:51 . 2011-07-30 10:31 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
- 2011-07-23 22:51 . 2011-07-23 22:51 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
- 2011-07-23 22:51 . 2011-07-23 22:51 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-23 22:51 . 2011-07-30 10:31 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
- 2011-07-23 22:51 . 2011-07-23 22:51 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-23 22:51 . 2011-07-30 10:31 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
- 2011-07-23 22:51 . 2011-07-23 22:51 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-23 22:51 . 2011-07-30 10:31 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-30 10:31 . 2011-07-30 10:31 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\ARPPRODUCTICON.exe
- 2011-07-23 22:51 . 2011-07-23 22:51 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\ARPPRODUCTICON.exe
+ 2011-07-30 10:31 . 2011-05-25 02:39 155648 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\Oemdspif.dll
+ 2011-07-30 10:31 . 2011-05-25 03:07 956160 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ativvamv.dll
+ 2011-07-30 10:31 . 2011-05-25 02:51 887724 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ativva6x.dat
+ 2011-07-30 10:31 . 2011-05-25 02:39 212992 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atipdlxx.dll
+ 2011-07-30 10:31 . 2011-05-25 03:05 503808 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atiok3x2.dll
+ 2011-07-30 10:31 . 2010-08-27 18:32 294912 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ATIODE.exe
+ 2011-07-30 10:31 . 2011-05-25 02:31 651264 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atikvmag.dll
+ 2011-07-30 10:31 . 2011-05-25 04:15 311296 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atiiiexx.dll
+ 2011-07-30 10:31 . 2011-04-20 16:30 233765 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atiicdxx.dat
+ 2011-07-30 10:31 . 2011-05-25 02:56 462848 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ATIDEMGX.dll
+ 2011-07-30 10:31 . 2009-05-11 21:35 118784 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atibtmon.exe
+ 2011-07-30 10:31 . 2011-05-25 02:34 151552 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atiapfxx.exe
+ 2011-07-30 10:31 . 2011-05-25 02:27 200704 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atiadlxx.dll
+ 2011-07-30 10:31 . 2011-05-25 02:37 643072 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati2evxx.exe
+ 2011-07-30 10:31 . 2011-05-25 02:38 188416 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati2evxx.dll
+ 2011-07-30 10:31 . 2011-05-25 02:55 302592 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati2dvag.dll
+ 2011-07-30 10:31 . 2011-05-25 02:22 856064 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati2cqag.dll
+ 2011-07-30 10:31 . 2011-07-30 10:31 438272 c:\windows\Installer\d5517d.msi
+ 2011-07-30 10:31 . 2011-05-25 02:54 3152384 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ativvaxx.dll
+ 2011-07-30 10:31 . 2011-05-25 03:42 5922816 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\aticaldd.dll
+ 2011-07-30 10:31 . 2011-05-25 03:14 4059328 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati3duag.dll
+ 2011-07-30 10:31 . 2011-05-25 04:21 6554624 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati2mtag.sys
+ 2011-07-30 10:31 . 2011-07-30 10:31 1597440 c:\windows\Installer\d55184.msi
+ 2011-07-30 10:31 . 2011-05-25 03:47 17989632 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atioglxx.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"l1rezerv.exe"="c:\windows\l1rezerv.exe" [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Cucku Backup.lnk]
backup=c:\windows\pss\Cucku Backup.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GEST]
= [X]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\LiveUpdate\\LiveUpdate.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\DVBTAP.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\Cucku\\Cucku Backup\\Cucku.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"d:\\Program Files\\QIP Infium\\infium.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [20.6.2011 17:42 64512]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5.4.2009 18:53 691696]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [3.4.2009 10:45 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [3.4.2009 10:45 108552]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2010 13:47 94872]
R2 CuckuSrv;Cucku Backup;c:\program files\Cucku\Cucku Backup\CuckuSrv.exe [25.7.2009 4:31 63280]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [20.6.2011 11:33 821080]
R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [20.6.2011 11:34 140848]
R3 EuMusDesignVirtualAudioCableWdm_s2x;Sound2x Audio Cable (WDM);c:\windows\system32\drivers\vacs2xkd.sys [23.8.2009 0:32 42880]
R3 PhilCap;WinFast PxDTV2300 H service;c:\windows\system32\drivers\PhilCap.sys [8.4.2009 20:22 922496]
S2 ekrn;ESET Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26.6.2010 21:29 136176]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [23.8.2009 0:32 16512]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [5.3.2011 12:25 36608]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [26.6.2010 21:29 136176]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [20.6.2011 10:31 15232]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [29.7.2011 15:26 41272]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [6.3.2011 19:58 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [6.3.2011 19:58 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [6.3.2011 19:58 123648]
S3 V2210VID;DigitalCam Pro;c:\windows\system32\drivers\V2210vid.sys [29.10.2009 1:49 434368]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 14:00 14336]
S4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [24.6.2011 17:30 393112]
S4 DCMessages;DCMessages;c:\windows\system32\DCMessages.exe [30.1.2011 15:37 99720]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [20.6.2011 10:31 2151640]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-29 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-06-20 11:19]
.
2011-07-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 05:12]
.
2011-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 05:12]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 84.244.102.11 192.168.1.1
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\npxe7mlk.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-30 17:11
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(892)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(1848)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\devldr32.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\MsPMSPSv.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-07-30 17:12:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-30 15:12
ComboFix2.txt 2011-07-29 20:52
.
Před spuštěním: 1 199 730 688
Po spuštění: 1 260 744 704
.
- - End Of File - - 3EDEA00D4A5D527926703A06F084864C

#10 Příspěvek od **Roli** » 30 črc 2011 17:54

Nejdříve odinstaluj všechny antiviry kromě Avastu, jen na AVG použij AVG Remover

Pak ještě jednou si otevři Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

KillAll::

File::  
c:\windows\l1rezerv.exe

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"l1rezerv.exe"=-

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Jarda63 · #11 Příspěvek od **Jarda63** » 30 črc 2011 18:42

ComboFix 11-07-29.03 - Uživatel 30.07.2011 19:33:35.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1790.1121 [GMT 2:00]
Spuštěný z: c:\documents and settings\U×ivatel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\U×ivatel\Plocha\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-28 do 2011-07-30 )))))))))))))))))))))))))))))))
.
.
2011-07-30 06:31 . 2011-07-30 06:31 -------- d-----w- c:\program files\AVAST Software
2011-07-30 06:31 . 2011-07-30 06:31 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-07-29 13:26 . 2011-07-29 13:26 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Malwarebytes
2011-07-29 13:26 . 2011-07-29 13:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-07-29 13:26 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-29 13:26 . 2011-07-29 13:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-29 13:26 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-29 13:16 . 2011-07-29 13:16 -------- d-----w- c:\program files\CCleaner
2011-07-29 11:34 . 2011-07-29 12:59 -------- d-----w- c:\program files\trend micro
2011-07-29 11:34 . 2011-07-29 11:35 -------- d-----w- C:\rsit
2011-07-28 07:04 . 2011-07-28 07:04 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\AppZilla_Software
2011-07-26 16:10 . 2011-06-20 15:48 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-07-24 06:37 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-24 06:37 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-24 06:37 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-24 06:37 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-24 06:37 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-24 06:37 . 2011-07-04 11:35 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-24 06:37 . 2011-07-04 11:35 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-24 06:37 . 2011-07-04 11:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-24 06:37 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-24 06:37 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-23 22:51 . 2011-05-25 03:53 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-07-23 22:51 . 2011-05-25 03:53 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-07-23 22:51 . 2011-05-25 03:42 5922816 ----a-w- c:\windows\system32\aticaldd.dll
2011-07-23 22:51 . 2011-05-25 03:07 956160 ----a-w- c:\windows\system32\ativvamv.dll
2011-07-23 22:51 . 2011-05-25 02:38 64512 ----a-w- c:\windows\system32\atimpc32.dll
2011-07-23 22:51 . 2011-05-25 02:34 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-07-23 22:51 . 2009-05-11 21:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2011-07-23 22:50 . 2011-07-23 22:50 -------- d-----w- c:\documents and settings\Default User\Local Settings\Data aplikací\ATI
2011-07-23 22:50 . 2011-07-23 22:50 -------- d-----w- c:\documents and settings\Default User\Data aplikací\ATI
2011-07-23 22:40 . 2011-07-23 22:40 -------- d-----w- C:\ATI
2011-07-23 22:09 . 2011-07-23 22:09 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2011-07-07 17:24 . 2011-07-07 17:24 -------- d-----w- c:\program files\BSP Multimedia
2011-07-05 15:42 . 2008-04-14 05:43 31744 ----a-w- c:\windows\system32\drivers\wceusbsh.sys
2011-07-05 13:57 . 2011-07-05 13:57 -------- d-----w- c:\program files\FDRLab
2011-07-04 05:46 . 2011-07-04 05:46 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Registry Mechanic
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-02 17:48 . 2011-06-20 15:49 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-20 08:31 . 2011-06-20 15:42 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-06-13 06:07 . 2011-05-19 18:18 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-06 11:35 . 2008-04-14 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-06-02 17:53 . 2011-06-02 17:53 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-05-25 04:21 . 2008-10-28 19:11 6554624 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2011-05-25 04:15 . 2009-04-03 06:37 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2011-05-25 03:47 . 2008-10-28 18:11 17989632 ----a-w- c:\windows\system32\atioglxx.dll
2011-05-25 03:14 . 2008-10-28 17:58 4059328 ----a-w- c:\windows\system32\ati3duag.dll
2011-05-25 03:05 . 2008-10-28 17:18 503808 ----a-w- c:\windows\system32\atiok3x2.dll
2011-05-25 02:58 . 2008-10-28 17:18 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-05-25 02:56 . 2009-04-03 06:37 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-05-25 02:55 . 2008-10-28 18:22 302592 ----a-w- c:\windows\system32\ati2dvag.dll
2011-05-25 02:54 . 2008-10-28 17:41 3152384 ----a-w- c:\windows\system32\ativvaxx.dll
2011-05-25 02:39 . 2008-10-28 18:11 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2011-05-25 02:39 . 2008-10-28 18:11 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2011-05-25 02:39 . 2008-10-28 18:11 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-05-25 02:39 . 2008-10-28 18:11 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-05-25 02:38 . 2008-10-28 17:25 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2011-05-25 02:38 . 2008-10-28 18:10 188416 ----a-w- c:\windows\system32\ati2evxx.dll
2011-05-25 02:37 . 2008-10-28 18:09 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2011-05-25 02:36 . 2008-10-28 18:07 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-05-25 02:31 . 2008-10-28 17:21 651264 ----a-w- c:\windows\system32\atikvmag.dll
2011-05-25 02:27 . 2008-10-28 17:19 200704 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-25 02:27 . 2008-10-28 17:19 17408 ----a-w- c:\windows\system32\atitvo32.dll
2011-05-25 02:22 . 2008-10-28 17:12 856064 ----a-w- c:\windows\system32\ati2cqag.dll
2011-05-04 02:52 . 2011-06-28 07:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-04 00:25 . 2009-04-21 07:59 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-05-02 15:32 . 2009-04-03 06:19 692736 ----a-w- c:\windows\system32\inetcomm.dll
2009-07-15 08:54 . 2009-11-03 08:00 78823633 ----a-w- c:\program files\band-in-a-box-2006.exe
2011-06-07 22:26 . 2011-06-07 22:26 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.

Kód: Vybrat vše

<pre>
c:\program files\eMule\Incoming\(CD version) aebersold trumpet book jazz .exe
</pre>

.
((((((((((((((((((((((((((((( SnapShot@2011-07-29_20.49.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-30 17:28 . 2011-07-30 17:28 16384 c:\windows\temp\Perflib_Perfdata_3a8.dat
+ 2011-07-30 10:31 . 2001-11-09 15:01 24064 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ativcoxx.dll
+ 2011-07-30 10:31 . 2011-05-25 02:27 17408 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atitvo32.dll
+ 2011-07-30 10:31 . 2009-06-22 15:34 45056 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ATIODCLI.exe
+ 2011-07-30 10:31 . 2011-05-25 02:38 64512 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atimpc32.dll
+ 2011-07-30 10:31 . 2011-05-25 02:36 53248 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ATIDDC.DLL
+ 2011-07-30 10:31 . 2011-05-25 03:53 57344 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\aticalrt.dll
+ 2011-07-30 10:31 . 2011-05-25 03:53 53248 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\aticalcl.dll
+ 2011-07-30 10:31 . 2011-05-25 02:39 26112 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\Ati2mdxx.exe
+ 2011-07-30 10:31 . 2011-05-25 02:58 53248 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati2erec.dll
+ 2011-07-30 10:31 . 2011-05-25 02:39 43520 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati2edxx.dll
- 2011-07-23 22:50 . 2011-07-23 22:50 10134 c:\windows\Installer\{5ECA5B22-4073-8A6D-2E7E-8F4C39FC4309}\ARPPRODUCTICON.exe
+ 2011-07-30 10:31 . 2011-07-30 10:31 10134 c:\windows\Installer\{5ECA5B22-4073-8A6D-2E7E-8F4C39FC4309}\ARPPRODUCTICON.exe
+ 2011-07-23 22:51 . 2011-07-30 10:31 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
- 2011-07-23 22:51 . 2011-07-23 22:51 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
- 2011-07-23 22:51 . 2011-07-23 22:51 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-23 22:51 . 2011-07-30 10:31 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
- 2011-07-23 22:51 . 2011-07-23 22:51 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-23 22:51 . 2011-07-30 10:31 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
- 2011-07-23 22:51 . 2011-07-23 22:51 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-23 22:51 . 2011-07-30 10:31 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-07-30 10:31 . 2011-07-30 10:31 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\ARPPRODUCTICON.exe
- 2011-07-23 22:51 . 2011-07-23 22:51 77542 c:\windows\Installer\{1DA75811-6C2C-ABFA-7DBF-9B9EDAA005E3}\ARPPRODUCTICON.exe
+ 2011-07-30 10:31 . 2011-05-25 02:39 155648 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\Oemdspif.dll
+ 2011-07-30 10:31 . 2011-05-25 03:07 956160 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ativvamv.dll
+ 2011-07-30 10:31 . 2011-05-25 02:51 887724 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ativva6x.dat
+ 2011-07-30 10:31 . 2011-05-25 02:39 212992 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atipdlxx.dll
+ 2011-07-30 10:31 . 2011-05-25 03:05 503808 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atiok3x2.dll
+ 2011-07-30 10:31 . 2010-08-27 18:32 294912 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ATIODE.exe
+ 2011-07-30 10:31 . 2011-05-25 02:31 651264 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atikvmag.dll
+ 2011-07-30 10:31 . 2011-05-25 04:15 311296 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atiiiexx.dll
+ 2011-07-30 10:31 . 2011-04-20 16:30 233765 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atiicdxx.dat
+ 2011-07-30 10:31 . 2011-05-25 02:56 462848 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ATIDEMGX.dll
+ 2011-07-30 10:31 . 2009-05-11 21:35 118784 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atibtmon.exe
+ 2011-07-30 10:31 . 2011-05-25 02:34 151552 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atiapfxx.exe
+ 2011-07-30 10:31 . 2011-05-25 02:27 200704 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atiadlxx.dll
+ 2011-07-30 10:31 . 2011-05-25 02:37 643072 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati2evxx.exe
+ 2011-07-30 10:31 . 2011-05-25 02:38 188416 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati2evxx.dll
+ 2011-07-30 10:31 . 2011-05-25 02:55 302592 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati2dvag.dll
+ 2011-07-30 10:31 . 2011-05-25 02:22 856064 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati2cqag.dll
+ 2011-07-30 10:31 . 2011-07-30 10:31 438272 c:\windows\Installer\d5517d.msi
+ 2011-07-30 10:31 . 2011-05-25 02:54 3152384 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ativvaxx.dll
+ 2011-07-30 10:31 . 2011-05-25 03:42 5922816 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\aticaldd.dll
+ 2011-07-30 10:31 . 2011-05-25 03:14 4059328 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati3duag.dll
+ 2011-07-30 10:31 . 2011-05-25 04:21 6554624 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\ati2mtag.sys
+ 2011-07-30 10:31 . 2011-07-30 10:31 1597440 c:\windows\Installer\d55184.msi
+ 2011-07-30 10:31 . 2011-05-25 03:47 17989632 c:\windows\system32\ReinstallBackups\0005\DriverFiles\B119700\atioglxx.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"l1rezerv.exe"="c:\windows\l1rezerv.exe" [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Cucku Backup.lnk]
backup=c:\windows\pss\Cucku Backup.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GEST]
= [X]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\LiveUpdate\\LiveUpdate.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\DVBTAP.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"d:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\Cucku\\Cucku Backup\\Cucku.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"d:\\Program Files\\QIP Infium\\infium.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [20.6.2011 17:42 64512]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5.4.2009 18:53 691696]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2010 13:47 94872]
R2 CuckuSrv;Cucku Backup;c:\program files\Cucku\Cucku Backup\CuckuSrv.exe [25.7.2009 4:31 63280]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [20.6.2011 11:33 821080]
R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [20.6.2011 11:34 140848]
R3 EuMusDesignVirtualAudioCableWdm_s2x;Sound2x Audio Cable (WDM);c:\windows\system32\drivers\vacs2xkd.sys [23.8.2009 0:32 42880]
R3 PhilCap;WinFast PxDTV2300 H service;c:\windows\system32\drivers\PhilCap.sys [8.4.2009 20:22 922496]
S2 ekrn;ESET Service;"c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe" --> c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26.6.2010 21:29 136176]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [23.8.2009 0:32 16512]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [5.3.2011 12:25 36608]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [26.6.2010 21:29 136176]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [20.6.2011 10:31 15232]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [29.7.2011 15:26 41272]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [6.3.2011 19:58 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [6.3.2011 19:58 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [6.3.2011 19:58 123648]
S3 V2210VID;DigitalCam Pro;c:\windows\system32\drivers\V2210vid.sys [29.10.2009 1:49 434368]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 14:00 14336]
S4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [24.6.2011 17:30 393112]
S4 DCMessages;DCMessages;c:\windows\system32\DCMessages.exe [30.1.2011 15:37 99720]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [20.6.2011 10:31 2151640]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-29 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-06-20 11:19]
.
2011-07-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 05:12]
.
2011-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 05:12]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 84.244.102.11 192.168.1.1
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\npxe7mlk.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-30 19:40
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(876)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(2992)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
Celkový čas: 2011-07-30 19:42:01
ComboFix-quarantined-files.txt 2011-07-30 17:41
ComboFix2.txt 2011-07-30 15:12
ComboFix3.txt 2011-07-29 20:52
.
Před spuštěním: 1 355 272 192
Po spuštění: 1 335 521 280
.
- - End Of File - - D235B87AEAD2D58B02FDB956882E8F8A

#12 Příspěvek od **Roli** » 30 črc 2011 19:04

Se mu nějak nechce.

Tak jinak přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
c:\*.tmp
c:\WINDOWS\System32\*.tmp
c:\WINDOWS\*.tmp
c:\windows\l1rezerv.exe

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"l1rezerv.exe"=-

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

Jarda63 · #13 Příspěvek od **Jarda63** » 30 črc 2011 22:16

po vložení textu do levého okna a po stlačení tlačítka OTMOVELT se počítač restartuje, ale složka C:\_OTMoveIt\MovedFiles\ po naběhnutí systému se nedá najít

#14 Příspěvek od **Roli** » 30 črc 2011 22:21

Tak mi sem dej aktuální log.txt z Rsit.

Jarda63 · #15 Příspěvek od **Jarda63** » 30 črc 2011 22:25

Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2011-07-30 23:25:36
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 2 GB (4%) free of 50 GB
Total RAM: 1790 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:25:45, on 30.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Cucku\Cucku Backup\CuckuSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ICQ7.5\ICQ.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Cucku Backup (CuckuSrv) - Cucku, Inc - C:\Program Files\Cucku\Cucku Backup\CuckuSrv.exe
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 4789 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\npxe7mlk.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "extensions.enabledItems" - "xmlfiller@software602.cz:3.16.2, toolbar@ask.com:3.8.0.99999, DTToolbar@toolbarnet.com:1.0.7.0088, dealio@mybrowserbar.com:4.4, {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6, fdm_ffext@freedownloadmanager.org:1.3.2, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {d51d388b-f5dc-471a-a1ce-5e2d671091c0}:2.7.2.0, {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3, avg@igeared:3.011.025.005, wtxpcom@mybrowserbar.com:4.4, iobit@mybrowserbar.com:4.4, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, firefox@bandoo.com:5.0, plugin2@gameplaylabs.com:2.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
"avg@igeared"=C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69]
"Description"=6.0.12.69
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
xmlfiller@software602.cz
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
AskHPRFF.js
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIFillerPlugin.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npfiller.dll
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprpjplug.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\npxe7mlk.default\extensions\
engine@conduit.com
firefox@bandoo.com
plugin2@gameplaylabs.com
toolbar@ask.com
xmlfiller@software602.cz
{20a82645-c095-46ed-80e3-08825760534b}
{7b13ec3e-999a-4b70-b9cb-2617b8323822}
{800b5000-a755-47e1-992b-48a1c1357f07}
{d51d388b-f5dc-471a-a1ce-5e2d671091c0}
{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}

C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\npxe7mlk.default\searchplugins\
askcom.xml
conduit.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
qipsearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GEST]
= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Cucku Backup.lnk]
C:\PROGRA~1\Cucku\CUCKUB~1\Cucku.exe [2009-07-25 382256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2008-03-25 214360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-05-25 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableSecureUIAPaths"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
""=
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\WinFast\WFDTV\LiveUpdate\LiveUpdate.exe"="C:\Program Files\WinFast\WFDTV\LiveUpdate\LiveUpdate.exe:*:Enabled:WF LiveUpdate Application"
"C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox"
"C:\Program Files\WinFast\WFDTV\DVBTAP.exe"="C:\Program Files\WinFast\WFDTV\DVBTAP.exe:*:Enabled:WinFast DTV Application"
"D:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="D:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"D:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="D:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"D:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="D:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\Cucku\Cucku Backup\Cucku.exe"="C:\Program Files\Cucku\Cucku Backup\Cucku.exe:*:Enabled:Cucku Backup"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"D:\Program Files\QIP Infium\infium.exe"="D:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.divxa32"=msaud32_divx.acm
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.ctmp3"=C:\WINDOWS\system32\ctmp3.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.MP43"=mpg4c32.dll
"vidc.dvsd"=dvc.dll
"VIDC.VQC6"=V2210dec.dll
"vidc.mjpg"=pvmjpg30.dll
"wave"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=ctwdm32.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2011-07-30 23:25:36 ----D---- C:\rsit
2011-07-30 22:34:19 ----SHD---- C:\RECYCLER
2011-07-30 17:07:32 ----D---- C:\WINDOWS\temp
2011-07-30 08:31:35 ----D---- C:\Program Files\AVAST Software
2011-07-30 08:31:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-07-29 22:41:42 ----RASHD---- C:\cmdcons
2011-07-29 22:34:26 ----D---- C:\Qoobox
2011-07-29 15:26:22 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Malwarebytes
2011-07-29 15:26:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-07-29 15:26:12 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-07-29 15:26:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-29 15:26:09 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-07-29 15:16:33 ----D---- C:\Program Files\CCleaner
2011-07-29 13:34:28 ----D---- C:\Program Files\trend micro
2011-07-28 09:03:06 ----A---- C:\ioY.ini
2011-07-27 11:23:39 ----A---- C:\Zástupce - Jednotka CD-ROM.lnk
2011-07-26 18:10:15 ----A---- C:\WINDOWS\system32\lsdelete.exe
2011-07-24 08:37:20 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-07-24 08:37:19 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-07-24 08:37:18 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-07-24 08:37:17 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-07-24 08:37:17 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-07-24 08:37:16 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-07-24 08:37:16 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-07-24 08:37:16 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-07-24 08:37:02 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-07-24 08:37:02 ----A---- C:\WINDOWS\avastSS.scr
2011-07-24 00:51:08 ----A---- C:\WINDOWS\system32\ativvamv.dll
2011-07-24 00:51:08 ----A---- C:\WINDOWS\system32\atimpc32.dll
2011-07-24 00:51:08 ----A---- C:\WINDOWS\system32\aticalrt.dll
2011-07-24 00:51:08 ----A---- C:\WINDOWS\system32\aticaldd.dll
2011-07-24 00:51:08 ----A---- C:\WINDOWS\system32\aticalcl.dll
2011-07-24 00:51:08 ----A---- C:\WINDOWS\system32\atibtmon.exe
2011-07-24 00:51:08 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2011-07-24 00:40:17 ----D---- C:\ATI
2011-07-16 02:59:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-16 02:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-07 19:24:40 ----A---- C:\WINDOWS\fonts\WING32.DLL
2011-07-07 19:24:34 ----D---- C:\Program Files\BSP Multimedia
2011-07-05 17:42:56 ----A---- C:\WINDOWS\system32\drivers\wceusbsh.sys
2011-07-05 15:57:33 ----D---- C:\Program Files\FDRLab
2011-07-04 07:46:43 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Registry Mechanic
2011-07-04 07:44:16 ----D---- C:\Program Files\Registry Mechanic

======List of files/folders modified in the last 1 month======

2011-07-30 23:22:49 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2011-07-30 23:19:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-30 23:19:03 ----D---- C:\WINDOWS\Prefetch
2011-07-30 23:01:12 ----SHD---- C:\System Volume Information
2011-07-30 23:01:12 ----D---- C:\WINDOWS\system32\Restore
2011-07-30 22:58:49 ----D---- C:\WINDOWS
2011-07-30 22:43:41 ----D---- C:\WINDOWS\system32
2011-07-30 19:40:38 ----A---- C:\WINDOWS\system.ini
2011-07-30 19:38:12 ----D---- C:\WINDOWS\system32\drivers
2011-07-30 19:38:12 ----D---- C:\WINDOWS\AppPatch
2011-07-30 19:38:09 ----D---- C:\Program Files\Common Files
2011-07-30 19:35:05 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\ICQ
2011-07-30 19:33:13 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-30 17:09:23 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-30 17:07:49 ----D---- C:\WINDOWS\system32\config
2011-07-30 17:07:18 ----RD---- C:\Program Files
2011-07-30 17:07:15 ----SD---- C:\WINDOWS\Tasks
2011-07-30 16:01:04 ----SHD---- C:\WINDOWS\Installer
2011-07-30 16:01:04 ----D---- C:\Config.Msi
2011-07-30 12:32:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-30 12:31:39 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-07-30 12:31:22 ----D---- C:\Program Files\ATI
2011-07-30 12:30:27 ----HD---- C:\WINDOWS\inf
2011-07-30 08:31:53 ----D---- C:\WINDOWS\WinSxS
2011-07-29 22:41:48 ----RASH---- C:\boot.ini
2011-07-29 22:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-07-29 15:19:26 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\DAEMON Tools Lite
2011-07-29 15:19:23 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Free Download Manager
2011-07-29 15:11:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2011-07-29 13:34:21 ----D---- C:\Program Files\Mozilla Firefox
2011-07-29 13:17:13 ----A---- C:\Boot.bak
2011-07-27 23:12:24 ----D---- C:\Program Files\eMule
2011-07-27 13:27:20 ----SD---- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft
2011-07-26 17:58:33 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-07-24 08:48:38 ----RD---- C:\Program Files\Skype
2011-07-24 08:48:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-07-24 08:48:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-07-24 08:06:56 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\go
2011-07-24 07:46:57 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\PriceGong
2011-07-24 00:51:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-07-24 00:51:05 ----D---- C:\Program Files\ATI Technologies
2011-07-23 08:52:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-07-21 23:10:49 ----D---- C:\WINDOWS\Debug
2011-07-21 16:49:35 ----D---- C:\temp
2011-07-16 02:55:20 ----A---- C:\WINDOWS\system32\MRT.exe
2011-07-15 20:30:12 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-15 20:29:03 ----D---- C:\Program Files\Application Updater
2011-07-07 19:24:40 ----RSD---- C:\WINDOWS\Fonts
2011-07-07 19:24:34 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-04 07:47:20 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-07-03 22:14:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2011-07-03 22:14:12 ----D---- C:\Program Files\DivX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2011-06-20 64512]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-05 691696]
R0 TPkd;TPkd; C:\WINDOWS\system32\drivers\TPkd.sys [2001-05-30 57600]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-04-07 278984]
R2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2003-07-29 40448]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-04-07 25416]
R2 PfFilter;PfFilter; \??\C:\Program Files\IObit\Protected Folder\pffilter.sys []
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R2 RVIEG01;VSC Engine; \??\C:\Program Files\Roland\Virtual Sound Canvas DXi\RVIEg01.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-05-25 6554624]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 EuMusDesignVirtualAudioCableWdm_s2x;Sound2x Audio Cable (WDM); C:\WINDOWS\system32\DRIVERS\vacs2xkd.sys [2007-11-01 42880]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-27 4754432]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-24 171520]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 PhilCap;WinFast PxDTV2300 H service; C:\WINDOWS\system32\DRIVERS\PhilCap.sys [2008-10-31 922496]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtHDMI.sys [2008-08-26 3684352]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-08-07 111360]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 ak4ttfuo;ak4ttfuo; C:\WINDOWS\system32\drivers\ak4ttfuo.sys []
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys []
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
S3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
S3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
S3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-01-24 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-01-24 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-01-24 21568]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 se45bus;Sony Ericsson Device 069 driver (WDM); C:\WINDOWS\system32\DRIVERS\se45bus.sys [2006-11-30 61536]
S3 se45mdfl;Sony Ericsson Device 069 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se45mdfl.sys [2006-11-30 9360]
S3 se45mdm;Sony Ericsson Device 069 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se45mdm.sys [2006-11-30 97088]
S3 se45mgmt;Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se45mgmt.sys [2006-11-30 88624]
S3 se45nd5;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS); C:\WINDOWS\system32\DRIVERS\se45nd5.sys [2006-11-30 18704]
S3 se45obex;Sony Ericsson Device 069 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se45obex.sys [2006-11-30 86432]
S3 se45unic;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM); C:\WINDOWS\system32\DRIVERS\se45unic.sys [2006-11-30 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 V2210VID;DigitalCam Pro; C:\WINDOWS\system32\DRIVERS\V2210vid.sys [2002-10-31 434368]
S3 W700bus;Sony Ericsson W700 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\W700bus.sys [2009-05-20 61536]
S3 W700mdfl;Sony Ericsson W700 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\W700mdfl.sys [2009-05-20 9264]
S3 W700mdm;Sony Ericsson W700 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\W700mdm.sys [2009-05-20 97056]
S3 W700mgmt;Sony Ericsson W700 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\W700mgmt.sys [2009-05-20 88560]
S3 W700obex;Sony Ericsson W700 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\W700obex.sys [2009-05-20 86368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-05-25 643072]
R2 CuckuSrv;Cucku Backup; C:\Program Files\Cucku\Cucku Backup\CuckuSrv.exe [2009-07-25 63280]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-06-01 821080]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-29 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-29 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-06-24 393112]
S4 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-10-28 593920]
S4 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2011-01-13 1960336]
S4 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
S4 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-13 44032]
S4 DCMessages;DCMessages; C:\WINDOWS\system32\DCMessages.exe [2009-11-24 99720]
S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-06-28 2151640]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-12-05 935208]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]

-----------------EOF-----------------

VIRY.CZ

prosba o pomoc při ostranění viru z FB

prosba o pomoc při ostranění viru z FB

Re: prosba o pomoc při ostranění viru z FB

Re: prosba o pomoc při ostranění viru z FB

Re: prosba o pomoc při ostranění viru z FB

Re: prosba o pomoc při ostranění viru z FB

Re: prosba o pomoc při ostranění viru z FB

Re: prosba o pomoc při ostranění viru z FB

Re: prosba o pomoc při ostranění viru z FB

Re: prosba o pomoc při ostranění viru z FB

Re: prosba o pomoc při ostranění viru z FB

Re: prosba o pomoc při ostranění viru z FB

Re: prosba o pomoc při ostranění viru z FB

Re: prosba o pomoc při ostranění viru z FB

Re: prosba o pomoc při ostranění viru z FB

Re: prosba o pomoc při ostranění viru z FB