Vir na Fb

[Morfusof]

Zdravím i ja potřebuji pomoct z virem.Už jsem to projel ComboFixem a už mi něco odtranil a pořád se mi zdá notas nějaký divny.třeba zapnu firefox a on se zamrazí a nejde vypnout i ve správci úloh.ted zatím drži.Až ted jsem se dočetl o tom co jsem měl prvně udělat.Takže co poslat log z RSIT a nebo už rovnou ComboFix.txt

[vyosek]

Zdravim a pekny vecer preji

A vy s tim ComboFixem umite pracovat - aplikovat, vylustit log, napsat docistovaci skript

Nebezpeci CFka

• Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
• Maze stopy po haveti, takze v logu z RSIT neni nic videt
• Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
• CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
• CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Dejte sem RSIT i CF log

[Morfusof]

zde je RSit
Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2011-08-22 22:20:59
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 50 GB (61%) free of 82 GB
Total RAM: 1014 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:21:36, on 22.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Data aplikací\Easybits GO\EasyBitsGO.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ICQ7.5\ICQ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Program Files\ScreenShots\ScreenShots.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Martin\Dokumenty\Programy z netu\RSIT.exe
C:\Program Files\trend micro\Martin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cz.ikariam.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [EasyBits GO] "C:\Documents and Settings\All Users\Data aplikací\Easybits GO\EasyBitsGO.exe" /silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: ScreenShots.lnk = C:\Program Files\ScreenShots\ScreenShots.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: ScreenShots.lnk = C:\Program Files\ScreenShots\ScreenShots.exe (User 'Default user')
O4 - Startup: ScreenShots.lnk = C:\Program Files\ScreenShots\ScreenShots.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Microsoft Antimalware Service (MsMpSvc) - Unknown owner - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 0: (no name) - About:Home

--
End of file - 10783 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Norton Security Scan for Martin.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1498952867-1371975161-1665362881-1006.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1498952867-1371975161-1665362881-1006.job
C:\WINDOWS\tasks\SmartDefrag_Startup.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{4C726153-CAD8-42D6-A282-4C6C0AFD3417}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\hky34qda.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =685749&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"Cetrumcz@igeared"=C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609]
"Description"=12.0.1.609
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
npwachk.dll

C:\Program Files\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\hky34qda.default\extensions\
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\hky34qda.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-01-16 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-15 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-23 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-03 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-07 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-08-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-07 1068904]
{D5D47440-0750-463D-BAEF-A47D02414806} - Lišta Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-11-19 83240]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-01-16 274608]
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-06-24 534880]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"IObit Malware Fighter"=C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [2011-07-20 4393816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EasyBits GO"=C:\Documents and Settings\All Users\Data aplikací\Easybits GO\EasyBitsGO.exe [2011-05-28 423296]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-06-15 15141768]
"ICQ"=C:\Program Files\ICQ7.5\ICQ.exe [2011-08-01 124480]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-27 3883840]

C:\Documents and Settings\Martin\Nabídka Start\Programy\Po spuštění
ScreenShots.lnk - C:\Program Files\ScreenShots\ScreenShots.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-09-24 205312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableSecureUIAPaths"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoInstrumentation"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Disabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Disabled:KTF MUSIC VoD Server"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Disabled:Windows Live Sync"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Disabled:Winamp"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Disabled:Nokia Software Updater"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-08-22 22:21:01 ----D---- C:\Program Files\trend micro
2011-08-22 22:20:59 ----DC---- C:\rsit
2011-08-22 20:49:14 ----D---- C:\WINDOWS\temp
2011-08-22 20:49:12 ----AC---- C:\ComboFix.txt
2011-08-22 19:07:16 ----RC---- C:\ComboFix.exe
2011-08-22 18:59:03 ----A---- C:\WINDOWS\ntbtlog.txt
2011-08-22 17:43:15 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2011-08-22 17:43:12 ----A---- C:\WINDOWS\system32\c_iscii.dll
2011-08-22 17:43:08 ----A---- C:\WINDOWS\system32\kbdusa.dll
2011-08-22 17:42:54 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2011-08-22 14:13:48 ----D---- C:\WINDOWS\Minidump
2011-08-22 00:06:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-22 00:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-21 23:57:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-21 19:51:22 ----AC---- C:\Boot.bak
2011-08-21 19:51:13 ----RASHDC---- C:\cmdcons
2011-08-21 19:48:31 ----A---- C:\WINDOWS\zip.exe
2011-08-21 19:48:31 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-08-21 19:48:31 ----A---- C:\WINDOWS\SWSC.exe
2011-08-21 19:48:31 ----A---- C:\WINDOWS\SWREG.exe
2011-08-21 19:48:31 ----A---- C:\WINDOWS\sed.exe
2011-08-21 19:48:31 ----A---- C:\WINDOWS\PEV.exe
2011-08-21 19:48:31 ----A---- C:\WINDOWS\NIRCMD.exe
2011-08-21 19:48:31 ----A---- C:\WINDOWS\MBR.exe
2011-08-21 19:48:31 ----A---- C:\WINDOWS\grep.exe
2011-08-21 19:48:18 ----D---- C:\WINDOWS\ERDNT
2011-08-21 19:45:57 ----DC---- C:\Qoobox
2011-08-21 18:55:27 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-08-21 18:55:10 ----D---- C:\WINDOWS\system32\drivers\NSS
2011-08-21 18:55:09 ----D---- C:\Program Files\Norton Security Scan
2011-08-21 18:55:08 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Norton
2011-08-21 18:55:04 ----DC---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2011-08-21 18:55:04 ----D---- C:\Program Files\NortonInstaller
2011-08-21 18:50:38 ----D---- C:\WINDOWS\system32\Adobe
2011-08-21 18:47:34 ----D---- C:\Program Files\Common Files\Java
2011-08-21 18:47:17 ----A---- C:\WINDOWS\system32\javaws.exe
2011-08-21 18:47:17 ----A---- C:\WINDOWS\system32\javaw.exe
2011-08-21 18:47:17 ----A---- C:\WINDOWS\system32\java.exe
2011-08-21 15:32:26 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-08-21 15:32:26 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-08-21 15:32:25 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-08-21 15:32:25 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-08-21 15:32:24 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-08-21 15:32:24 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-08-21 15:32:24 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-08-21 15:32:24 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-08-21 15:32:09 ----A---- C:\WINDOWS\avastSS.scr
2011-08-21 15:32:07 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-08-21 14:23:26 ----DC---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-08-21 14:23:26 ----D---- C:\Program Files\AVAST Software
2011-08-21 13:15:44 ----D---- C:\Documents and Settings\Martin\Data aplikací\SUPERAntiSpyware.com
2011-08-21 13:15:31 ----DC---- C:\Documents and Settings\All Users\Data aplikací\!SASCORE
2011-08-21 13:15:25 ----DC---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-08-21 13:15:25 ----D---- C:\Program Files\SUPERAntiSpyware
2011-08-21 12:42:59 ----HD---- C:\WINDOWS\update.tray-7-0-lnk
2011-08-21 12:42:59 ----HD---- C:\WINDOWS\update.tray-7-0
2011-08-21 12:33:10 ----DC---- C:\3d17dadf973743a5c3baa68a8bd9
2011-08-21 12:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-21 12:31:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-08-21 12:26:08 ----D---- C:\Program Files\IObit Toolbar
2011-08-21 12:26:08 ----D---- C:\Program Files\Application Updater
2011-08-21 12:26:07 ----D---- C:\Documents and Settings\Martin\Data aplikací\Search Settings
2011-08-21 12:26:00 ----D---- C:\Program Files\Microsoft Security Client
2011-08-21 10:43:34 ----D---- C:\Program Files\IObit Toolbar(2)
2011-08-20 12:39:44 ----D---- C:\WINDOWS\ufa
2011-08-20 12:38:37 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-08-20 12:37:25 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-08-20 12:36:37 ----HD---- C:\WINDOWS\update.7.1
2011-08-20 12:33:33 ----A---- C:\WINDOWS\unrar.exe
2011-08-20 12:30:38 ----A---- C:\WINDOWS\iplist.txt
2011-08-20 12:29:55 ----A---- C:\WINDOWS\front_ip_list.txt
2011-08-20 12:17:11 ----D---- C:\WINDOWS\av_ico
2011-08-20 12:15:21 ----HD---- C:\WINDOWS\update.tray-14-0-lnk
2011-08-20 12:15:21 ----HD---- C:\WINDOWS\update.tray-14-0
2011-08-20 12:04:49 ----A---- C:\WINDOWS\winlog-ids.txt
2011-08-20 12:04:49 ----A---- C:\WINDOWS\winlog-dirs.txt
2011-07-25 18:15:52 ----A---- C:\WINDOWS\system32\ezGOSvcApp.exe
2011-07-25 18:15:51 ----A---- C:\WINDOWS\system32\ezGOSvc.dll

======List of files/folders modified in the last 1 month======

2011-08-22 22:21:03 ----D---- C:\WINDOWS\Prefetch
2011-08-22 22:21:01 ----RD---- C:\Program Files
2011-08-22 22:17:52 ----D---- C:\Documents and Settings\Martin\Data aplikací\Skype
2011-08-22 20:57:56 ----D---- C:\WINDOWS\system32
2011-08-22 20:57:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-08-22 20:54:46 ----D---- C:\Documents and Settings\Martin\Data aplikací\ICQ
2011-08-22 20:54:03 ----SD---- C:\WINDOWS\Tasks
2011-08-22 20:49:14 ----D---- C:\WINDOWS
2011-08-22 20:46:48 ----AC---- C:\WINDOWS\system.ini
2011-08-22 20:44:14 ----D---- C:\WINDOWS\system32\drivers
2011-08-22 20:42:48 ----D---- C:\WINDOWS\AppPatch
2011-08-22 20:42:46 ----D---- C:\Program Files\Common Files
2011-08-22 20:37:33 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-22 20:33:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-22 17:43:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-08-22 17:43:15 ----RSD---- C:\WINDOWS\Fonts
2011-08-22 17:42:51 ----D---- C:\WINDOWS\Help
2011-08-22 17:27:09 ----D---- C:\Documents and Settings\Martin\Data aplikací\go
2011-08-22 16:02:21 ----D---- C:\WINDOWS\Debug
2011-08-22 14:29:58 ----D---- C:\WINDOWS\system32\drivers\etc
2011-08-22 14:28:29 ----D---- C:\WINDOWS\system32\config
2011-08-22 14:15:10 ----DC---- C:\Documents and Settings
2011-08-22 00:26:47 ----RSD---- C:\WINDOWS\assembly
2011-08-22 00:14:59 ----D---- C:\WINDOWS\Microsoft.NET
2011-08-22 00:06:39 ----HD---- C:\WINDOWS\inf
2011-08-22 00:06:01 ----HD---- C:\WINDOWS\$hf_mig$
2011-08-22 00:04:45 ----SHD---- C:\WINDOWS\Installer
2011-08-22 00:04:45 ----DC---- C:\Config.Msi
2011-08-22 00:03:17 ----D---- C:\WINDOWS\WinSxS
2011-08-21 21:59:24 ----D---- C:\WINDOWS\system32\Side 9 Screensaver dir
2011-08-21 21:52:20 ----DC---- C:\Documents and Settings\All Users\Data aplikací\IObit
2011-08-21 21:52:20 ----D---- C:\Program Files\IObit
2011-08-21 21:28:10 ----D---- C:\Documents and Settings\Martin\Data aplikací\IObit
2011-08-21 20:15:06 ----SD---- C:\Documents and Settings\Martin\Data aplikací\Microsoft
2011-08-21 20:15:06 ----D---- C:\Documents and Settings\Martin\Data aplikací\Adobe
2011-08-21 19:51:22 ----RASHC---- C:\boot.ini
2011-08-21 18:54:06 ----D---- C:\Program Files\Common Files\Adobe
2011-08-21 18:53:51 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-08-21 18:53:47 ----D---- C:\Program Files\Adobe
2011-08-21 18:47:11 ----D---- C:\Program Files\Java
2011-08-21 17:31:37 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-08-21 12:33:16 ----A---- C:\WINDOWS\system32\MRT.exe
2011-08-21 12:33:01 ----D---- C:\Program Files\Internet Explorer
2011-08-21 12:26:27 ----D---- C:\WINDOWS\system32\wbem
2011-08-21 12:26:27 ----D---- C:\WINDOWS\Registration
2011-08-21 12:26:07 ----D---- C:\Program Files\Common Files\Spigot
2011-08-20 12:39:48 ----SHD---- C:\System Volume Information
2011-08-20 12:39:48 ----D---- C:\WINDOWS\system32\Restore
2011-08-17 18:30:46 ----D---- C:\Program Files\Mozilla Firefox
2011-08-06 02:16:49 ----DC---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2011-08-04 18:41:47 ----D---- C:\Program Files\ICQ7.5
2011-08-01 23:10:23 ----DC---- C:\Filmy
2011-07-30 20:22:35 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-07-26 16:32:10 ----RD---- C:\Program Files\Skype
2011-07-26 16:32:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-07-25 18:25:22 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-07-25 17:08:54 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2009-06-04 330264]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-29 685816]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 AsUpIO;AsUpIO; C:\WINDOWS\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-06 54752]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-08-12 1582624]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys []
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-09-24 6301696]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-04-09 5913632]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-07-27 44032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2011-06-29 47360]
R3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys []
R3 rtsuvc;Realtek USB2.0 PC Camera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2010-02-04 73088]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-11-19 230448]
R3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 MpKsl02a4c5f2;MpKsl02a4c5f2; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6DFFF4F6-B7B3-46BB-911F-75700DF06E0D}\MpKsl02a4c5f2.sys []
S1 MpKsl18fd8477;MpKsl18fd8477; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F81B6593-526D-4D8B-92C4-5A77314DD0F2}\MpKsl18fd8477.sys []
S1 MpKsl1ffc1343;MpKsl1ffc1343; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{789AE265-63B1-49D4-9515-200FFEE967A2}\MpKsl1ffc1343.sys []
S1 MpKsl33c073ba;MpKsl33c073ba; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{1070EE20-42BD-49EF-9AFE-9D36AA043CD9}\MpKsl33c073ba.sys []
S1 MpKsl45950d0f;MpKsl45950d0f; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8C4AEF48-9942-48F1-BCBB-7AC8CDC1E228}\MpKsl45950d0f.sys []
S1 MpKsl7321aae8;MpKsl7321aae8; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{78C44E73-4A37-4757-A421-7242A6CFF7EE}\MpKsl7321aae8.sys []
S1 MpKsl78801b45;MpKsl78801b45; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4DD4C088-1F56-4A47-A760-E900736511AB}\MpKsl78801b45.sys []
S1 MpKsl7b79358d;MpKsl7b79358d; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{02D182E3-C3FB-46E3-BC53-28EACD7A7318}\MpKsl7b79358d.sys []
S1 MpKsl7c641e3a;MpKsl7c641e3a; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EC00A3D6-8C6A-404B-8469-1C8B573E45D8}\MpKsl7c641e3a.sys []
S1 MpKsl8fd6126c;MpKsl8fd6126c; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{12E452BB-3DEA-4302-A258-6CA822EA3FC3}\MpKsl8fd6126c.sys []
S1 MpKsla0de8851;MpKsla0de8851; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{DEA1FD90-B2EB-4846-A867-CC44FC85FE61}\MpKsla0de8851.sys []
S1 MpKsla196c1a8;MpKsla196c1a8; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8DBC67EA-6085-4508-8475-B5EAA11B01EC}\MpKsla196c1a8.sys []
S1 MpKslf945f4d5;MpKslf945f4d5; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E465174C-52C4-4DCF-B73E-A4260C2410D6}\MpKslf945f4d5.sys []
S1 MpKslfec944e1;MpKslfec944e1; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A71E1E20-B962-4A65-9511-CB6895006A4C}\MpKslfec944e1.sys []
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1.M\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-19 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-04-21 352656]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-06-24 393112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-15 226656]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-12 136176]
S2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-06 704864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-12 136176]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-06 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Morfusof]

a tady ComboFix
ComboFix 11-08-22.03 - Administrator 22.08.2011 20:38:19.10.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1014.702 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-22 do 2011-08-22 )))))))))))))))))))))))))))))))
.
.
2011-08-22 15:43 . 2008-04-14 12:00 185344 -c--a-w- c:\windows\system32\dllcache\thawbrkr.dll
2011-08-22 15:43 . 2008-04-14 12:00 185344 ----a-w- c:\windows\system32\Thawbrkr.dll
2011-08-22 15:43 . 2008-04-14 12:00 10752 -c--a-w- c:\windows\system32\dllcache\c_iscii.dll
2011-08-22 15:43 . 2008-04-14 12:00 10752 ----a-w- c:\windows\system32\c_iscii.dll
2011-08-22 15:43 . 2008-04-14 12:00 5632 -c--a-w- c:\windows\system32\dllcache\kbdusa.dll
2011-08-22 15:43 . 2008-04-14 12:00 5632 ----a-w- c:\windows\system32\kbdusa.dll
2011-08-22 15:42 . 2008-04-14 12:00 6144 -c--a-w- c:\windows\system32\dllcache\ftlx041e.dll
2011-08-22 15:42 . 2008-04-14 12:00 6144 ----a-w- c:\windows\system32\ftlx041e.dll
2011-08-22 15:42 . 2008-04-14 12:00 19456 -c--a-w- c:\windows\system32\dllcache\agt0401.dll
2011-08-22 15:42 . 2008-04-14 12:00 19456 -c--a-w- c:\windows\system32\dllcache\agt040d.dll
2011-08-21 17:41 . 2011-08-22 03:23 -------- dc----w- C:\## aswSnx private storage
2011-08-21 16:55 . 2011-08-21 16:58 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-08-21 16:55 . 2011-08-21 16:55 -------- d-----w- c:\windows\system32\drivers\NSS
2011-08-21 16:55 . 2011-08-21 16:55 -------- d-----w- c:\program files\Norton Security Scan
2011-08-21 16:55 . 2011-08-21 16:55 -------- dc----w- c:\documents and settings\All Users\Data aplikací\Norton
2011-08-21 16:55 . 2011-08-21 16:55 -------- d-----w- c:\program files\NortonInstaller
2011-08-21 16:50 . 2011-08-21 16:50 -------- d-----w- c:\windows\system32\Adobe
2011-08-21 16:47 . 2011-08-21 16:47 -------- d-----w- c:\program files\Common Files\Java
2011-08-21 15:22 . 2011-08-21 15:31 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-21 13:32 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-08-21 13:32 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-21 13:32 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-08-21 13:32 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-08-21 13:32 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-08-21 13:32 . 2011-07-04 11:35 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-08-21 13:32 . 2011-07-04 11:35 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-08-21 13:32 . 2011-07-04 11:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-08-21 13:32 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-08-21 13:32 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-08-21 12:23 . 2011-08-21 13:31 -------- dc----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-08-21 12:23 . 2011-08-21 12:23 -------- d-----w- c:\program files\AVAST Software
2011-08-21 11:15 . 2011-08-21 11:15 -------- dc----w- c:\documents and settings\All Users\Data aplikací\!SASCORE
2011-08-21 11:15 . 2011-08-21 19:00 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-08-21 11:15 . 2011-08-21 11:15 -------- dc----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-08-21 10:42 . 2011-08-21 12:16 -------- d--h--w- c:\windows\update.tray-7-0
2011-08-21 10:42 . 2011-08-21 12:16 -------- d--h--w- c:\windows\update.tray-7-0-lnk
2011-08-21 10:33 . 2011-08-21 10:40 -------- dc----w- C:\3d17dadf973743a5c3baa68a8bd9
2011-08-21 10:26 . 2011-08-21 10:26 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-21 10:26 . 2011-08-21 10:26 -------- d-----w- c:\program files\IObit Toolbar
2011-08-21 10:26 . 2011-08-21 10:26 -------- d-----w- c:\program files\Application Updater
2011-08-21 10:26 . 2011-08-21 10:26 -------- d-----w- c:\program files\Microsoft Security Client
2011-08-21 08:32 . 2011-08-21 10:26 -------- dcs---w- c:\documents and settings\Administrator
2011-08-20 10:54 . 2011-08-20 10:54 -------- d-----r- c:\documents and settings\LocalService\Oblíbené položky
2011-08-20 10:39 . 2011-08-21 15:05 -------- d-----w- c:\windows\ufa
2011-08-20 10:36 . 2011-08-21 15:05 -------- d--h--w- c:\windows\update.7.1
2011-08-20 10:33 . 2011-08-20 10:39 246272 ----a-w- c:\windows\unrar.exe
2011-08-20 10:17 . 2011-08-21 10:44 -------- d-----w- c:\windows\av_ico
2011-08-20 10:15 . 2011-08-21 14:09 -------- d--h--w- c:\windows\update.tray-14-0-lnk
2011-08-20 10:15 . 2011-08-21 12:16 -------- d--h--w- c:\windows\update.tray-14-0
2011-08-20 10:04 . 2011-08-20 10:04 -------- d-----w- c:\documents and settings\LocalService\Nabídka Start
2011-08-19 19:05 . 2011-08-12 02:44 7152464 -c--a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BB829CA1-809F-47E4-A37C-3D58FFBF025D}\mpengine.dll
2011-08-09 13:35 . 2011-07-13 03:39 6881616 -c--a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-07-25 16:15 . 2011-05-28 10:48 718208 ----a-w- c:\windows\system32\ezGOSvcApp.exe
2011-07-25 16:15 . 2011-05-28 10:48 73600 ----a-w- c:\windows\system32\ezGOSvc.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 02:44 . 2010-10-01 12:48 7152464 -c--a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-07-15 13:29 . 2009-12-23 18:07 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2009-12-23 18:07 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-29 18:06 . 2011-06-29 18:06 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2011-06-24 14:10 . 2009-12-24 02:16 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2009-12-23 18:07 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2009-12-23 18:07 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2009-12-23 18:07 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2009-12-23 18:07 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2009-12-23 18:07 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-06-06 11:35 . 2009-12-23 18:07 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-17 16:30 . 2011-04-05 13:04 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-08-22_17.18.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-12-23 18:07 . 2011-08-22 18:38 77762 c:\windows\system32\perfc009.dat
- 2009-12-23 18:07 . 2011-08-22 17:03 77762 c:\windows\system32\perfc009.dat
+ 2009-12-23 18:07 . 2011-08-22 18:38 90562 c:\windows\system32\perfc005.dat
- 2009-12-23 18:07 . 2011-08-22 17:03 90562 c:\windows\system32\perfc005.dat
+ 2009-12-23 18:07 . 2011-08-22 18:38 456888 c:\windows\system32\perfh009.dat
- 2009-12-23 18:07 . 2011-08-22 17:03 456888 c:\windows\system32\perfh009.dat
+ 2009-12-23 18:07 . 2011-08-22 18:38 452758 c:\windows\system32\perfh005.dat
- 2009-12-23 18:07 . 2011-08-22 17:03 452758 c:\windows\system32\perfh005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-03-25 402096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-11-19 83240]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-01-16 274608]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-06-24 534880]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2011-07-20 4393816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 23:45 3883840 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [29.11.2010 21:14 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [29.11.2010 21:14 5248]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [7.3.2011 21:31 14776]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.11.2010 20:39 685816]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [21.8.2011 21:28 820568]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [18.3.2010 1:51 11448]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [21.8.2011 15:32 441176]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [21.8.2011 15:32 309848]
S1 MpKsl02a4c5f2;MpKsl02a4c5f2;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6DFFF4F6-B7B3-46BB-911F-75700DF06E0D}\MpKsl02a4c5f2.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6DFFF4F6-B7B3-46BB-911F-75700DF06E0D}\MpKsl02a4c5f2.sys [?]
S1 MpKsl18fd8477;MpKsl18fd8477;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F81B6593-526D-4D8B-92C4-5A77314DD0F2}\MpKsl18fd8477.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F81B6593-526D-4D8B-92C4-5A77314DD0F2}\MpKsl18fd8477.sys [?]
S1 MpKsl1ffc1343;MpKsl1ffc1343;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{789AE265-63B1-49D4-9515-200FFEE967A2}\MpKsl1ffc1343.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{789AE265-63B1-49D4-9515-200FFEE967A2}\MpKsl1ffc1343.sys [?]
S1 MpKsl33c073ba;MpKsl33c073ba;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{1070EE20-42BD-49EF-9AFE-9D36AA043CD9}\MpKsl33c073ba.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{1070EE20-42BD-49EF-9AFE-9D36AA043CD9}\MpKsl33c073ba.sys [?]
S1 MpKsl45950d0f;MpKsl45950d0f;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8C4AEF48-9942-48F1-BCBB-7AC8CDC1E228}\MpKsl45950d0f.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8C4AEF48-9942-48F1-BCBB-7AC8CDC1E228}\MpKsl45950d0f.sys [?]
S1 MpKsl7321aae8;MpKsl7321aae8;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{78C44E73-4A37-4757-A421-7242A6CFF7EE}\MpKsl7321aae8.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{78C44E73-4A37-4757-A421-7242A6CFF7EE}\MpKsl7321aae8.sys [?]
S1 MpKsl78801b45;MpKsl78801b45;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4DD4C088-1F56-4A47-A760-E900736511AB}\MpKsl78801b45.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{4DD4C088-1F56-4A47-A760-E900736511AB}\MpKsl78801b45.sys [?]
S1 MpKsl7b79358d;MpKsl7b79358d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{02D182E3-C3FB-46E3-BC53-28EACD7A7318}\MpKsl7b79358d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{02D182E3-C3FB-46E3-BC53-28EACD7A7318}\MpKsl7b79358d.sys [?]
S1 MpKsl7c641e3a;MpKsl7c641e3a;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EC00A3D6-8C6A-404B-8469-1C8B573E45D8}\MpKsl7c641e3a.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{EC00A3D6-8C6A-404B-8469-1C8B573E45D8}\MpKsl7c641e3a.sys [?]
S1 MpKsl8fd6126c;MpKsl8fd6126c;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{12E452BB-3DEA-4302-A258-6CA822EA3FC3}\MpKsl8fd6126c.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{12E452BB-3DEA-4302-A258-6CA822EA3FC3}\MpKsl8fd6126c.sys [?]
S1 MpKsla0de8851;MpKsla0de8851;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{DEA1FD90-B2EB-4846-A867-CC44FC85FE61}\MpKsla0de8851.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{DEA1FD90-B2EB-4846-A867-CC44FC85FE61}\MpKsla0de8851.sys [?]
S1 MpKsla196c1a8;MpKsla196c1a8;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8DBC67EA-6085-4508-8475-B5EAA11B01EC}\MpKsla196c1a8.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8DBC67EA-6085-4508-8475-B5EAA11B01EC}\MpKsla196c1a8.sys [?]
S1 MpKslf945f4d5;MpKslf945f4d5;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E465174C-52C4-4DCF-B73E-A4260C2410D6}\MpKslf945f4d5.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E465174C-52C4-4DCF-B73E-A4260C2410D6}\MpKslf945f4d5.sys [?]
S1 MpKslfec944e1;MpKslfec944e1;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A71E1E20-B962-4A65-9511-CB6895006A4C}\MpKslfec944e1.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A71E1E20-B962-4A65-9511-CB6895006A4C}\MpKslfec944e1.sys [?]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 18:27 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 23:55 67664]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [25.4.2011 22:03 352656]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [24.6.2011 17:30 393112]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [21.8.2011 15:32 19544]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [8.1.2011 21:02 233472]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12.6.2011 11:19 136176]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [19.9.2010 19:32 247608]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2.9.2010 22:49 1691480]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [8.1.2011 21:02 36608]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12.6.2011 11:19 136176]
S3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [3.11.2009 10:34 44032]
S3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [21.8.2011 21:28 30368]
S3 rtsuvc;Realtek USB2.0 PC Camera;c:\windows\system32\drivers\rtsuvc.sys [2.9.2010 22:50 73088]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [8.1.2011 21:03 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [8.1.2011 21:03 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [8.1.2011 21:03 121856]
S3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [21.8.2011 21:28 16080]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [23.12.2009 20:07 14336]
S4 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [21.8.2011 21:28 239600]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - PXHELP20
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezGOSvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-22 c:\windows\Tasks\ASC4_PerformanceMonitor.job
- c:\program files\IObit\Advanced SystemCare 4\PMonitor.exe [2011-04-25 14:54]
.
2011-08-22 c:\windows\Tasks\Game_Booster_Startup.job
- c:\program files\IObit\Game Booster\gbtray.exe [2011-03-07 15:20]
.
2011-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-12 09:19]
.
2011-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-12 09:19]
.
2011-08-22 c:\windows\Tasks\Norton Security Scan for Martin.job
- c:\progra~1\NORTON~2\Engine\351~1.6\Nss.exe [2011-08-21 11:19]
.
2011-08-22 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-18.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
2011-08-22 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1498952867-1371975161-1665362881-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
2011-08-21 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-18.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
2011-08-22 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1498952867-1371975161-1665362881-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
2011-08-22 c:\windows\Tasks\SmartDefrag_Startup.job
- c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2011-03-07 16:34]
.
2011-08-22 c:\windows\Tasks\User_Feed_Synchronization-{4C726153-CAD8-42D6-A282-4C6C0AFD3417}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 11:31]
.
.
------- Doplňkový sken -------
.
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 81.200.48.12 81.200.48.11
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
FF - ProfilePath -
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-22 20:46
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c2,af,69,55,39,7f,72,41,8b,fa,a3,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c2,af,69,55,39,7f,72,41,8b,fa,a3,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(380)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
Celkový čas: 2011-08-22 20:49:11
ComboFix-quarantined-files.txt 2011-08-22 18:49
ComboFix2.txt 2011-08-22 17:21
ComboFix3.txt 2011-08-22 14:48
ComboFix4.txt 2011-08-22 13:34
ComboFix5.txt 2011-08-22 18:36
.
Před spuštěním: Volných bajtů: 52 084 457 472
Po spuštění: Volných bajtů: 52 073 922 560
.
Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - CC477C99A8DEE449944267242B948944

[vyosek]

A vy s tim ComboFixem umite pracovat - aplikovat, vylustit log, napsat docistovaci skript

vy jste jej spoustel nekolikrat ze To je zcela zbytecne Zabalte mi do raru vsechny jeho logy (ComboFix.txt, ComboFix(cislo).txt) a uploadnete mi je sem http://leteckaposta.cz/

[Morfusof]

Bude problém když je už nemám?

[vyosek]

To jste opravdu sikula

Odinstalujte IObit Malware Fighter, Advanced SystemCare 4 a nasledne i vse od IObit - jsou to cinske smejdy a spise jen skodi

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  RegLock::
  [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
  
  Folder::
  c:\program files\IObit
  c:\program files\ICQ6Toolbar
  c:\program files\Application Updater
  c:\windows\update.tray-7-0
  c:\windows\update.tray-7-0-lnk
  c:\program files\IObit Toolbar
  c:\windows\ufa
  c:\windows\update.7.1
  c:\windows\av_ico
  c:\windows\update.tray-14-0-lnk
  c:\windows\update.tray-14-0
  c:\program files\Common Files\Spigot
  
  File::
  c:\windows\unrar.exe
  C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\hky34qda.default\searchplugins\icqplugin.xml
  C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
  C:\WINDOWS\tasks\Game_Booster_Startup.job
  C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
  C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
  C:\WINDOWS\tasks\Norton Security Scan for Martin.job
  C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
  C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1498952867-1371975161-1665362881-1006.job
  C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
  C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1498952867-1371975161-1665362881-1006.job
  C:\WINDOWS\tasks\SmartDefrag_Startup.job
  C:\WINDOWS\tasks\User_Feed_Synchronization-{4C726153-CAD8-42D6-A282-4C6C0AFD3417}.job
  
  Driver::
  IMFservice
  MpKsl02a4c5f2
  MpKsl18fd8477
  MpKsl1ffc1343
  MpKsl33c073ba
  MpKsl45950d0f
  MpKsl7321aae8
  MpKsl78801b45
  MpKsl7b79358d
  MpKsl7c641e3a
  MpKsl8fd6126c
  MpKsla0de8851
  MpKsla196c1a8
  MpKslf945f4d5
  MpKslfec944e1
  AdvancedSystemCareService
  Application Updater
  gupdate
  ICQ Service
  gupdatem
  FileMonitor
  
  Registry::
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "TkBellExe"=-
  "SearchSettings"=-
  "SunJavaUpdateSched"=-
  "Adobe ARM"=-
  "IObit Malware Fighter"=-
  [HKEY_LOCAL_MACHINE\software\microsoft\security center]
  "FirewallOverride"=dword:00000000
  "DisableThumbnailCache"=dword:00000000
  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
  "5985:TCP"=-
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[Morfusof]

Jen ještě maličkost?Udělal jsem vše podle návodu a na ploše jsem chtěl CFScript.txt dát do Combofix tak to ještě šlo ale po chvilce mi naskočila modrá obrazovka z chybou a že jak to je poprve tak restartněte,tak jsem to zkusil ještě a pořád to samé a pak jsem to zkusil v nouzovém režimu a vylezlo mi ztoho toho ,tak doufám že jsem něco zase neposral

ComboFix 11-08-22.04 - Martin 23.08.2011 1:08:36.11.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1014.683 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\Martin\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\Martin\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

FILE ::
"C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\hky34qda.default\searchplugins\icqplugin.xml"
"C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job"
"C:\WINDOWS\tasks\Game_Booster_Startup.job"
"C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job"
"C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job"
"C:\WINDOWS\tasks\Norton Security Scan for Martin.job"
"C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job"
"C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1498952867-1371975161-1665362881-1006.job"
"C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job"
"C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1498952867-1371975161-1665362881-1006.job"
"C:\WINDOWS\tasks\SmartDefrag_Startup.job"
"C:\WINDOWS\tasks\User_Feed_Synchronization-{4C726153-CAD8-42D6-A282-4C6C0AFD3417}.job"
"c:\windows\unrar.exe"


((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))


c:\program files\Common Files\Spigot
c:\program files\Common Files\Spigot\Search Settings(2)\yahoo_ff.xml
c:\program files\Common Files\Spigot\Search Settings(2)\yahoo_ie.xml
c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5
c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\ICQ6Toolbar\voucher.bmp
c:\program files\ICQ6Toolbar\voucher2.bmp
c:\program files\IObit
c:\program files\IObit\Advanced SystemCare 3\License.dat
c:\program files\IObit\Advanced SystemCare 3\Sut_SoftUninstal.exe
c:\program files\IObit\Advanced SystemCare 4\bugreport.txt
c:\program files\IObit\Advanced SystemCare 4\Config.ini
c:\program files\IObit\Advanced SystemCare 4\feedback.log
c:\program files\IObit\Advanced SystemCare 4\checkinfo.txt
c:\program files\IObit\Advanced SystemCare 4\LatestNews\imagenews.png
c:\program files\IObit\Advanced SystemCare 4\LatestNews\LatestNews.ini
c:\program files\IObit\Advanced SystemCare 4\License.dat
c:\program files\IObit\Advanced SystemCare 4\SecurityHoles_Download\dotnetfx35langpack.exe
c:\program files\IObit\Advanced SystemCare 4\SecurityHolesScanner\Update.dat
c:\program files\IObit\Advanced SystemCare 4\services.ini
c:\program files\IObit\Advanced SystemCare 4\shconfig.ini
c:\program files\IObit\Advanced SystemCare 4\tb.dat
c:\program files\IObit\Advanced SystemCare 4\TBconfig.ini
c:\program files\IObit\Advanced SystemCare 4\temp\ndp20sp2-kb2539631-x86.exe
c:\program files\IObit\Advanced SystemCare 4\temp\netfx3-kb928416-v3.0-x86-csy.exe
c:\program files\IObit\Advanced SystemCare 4\temp\rootsupd.exe
c:\program files\IObit\Advanced SystemCare 4\temp\windowsxp-kb2536276-v2-x86-csy.exe
c:\program files\IObit\Advanced SystemCare 4\temp\windowsxp-kb2567680-x86-csy.exe
c:\program files\IObit\Advanced SystemCare 4\temp\windowsxp-kb2570222-x86-csy.exe
c:\program files\IObit\Advanced SystemCare 4\Update\Update.Ini
c:\program files\IObit\Game Booster\LatestNews\imagenews.png
c:\program files\IObit\Game Booster\LatestNews\LatestNews.ini
c:\program files\IObit\Game Booster\license.dat
c:\program files\IObit\Game Booster\Update\Update.Ini
c:\program files\IObit\IObit Malware Fighter\license.dat
c:\program files\IObit\IObit Malware Fighter\ProtectorLog.log
c:\program files\IObit\IObit Security 360\IS360DataBase.db
c:\program files\IObit\IObit Security 360\log\Scan\2011-05-09 16-22-58.log
c:\program files\IObit\IObit Security 360\log\Scan\2011-06-06 21-44-11.log
c:\program files\IObit\IObit Security 360\log\Scan\2011-08-21 10-41-37.log
c:\program files\IObit\IObit Security 360\log\Scan\2011-08-21 12-52-23.log
c:\program files\IObit\IObit Security 360\Quarantine Zone\cryjqerz
c:\program files\IObit\IObit Security 360\Quarantine Zone\info.db
c:\program files\IObit\IObit Security 360\Quarantine Zone\kplvnqrv
c:\program files\IObit\IObit Security 360\UpdateLog.txt
c:\program files\IObit\Smart Defrag 2\drivers\win7_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\win7_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\win7_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\win7_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wlh_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wlh_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wlh_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wlh_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wnet_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wnet_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wnet_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wnet_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wxp_x64\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wxp_x64\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\drivers\wxp_x86\SmartDefragBootTime.exe
c:\program files\IObit\Smart Defrag 2\drivers\wxp_x86\SmartDefragDriver.sys
c:\program files\IObit\Smart Defrag 2\Freeware\Languages\Inno_English.lng
c:\program files\IObit\Smart Defrag 2\Language\English.lng
c:\program files\IObit\Smart Defrag 2\Language\Turkish.lng
c:\program files\IObit\Smart Defrag 2\LatestNews\LatestNews.ini
c:\program files\IObit\Smart Defrag 2\madbasic_.bpl
c:\program files\IObit\Smart Defrag 2\maddisAsm_.bpl
c:\program files\IObit\Smart Defrag 2\madexcept_.bpl
c:\program files\IObit\Smart Defrag 2\NtfsData.dll
c:\program files\IObit\Smart Defrag 2\rtl120.bpl
c:\program files\IObit\Smart Defrag 2\SDDriverMgr.dll
c:\program files\IObit\Smart Defrag 2\SDInit.exe
c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Shadow.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Center.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Close_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Close_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\ColumnDivider.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\ColumnHeader.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Bottom_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Bottom_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Top_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Top_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Bottom.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Left_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Right_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Hide.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Checked.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Unchecked.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Item_Selected.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Layout.ini
c:\program files\IObit\Smart Defrag 2\Skins\Black\line.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Logo.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Maximize_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Maximize_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Minimize_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Minimize_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\News_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\News_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\News_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Page_Body.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Restore_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Restore_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Setting_Text_Shadow.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Show.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Statistics.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Title.png
c:\program files\IObit\Smart Defrag 2\Skins\Black\Top.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Add_Shadow.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Center.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Close_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Close_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\ColumnDivider.png
c:\program files\IObit\Smart Defrag 2\Skins\White\ColumnHeader.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Bottom_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Bottom_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Top_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Top_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Bottom.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Left_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Right_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Top.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Hide.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Checked.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Unchecked.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Item_Selected.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Layout.ini
c:\program files\IObit\Smart Defrag 2\Skins\White\line.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Logo.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Maximize_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Maximize_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Minimize_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Minimize_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\News_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\News_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\White\News_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Page_Body.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Left.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Middle.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Right.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Restore_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Restore_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Setting_Text_Shadow.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Show.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Statistics.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Disable.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Focus.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Hot.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Normal.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Title.png
c:\program files\IObit\Smart Defrag 2\Skins\White\Top.png
c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe
c:\program files\IObit\Smart Defrag 2\taskMgr.dll
c:\program files\IObit\Smart Defrag 2\TaskSchedule.exe
c:\program files\IObit\Smart Defrag 2\unins000.dat
c:\program files\IObit\Smart Defrag 2\unins000.exe
c:\program files\IObit\Smart Defrag 2\unins000.msg
c:\program files\IObit\Smart Defrag 2\vcl120.bpl
c:\program files\IObit\Smart Defrag 2\vclx120.bpl
c:\windows\av_ico
c:\windows\av_ico\ico_avast_desktop.ico
c:\windows\av_ico\ico_avast_start.ico
c:\windows\av_ico\ico_Essentials_start.ico
c:\windows\ufa
c:\windows\update.7.1
c:\windows\update.tray-14-0-lnk
c:\windows\update.tray-14-0
c:\windows\update.tray-7-0-lnk
c:\windows\update.tray-7-0


((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GUPDATE
-------\Legacy_ICQ_SERVICE
-------\Legacy_MPKSL02A4C5F2
-------\Legacy_MPKSL18FD8477
-------\Legacy_MPKSL1FFC1343
-------\Legacy_MPKSL33C073BA
-------\Legacy_MPKSL45950D0F
-------\Legacy_MPKSL7321AAE8
-------\Legacy_MPKSL78801B45
-------\Legacy_MPKSL7B79358D
-------\Legacy_MPKSL7C641E3A
-------\Legacy_MPKSL8FD6126C
-------\Legacy_MPKSLA0DE8851
-------\Legacy_MPKSLA196C1A8
-------\Legacy_MPKSLF945F4D5
-------\Legacy_MPKSLFEC944E1
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_ICQ Service
-------\Service_MpKsl02a4c5f2
-------\Service_MpKsl18fd8477
-------\Service_MpKsl1ffc1343
-------\Service_MpKsl33c073ba
-------\Service_MpKsl45950d0f
-------\Service_MpKsl7321aae8
-------\Service_MpKsl78801b45
-------\Service_MpKsl7b79358d
-------\Service_MpKsl7c641e3a
-------\Service_MpKsl8fd6126c
-------\Service_MpKsla0de8851
-------\Service_MpKsla196c1a8
-------\Service_MpKslf945f4d5
-------\Service_MpKslfec944e1


((((((((((((((((((((((((( Soubory vytvořené od 2011-07-22 do 2011-08-22 )))))))))))))))))))))))))))))))


2011-08-22 21:11:50 . 2011-08-22 21:11:50 -------- d-----w- C:\rsit
2011-08-22 20:21:01 . 2011-08-22 21:12:06 -------- d-----w- C:\Program Files\trend micro
2011-08-22 15:43:15 . 2008-04-14 12:00:00 185344 -c--a-w- C:\WINDOWS\system32\dllcache\thawbrkr.dll
2011-08-22 15:43:15 . 2008-04-14 12:00:00 185344 ----a-w- C:\WINDOWS\system32\Thawbrkr.dll
2011-08-22 15:43:12 . 2008-04-14 12:00:00 10752 -c--a-w- C:\WINDOWS\system32\dllcache\c_iscii.dll
2011-08-22 15:43:12 . 2008-04-14 12:00:00 10752 ----a-w- C:\WINDOWS\system32\c_iscii.dll
2011-08-22 15:43:08 . 2008-04-14 12:00:00 5632 -c--a-w- C:\WINDOWS\system32\dllcache\kbdusa.dll
2011-08-22 15:43:08 . 2008-04-14 12:00:00 5632 ----a-w- C:\WINDOWS\system32\kbdusa.dll
2011-08-22 15:42:54 . 2008-04-14 12:00:00 6144 -c--a-w- C:\WINDOWS\system32\dllcache\ftlx041e.dll
2011-08-22 15:42:54 . 2008-04-14 12:00:00 6144 ----a-w- C:\WINDOWS\system32\ftlx041e.dll
2011-08-22 15:42:51 . 2008-04-14 12:00:00 19456 -c--a-w- C:\WINDOWS\system32\dllcache\agt0401.dll
2011-08-22 15:42:50 . 2008-04-14 12:00:00 19456 -c--a-w- C:\WINDOWS\system32\dllcache\agt040d.dll
2011-08-21 18:15:06 . 2011-08-21 18:15:06 -------- d-----w- C:\Documents and Settings\Martin\Local Settings\Data aplikací\Temp
2011-08-21 16:55:27 . 2011-08-21 16:58:48 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2011-08-21 16:55:10 . 2011-08-21 16:55:10 -------- d-----w- C:\WINDOWS\system32\drivers\NSS
2011-08-21 16:55:09 . 2011-08-21 16:55:10 -------- d-----w- C:\Program Files\Norton Security Scan
2011-08-21 16:55:08 . 2011-08-21 16:55:09 -------- dc----w- C:\Documents and Settings\All Users\Data aplikací\Norton
2011-08-21 16:55:04 . 2011-08-21 16:55:04 -------- d-----w- C:\Program Files\NortonInstaller
2011-08-21 16:50:38 . 2011-08-21 16:50:38 -------- d-----w- C:\WINDOWS\system32\Adobe
2011-08-21 16:47:34 . 2011-08-21 16:47:34 -------- d-----w- C:\Program Files\Common Files\Java
2011-08-21 15:22:42 . 2011-08-21 15:31:46 404640 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2011-08-21 13:32:26 . 2011-07-04 11:36:32 309848 ----a-w- C:\WINDOWS\system32\drivers\aswSP.sys
2011-08-21 13:32:26 . 2011-07-04 11:32:12 19544 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-08-21 13:32:25 . 2011-07-04 11:35:23 43608 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-08-21 13:32:25 . 2011-07-04 11:32:32 25432 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-08-21 13:32:24 . 2011-07-04 11:36:43 441176 ----a-w- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-08-21 13:32:24 . 2011-07-04 11:35:12 102616 ----a-w- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-08-21 13:32:24 . 2011-07-04 11:35:09 96344 ----a-w- C:\WINDOWS\system32\drivers\aswmon.sys
2011-08-21 13:32:24 . 2011-07-04 11:32:13 30808 ----a-w- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-08-21 13:32:09 . 2011-07-04 11:43:53 40112 ----a-w- C:\WINDOWS\avastSS.scr
2011-08-21 13:32:07 . 2011-07-04 11:43:51 199304 ----a-w- C:\WINDOWS\system32\aswBoot.exe
2011-08-21 12:23:26 . 2011-08-21 13:31:50 -------- dc----w- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-08-21 12:23:26 . 2011-08-21 12:23:26 -------- d-----w- C:\Program Files\AVAST Software
2011-08-21 11:15:31 . 2011-08-21 11:15:31 -------- dc----w- C:\Documents and Settings\All Users\Data aplikací\!SASCORE
2011-08-21 11:15:25 . 2011-08-21 19:00:03 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-08-21 11:15:25 . 2011-08-21 11:15:25 -------- dc----w- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-08-21 10:33:10 . 2011-08-21 10:40:45 -------- dc----w- C:\3d17dadf973743a5c3baa68a8bd9
2011-08-21 10:26:27 . 2011-08-21 10:26:27 -------- d-----w- C:\WINDOWS\system32\wbem\Repository
2011-08-21 10:26:00 . 2011-08-21 10:26:00 -------- d-----w- C:\Program Files\Microsoft Security Client
2011-08-21 08:43:34 . 2011-08-21 10:26:07 -------- d-----w- C:\Program Files\IObit Toolbar(2)
2011-08-21 08:32:41 . 2011-08-21 10:26:11 -------- dcs---w- C:\Documents and Settings\Administrator
2011-08-20 10:54:01 . 2011-08-20 10:54:01 -------- d-----r- C:\Documents and Settings\LocalService\Oblíbené položky
2011-08-20 10:33:33 . 2011-08-20 10:39:43 246272 ----a-w- C:\WINDOWS\unrar.exe
2011-08-20 10:04:48 . 2011-08-20 10:04:48 -------- d-----w- C:\Documents and Settings\LocalService\Nabídka Start
2011-08-19 19:05:26 . 2011-08-12 02:44:27 7152464 -c--a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{BB829CA1-809F-47E4-A37C-3D58FFBF025D}\mpengine.dll
2011-08-09 13:35:39 . 2011-07-13 03:39:01 6881616 -c--a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-07-25 16:15:52 . 2011-05-28 10:48:17 718208 ----a-w- C:\WINDOWS\system32\ezGOSvcApp.exe
2011-07-25 16:15:51 . 2011-05-28 10:48:17 73600 ----a-w- C:\WINDOWS\system32\ezGOSvc.dll
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-08-12 02:44:27 . 2010-10-01 12:48:32 7152464 -c--a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-07-15 13:29:31 . 2009-12-23 18:07:13 456320 ----a-w- C:\WINDOWS\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 . 2009-12-23 18:07:14 10496 ----a-w- C:\WINDOWS\system32\drivers\ndistapi.sys
2011-06-29 18:06:59 . 2011-06-29 18:06:59 47360 ----a-w- C:\WINDOWS\system32\drivers\pcouffin.sys
2011-06-24 14:10:39 . 2009-12-24 02:16:41 139656 ----a-w- C:\WINDOWS\system32\drivers\rdpwd.sys
2011-06-23 18:31:31 . 2009-12-23 18:07:19 916480 ----a-w- C:\WINDOWS\system32\wininet.dll
2011-06-23 18:31:30 . 2009-12-23 18:07:13 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll
2011-06-23 18:31:30 . 2009-12-23 18:07:12 1469440 ----a-w- C:\WINDOWS\system32\inetcpl.cpl
2011-06-23 12:05:34 . 2009-12-23 18:07:12 385024 ----a-w- C:\WINDOWS\system32\html.iec
2011-06-20 17:44:52 . 2009-12-23 18:07:19 293376 ----a-w- C:\WINDOWS\system32\winsrv.dll
2011-06-06 11:35:21 . 2009-12-23 18:07:19 1858944 ----a-w- C:\WINDOWS\system32\win32k.sys
2011-08-17 16:30:18 . 2011-04-05 13:04:59 134104 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll


((((((((((((((((((((((((((((( SnapShot_2011-08-22_17.18.43 )))))))))))))))))))))))))))))))))))))))))

+ 2011-08-22 23:19:53 . 2011-08-22 23:19:53 16384 C:\WINDOWS\temp\Perflib_Perfdata_7b0.dat
+ 2009-12-23 18:07:16 . 2011-08-22 23:21:51 78448 C:\WINDOWS\system32\perfc009.dat
+ 2009-12-23 18:07:23 . 2011-08-22 23:21:51 91326 C:\WINDOWS\system32\perfc005.dat
+ 2009-12-23 18:07:16 . 2011-08-22 23:21:51 457574 C:\WINDOWS\system32\perfh009.dat
+ 2009-12-23 18:07:23 . 2011-08-22 23:21:51 453640 C:\WINDOWS\system32\perfh005.dat

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))


*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43:46 122512 ----a-w- C:\Program Files\AVAST Software\Avast\ashShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EasyBits GO"="C:\Documents and Settings\All Users\Data aplikací\Easybits GO\EasyBitsGO.exe" [2011-05-28 10:48:06 423296]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2011-06-15 13:02:58 15141768]
"ICQ"="C:\Program Files\ICQ7.5\ICQ.exe" [2011-08-01 08:28:16 124480]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 12:00:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynAsusAcpi"="C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-11-19 13:44:14 83240]
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe" [2011-07-04 11:43:54 3493720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 12:00:00 15360]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 23:44:24 435096]

C:\Documents and Settings\Martin\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ScreenShots.lnk - C:\Program Files\ScreenShots\ScreenShots.exe [2006-8-14 196608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableSecureUIAPaths"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 00:02:18 113024]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54:14 551296 ----a-w- C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 23:45:00 3883840 ----a-w- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"C:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"C:\\Program Files\\ICQ7.5\\ICQ.exe"=
"C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"C:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\Winamp\\winamp.exe"=
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

R0 a347bus;a347bus;C:\WINDOWS\system32\drivers\a347bus.sys [29.11.2010 21:14:55 160640]
R0 a347scsi;a347scsi;C:\WINDOWS\system32\drivers\a347scsi.sys [29.11.2010 21:14:55 5248]
R0 SmartDefragDriver;SmartDefragDriver;C:\WINDOWS\system32\drivers\SmartDefragDriver.sys [7.3.2011 21:31:06 14776]
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [29.11.2010 20:39:12 685816]
R1 AsUpIO;AsUpIO;C:\WINDOWS\system32\drivers\AsUpIO.sys [18.3.2010 1:51:56 11448]
R1 aswSnx;aswSnx;C:\WINDOWS\system32\drivers\aswSnx.sys [21.8.2011 15:32:24 441176]
R1 aswSP;aswSP;C:\WINDOWS\system32\drivers\aswSP.sys [21.8.2011 15:32:26 309848]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 18:27:02 12880]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 23:55:22 67664]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\drivers\aswFsBlk.sys [21.8.2011 15:32:26 19544]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [8.1.2011 21:02:48 233472]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [8.1.2011 21:02:48 36608]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;C:\WINDOWS\system32\drivers\l1c51x86.sys [3.11.2009 10:34:21 44032]
R3 rtsuvc;Realtek USB2.0 PC Camera;C:\WINDOWS\system32\drivers\rtsuvc.sys [2.9.2010 22:50:03 73088]
S3 Ambfilt;Ambfilt;C:\WINDOWS\system32\drivers\Ambfilt.sys [2.9.2010 22:49:06 1691480]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\WINDOWS\system32\drivers\ss_bbus.sys [8.1.2011 21:03:17 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\WINDOWS\system32\drivers\ss_bmdfl.sys [8.1.2011 21:03:17 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\WINDOWS\system32\drivers\ss_bmdm.sys [8.1.2011 21:03:17 121856]
S3 WinRM;Windows Remote Management (WS-Management);C:\WINDOWS\system32\svchost.exe -k WINRM [23.12.2009 20:07:19 14336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezGOSvc

Obsah adresáře 'Naplánované úlohy'

2011-08-22 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-12 09:19:59 . 2011-06-12 09:19:49]

2011-08-22 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-12 09:19:59 . 2011-06-12 09:19:49]

2011-08-22 C:\WINDOWS\Tasks\Norton Security Scan for Martin.job
- C:\PROGRA~1\NORTON~2\Engine\351~1.6\Nss.exe [2011-08-21 16:55:11 . 2011-06-28 11:19:42]

2011-08-22 C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-18.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33:50 . 2010-11-05 10:33:50]

2011-08-22 C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1498952867-1371975161-1665362881-1006.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33:50 . 2010-11-05 10:33:50]

2011-08-21 C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-18.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33:50 . 2010-11-05 10:33:50]

2011-08-22 C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1498952867-1371975161-1665362881-1006.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33:50 . 2010-11-05 10:33:50]

2011-08-22 C:\WINDOWS\Tasks\User_Feed_Synchronization-{4C726153-CAD8-42D6-A282-4C6C0AFD3417}.job
- C:\WINDOWS\system32\msfeedssync.exe [2009-03-08 11:31:54 . 2009-03-08 11:31:54]


------- Doplňkový sken -------

uStart Page = hxxp://cz.ikariam.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
FF - ProfilePath - C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\hky34qda.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedie (cs)
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p=
FF - prefs.js: network.proxy.type - 0
# Mozilla User Preferences
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
* For more information, see hxxp://www.mozilla.org/unix/customizing.html#prefs
*/
FF - user.js: accessibility.typeaheadfind.flashBar - 0
FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1309734401
FF - user.js: app.update.lastUpdateTime.background-update-timer - 1309734521
FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1309734281
FF - user.js: app.update.lastUpdateTime.microsummary-generator-update-timer - 1309286499
FF - user.js: app.update.lastUpdateTime.places-maintenance-timer - 1301922456
FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1309783617
FF - user.js: browser.anchor_color - #0000FF
FF - user.js: browser.audioFeeds.handler - reader
FF - user.js: browser.audioFeeds.handler.default - client
FF - user.js: browser.audioFeeds.handlers.application - C:\\Program Files\\Winamp\\winamp.exe
FF - user.js: browser.cache.disk.capacity - 1048576
FF - user.js: browser.cache.disk.smart_size.first_run - false
FF - user.js: browser.cache.disk.smart_size_cached_value - 256000
FF - user.js: browser.display.background_color - #C0C0C0
FF - user.js: browser.display.use_system_colors - true
FF - user.js: browser.download.dir - C:\\Documents and Settings\\Martin\\Dokumenty\\Programy z netu
FF - user.js: browser.download.folderList - 2
FF - user.js: browser.download.lastDir - C:\\Documents and Settings\\Martin\\Plocha
FF - user.js: browser.download.save_converter_index - 3
FF - user.js: browser.feeds.showFirstRunUI - false
FF - user.js: browser.history_expire_days.mirror - 180
FF - user.js: browser.migration.version - 5
FF - user.js: browser.offline - false
FF - user.js: browser.places.smartBookmarksVersion - 2
FF - user.js: browser.preferences.advanced.selectedTabIndex - 2
FF - user.js: browser.rights.3.shown - true
FF - user.js: browser.search.defaultenginename - ICQ Search
FF - user.js: browser.search.param.yahoo-fr - chr-greentree_ff&type=685749
FF - user.js: browser.search.selectedEngine - Wikipedie (cs)
FF - user.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - user.js: browser.startup.homepage_override.buildID - 20110615151330
FF - user.js: browser.startup.homepage_override.mstone - rv:5.0
FF - user.js: browser.startup.page - 3
FF - user.js: browser.videoFeeds.handler - reader
FF - user.js: browser.videoFeeds.handler.default - client
FF - user.js: browser.videoFeeds.handlers.application - C:\\Program Files\\Real\\RealPlayer\\realplay.exe
FF - user.js: browser.visited_color - #800080
FF - user.js: extensions.blocklist.pingCountTotal - 73
FF - user.js: extensions.blocklist.pingCountVersion - 11
FF - user.js: extensions.bootstrappedAddons - {}
FF - user.js: extensions.databaseSchema - 3
FF - user.js: extensions.enabledAddons - jqs@sun.com:1.0,{ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.19,{1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.4,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,iobit@mybrowserbar.com:4.5,wtxpcom@mybrowserbar.com:4.5,{e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.6,{972ce4c6-7e08-4474-a285-3208198ce6fd}:5.0
FF - user.js: extensions.enabledItems - {20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1,{ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,jqs@sun.com:1.0,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48,{ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1,{1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16
FF - user.js: extensions.foxcub.addedModules -
FF - user.js: extensions.foxcub.config.encodedConfig - {\core\:{\configUrl\:\hxxp://download.seznam.cz/software/conf/\,\updateUrl\:\http://download.seznam.cz/software/conf ... f\,\domain\:[\seznam.cz\,\email.cz\,\spoluzaci.cz\,\post.cz\,\stream.cz\,\centrum.cz\,\vol.cz\,\volny.cz\,\gmail.com\,\atlas.cz\,\windowslive.com\,\inmail.sk\,\tiscali.cz\]},\email::centrum.cz\:{\server\:\pop3.centrum.cz:110\,\mode\:\pop3\,\compose\:\https://user.centrum.cz/??ego_user=${jm ... os}\,\site\:[\Google\,\Bing\,\Yahoo\,\Jyxo\,\Centrum\,\Morfeo\,\Ask\]},\highlight\:{\site\:[\Google\,\Seznam\,\Firmy\,\Encyklopedie\,\Bing\,\Yahoo\,\Jyxo\,\Centrum\,\Morfeo\,\Ask\]}}
FF - user.js: extensions.foxcub.config.lastUpdate - 1309783515830
FF - user.js: extensions.foxcub.homepage.address - hxxp://www.seznam.cz
FF - user.js: extensions.foxcub.homepage.state - 0
FF - user.js: extensions.foxcub.instance.id - 0401FBC3C5AD91F54B2C84E5B5873566628046806E68
FF - user.js: extensions.foxcub.instance.upgraded - false
FF - user.js: extensions.foxcub.instance.version - 2.0.10
FF - user.js: extensions.foxcub.logging.toFFConsole - false
FF - user.js: extensions.foxcub.logging.toFile - false
FF - user.js: extensions.foxcub.logging.toWin - false
FF - user.js: extensions.foxcub.mail.accountsBckp - {\m12ed0153618m6d\:{\login\:\o\,\username\:\o\,\domain\:\def_seznam.cz\,\password\:\mdvqm}67?\,\md5\:false,\passwordSave\:true,\fullName\:\o@seznam.cz\,\pop3ids\:[],\imapids\:[],\timestamp\:1309783472,\loginChanged\:false,\fullNameChanged\:false,\active\:true},\m12ed0166ddam90\:{\login\:\p\,\username\:p\,\domain\:\def_seznam.cz\,\password\:\hxwm`do\,\md5\:false,\passwordSave\:true,\fullName\:\p@seznam.cz\,\pop3ids\:[],\imapids\:[],\timestamp\:1305764394,\loginChanged\:false,\fullNameChanged\:false,\active\:true,\dblclickAccount\:true}}
FF - user.js: extensions.foxcub.mail.accountsDomains - {\def_seznam.cz\:{\name\:\seznam.cz\,\id\:\def_seznam.cz\,\attrs\:{\mode\:\biff\,\server\:\hxxp://notify.seznam.cz:80/RPC2\,\compose\:\http://email.seznam.cz/gate?pageId=comp ... f_Vodafone SMS\:{\name\:\Vodafone SMS\,\id\:\def_Vodafone SMS\,\attrs\:{\mode\:\off\,\server\:\\,\compose\:\https://samoobsluha.vodafone.cz/login.p ... ail}\,\ssl\:\\}}}
FF - user.js: extensions.foxcub.mail.accountsTimestamps - {\m12bc4b6adbbm1\:1300463759,\m12bc4b7f678m1\:1300402755}
FF - user.js: extensions.foxcub.mail.conf.lastCheck - 1309788242
FF - user.js: extensions.foxcub.mail.conf.lastIncome - 1309783515
FF - user.js: extensions.foxcub.mail.conf.weekIncome - 13
FF - user.js: extensions.foxcub.mail.enable - true
FF - user.js: extensions.foxcub.mail.optionchanged - false
FF - user.js: extensions.foxcub.prev.HP -
FF - user.js: extensions.foxcub.prev.KWD -
FF - user.js: extensions.foxcub.prev.search.selected -
FF - user.js: extensions.foxcub.release - 1
FF - user.js: extensions.foxcub.serachModules.inited - 0
FF - user.js: extensions.foxcub.speedDial.enabled - true
FF - user.js: extensions.foxcub.speedDial.items - [{\url\:\hxxp://www.uloz.to/\,\title\:\Uloz.to! - stahov\\u00e1n\\u00ed z rapidshare,ulozto, stahuj, sd\\u00edlej, obr\\u00e1zky, online video, na mobil\,\bookmarkId\:527,\bookmarkIndex\:7,\type\:\simple\},{\url\:\http://translate.google.com/#en|cs|\,\t ... ada\\u010d Google\,\bookmarkId\:563,\bookmarkIndex\:3,\type\:\simple\},{\url\:\http://www.ikariam.cz/\,\title\:\Ikaria ... \:\Ikariam - The free browser game\,\bookmarkId\:561,\bookmarkIndex\:5,\type\:\simple\},{\url\:\http://www.csfd.cz/\,\title\:\\\u010ces ... nsk\\u00e1 filmov\\u00e1 datab\\u00e1ze | \\u010cSFD.cz\,\bookmarkId\:505,\bookmarkIndex\:9,\type\:\simple\},{\url\:\http://sk.aukro.cz/\,\title\:\Aukro - Aukce OnLine\,\bookmarkId\:550,\bookmarkIndex\:6,\type\:\simple\},{\url\:\https://www.tipsport.cz/webtip-sandbox/ ... :\Tipsport - kursov\\u00e9 s\\u00e1zky\,\bookmarkId\:607,\bookmarkIndex\:2,\type\:\simple\},{\url\:\http://www.pop-art.cz/AhxPagFltCat.aspx ... \:\POP-ART, Dokumenty a obr\\u00e1zky n\\u00e1hrad\\u00edho d\\u00edlu\,\bookmarkId\:640,\bookmarkIndex\:1,\type\:\simple\},{\url\:\http://www.meteocentrum.cz/predpoved-po ... \:\YouTube - Broadcast Yourself.\,\bookmarkId\:435,\bookmarkIndex\:12,\type\:\simple\},{\url\:\http://www.hcocelari.cz/\,\title\:\HC Ocel\\u00e1\\u0159i T\\u0159inec \\u00bb ofici\\u00e1ln\\u00ed internetov\\u00e9 str\\u00e1nky\,\bookmarkId\:516,\bookmarkIndex\:8,\type\:\simple\},{\url\:\http://yowindow.com/online.html#tf=24&u ... \u0159inec - Living Weather!\,\bookmarkId\:468,\bookmarkIndex\:10,\type\:\simple\},{\url\:\http://net.t.cz/index.php?menuid=1\,\ti ... e\:\SMS.cz - bu\\u010f v pohod\\u011b\,\bookmarkId\:424,\bookmarkIndex\:13,\type\:\simple\},{\url\:\http://t.czt.net/t\,\title\:\Cz - 1. CZ Free - Seznam t\\u016f\,\bookmarkId\:413,\bookmarkIndex\:14,\type\:\simple\}]
FF - user.js: extensions.foxcub.speedDial.pageType - small
FF - user.js: extensions.foxcub.srank.enabled - true
FF - user.js: extensions.foxcub.srank.textEnabled - true
FF - user.js: extensions.foxcub.toolbar.enabled - false
FF - user.js: extensions.foxcub.translation.active - false
FF - user.js: extensions.foxcub.translation.delay - 3000
FF - user.js: extensions.foxcub.translation.direction - true
FF - user.js: extensions.foxcub.translation.enabled - true
FF - user.js: extensions.foxcub.translation.highlight - true
FF - user.js: extensions.foxcub.translation.language - en
FF - user.js: extensions.foxcub.translation.popup - true
FF - user.js: extensions.foxcub.translation.shownothing - false
FF - user.js: extensions.installCache - [{\name\:\winreg-app-global\,\addons\:{\{20a82645-c095-46ed-80e3-08825760534b}\:{\descriptor\:\C:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\,\mtime\:1286086705187},\Cetrumcz@igeared\:{\descriptor\:\C:\\\\Program Files\\\\CentrumczToolbar\\\\Firefox\\\\Cetrumcz@igeared\,\mtime\:1283580861531},\bkmrksync@nokia.com\:{\descriptor\:\C:\\\\Program Files\\\\Nokia\\\\Nokia PC Suite 7\\\\bkmrksync\,\mtime\:1293666682109},\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}\:{\descriptor\:\C:\\\\Program Files\\\\Nokia\\\\Nokia Ovi Suite\\\\Connectors\\\\Bookmarks Connector\\\\FirefoxExtension\,\mtime\:1294773001703},\{ABDE892B-13A8-4d1b-88E6-365A6E755758}\:{\descriptor\:\C:\\\\Documents and Settings\\\\All Users\\\\Data aplikacĂ­\\\\Real\\\\RealPlayer\\\\BrowserRecordPlugin\\\\Firefox\\\\Ext\,\mtime\:1295189985343},\jqs@sun.com\:{\descriptor\:\C:\\\\Program Files\\\\Java\\\\jre6\\\\lib\\\\deploy\\\\jqs\\\\ff\,\mtime\:1290326234781}}},{\name\:\app-global\,\addons\:{\iobit@mybrowserbar.com\:{\descriptor\:\C:\\\\Program Files\\\\IObit Toolbar\\\\FF\,\mtime\:1309511019500},\wtxpcom@mybrowserbar.com\:{\descriptor\:\C:\\\\Program Files\\\\Common Files\\\\Spigot\\\\wtxpcom\,\mtime\:1309533756781},\{972ce4c6-7e08-4474-a285-3208198ce6fd}\:{\descriptor\:\C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\,\mtime\:1308774912687},\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\:{\descriptor\:\C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\,\mtime\:1290326254234},\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\:{\descriptor\:\C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\,\mtime\:1292509268187},\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\:{\descriptor\:\C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\,\mtime\:1298101887500}}},{\name\:\app-profile\,\addons\:{\{1018e4d6-728f-4b20-ad56-37578a4de76b}\:{\descriptor\:\C:\\\\Documents and Settings\\\\Martin\\\\Data aplikacĂ­\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hky34qda.default\\\\extensions\\\\{1018e4d6-728f-4b20-ad56-37578a4de76b}\,\mtime\:1308397410765},\{20a82645-c095-46ed-80e3-08825760534b}\:{\descriptor\:\C:\\\\Documents and Settings\\\\Martin\\\\Data aplikacĂ­\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hky34qda.default\\\\extensions\\\\{20a82645-c095-46ed-80e3-08825760534b}\,\mtime\:1286203250296},\{800b5000-a755-47e1-992b-48a1c1357f07}\:{\descriptor\:\C:\\\\Documents and Settings\\\\Martin\\\\Data aplikacĂ­\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hky34qda.default\\\\extensions\\\\{800b5000-a755-47e1-992b-48a1c1357f07}\,\mtime\:1308577724939},\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}\:{\descriptor\:\C:\\\\Documents and Settings\\\\Martin\\\\Data aplikacĂ­\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hky34qda.default\\\\extensions\\\\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi\,\mtime\:1309783483937},\{ea614400-e918-4741-9a97-7a972ff7c30b}\:{\descriptor\:\C:\\\\Documents and Settings\\\\Martin\\\\Data aplikacĂ­\\\\Mozilla\\\\Firefox\\\\Profiles\\\\hky34qda.default\\\\extensions\\\\{ea614400-e918-4741-9a97-7a972ff7c30b}\,\mtime\:1308234552519}}}]
FF - user.js: extensions.lastAppVersion - 5.0
FF - user.js: extensions.pendingOperations - false
FF - user.js: extensions.update.notifyUser - false
FF - user.js: flagfox.warn.tld - disabled
FF - user.js: font.size.variable.x-central-euro - 15
FF - user.js: general.useragent.extra.microsoftdotnet - ( .NET CLR 3.5.30729)
FF - user.js: gfx.blacklist.direct2d - 2
FF - user.js: gfx.blacklist.layers.direct3d10 - 2
FF - user.js: gfx.blacklist.layers.direct3d10-1 - 2
FF - user.js: greasemonkey.enabled - false
FF - user.js: greasemonkey.haveInsertedToolbarbutton - true
FF - user.js: greasemonkey.scriptvals.Ikarium Solarium/Ikariam Solarium.FogEndTime - 06:50
FF - user.js: greasemonkey.scriptvals.Ikarium Solarium/Ikariam Solarium.FogStartTime - 03:18
FF - user.js: greasemonkey.scriptvals.Ikarium Solarium/Ikariam Solarium.LastWeatherCalculation - 6/11/2010
FF - user.js: greasemonkey.scriptvals.Ikarium Solarium/Ikariam Solarium.RainEndTime - 13:08
FF - user.js: greasemonkey.scriptvals.Ikarium Solarium/Ikariam Solarium.RainStartTime - 13:06
FF - user.js: greasemonkey.scriptvals.Ikarium Solarium/Ikariam Solarium.SnowEndTime - false
FF - user.js: greasemonkey.scriptvals.Ikarium Solarium/Ikariam Solarium.SnowStartTime - false
FF - user.js: greasemonkey.scriptvals.hxxp://userscripts.org/scripts/show/49151/Ikariam Aide-Memoire (Generals Score).ScriptUpdater_versionAvailable - 1.0.8b
FF - user.js: greasemonkey.scriptvals.hxxp://userscripts.org/scripts/show/49151/Ikariam Aide-Memoire (Generals Score).ScriptUpdator.lastCheck_49151 - 1283540193051
FF - user.js: greasemonkey.scriptvals.hxxp://userscripts.org/scripts/show/49151/Ikariam Aide-Memoire (Generals Score).ScriptUpdator.versionsOfferedFor_49151 - [\1.0.8b\]
FF - user.js: greasemonkey.scriptvals.hxxp://userscripts.org/scripts/show/49151/Ikariam Aide-Memoire (Generals Score).cz.s5.lastIsland - 447
FF - user.js: greasemonkey.scriptvals.hxxp://www.home.org/ikariam/military/Ikariam Military.Cache.s5.cz.ikariam.com. - {\trp\:[{\tip\:\phalanx\,\qty\:0},{\tip\:\steamgiant\,\qty\:70},{\tip\:\spearman\,\qty\:0},{\tip\:\swordsman\,\qty\:0},{\tip\:\slinger\,\qty\:0},{\tip\:\archer\,\qty\:0},{\tip\:\marksman\,\qty\:49},{\tip\:\ram\,\qty\:0},{\tip\:\catapult\,\qty\:0},{\tip\:\mortar\,\qty\:18},{\tip\:\gyrocopter\,\qty\:0},{\tip\:\bombardier\,\qty\:0},{\tip\:\cook\,\qty\:5},{\tip\:\medic\,\qty\:0}],\shp\:[{\tip\:\ship_ram\,\qty\:0},{\tip\:\ship_flamethrower\,\qty\:0},{\tip\:\ship_steamboat\,\qty\:1},{\tip\:\ship_ballista\,\qty\:0},{\tip\:\ship_catapult\,\qty\:0},{\tip\:\ship_mortar\,\qty\:0},{\tip\:\ship_submarine\,\qty\:0}]}
FF - user.js: greasemonkey.scriptvals.hxxp://www.home.org/ikariam/military/Ikariam Military.Cache.s5.cz.ikariam.com.up - {\trp\:{\phalanx\:{\att\:3,\def\:3},\steamgiant\:{\att\:3,\def\:3},\spearman\:{\att\:3,\def\:3},\swordsman\:{\att\:3,\def\:3},\slinger\:{\att\:3,\def\:3},\archer\:{\att\:3,\def\:3},\marksman\:{\att\:3,\def\:3},\ram\:{\att\:3,\def\:3},\catapult\:{\att\:3,\def\:3},\mortar\:{\att\:3,\def\:3},\gyrocopter\:{\att\:3,\def\:3},\bombardier\:{\att\:3,\def\:3},\cook\:{\att\:0,\def\:0},\medic\:{\att\:0,\def\:0}},\shp\:{\ship_ram\:{\att\:3,\def\:3},\ship_flamethrower\:{\att\:3,\def\:3},\ship_steamboat\:{\att\:3,\def\:3},\ship_ballista\:{\att\:3,\def\:3},\ship_catapult\:{\att\:3,\def\:3},\ship_mortar\:{\att\:3,\def\:3},\ship_submarine\:{\att\:3,\def\:3}}}
FF - user.js: greasemonkey.scriptvals.hxxp://www.home.org/ikariam/military/Ikariam Military.Cache.s9.cz.ikariam.com. - {\trp\:[{\tip\:\phalanx\,\qty\:0},{\tip\:\steamgiant\,\qty\:70},{\tip\:\spearman\,\qty\:0},{\tip\:\swordsman\,\qty\:19},{\tip\:\slinger\,\qty\:0},{\tip\:\archer\,\qty\:0},{\tip\:\marksman\,\qty\:47},{\tip\:\ram\,\qty\:0},{\tip\:\catapult\,\qty\:0},{\tip\:\mortar\,\qty\:18},{\tip\:\gyrocopter\,\qty\:30},{\tip\:\bombardier\,\qty\:0},{\tip\:\cook\,\qty\:0},{\tip\:\medic\,\qty\:0}]}
FF - user.js: greasemonkey.scriptvals.icariam/Ikariam Sexy Theme.ScriptUpdater_versionAvailable - 0.27
FF - user.js: greasemonkey.scriptvals.icariam/Ikariam Sexy Theme.ScriptUpdator.lastCheck_56757 - 1291673975987
FF - user.js: greasemonkey.scriptvals.icariam/Ikariam Sexy Theme.ScriptUpdator.versionsOfferedFor_56757 - [\0.27\]
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.townWallLevel - 15
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit0defense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit0offense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit10defense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit10offense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit11defense - 0
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit11offense - 0
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit12defense - 0
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit12offense - 0
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit1defense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit1offense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit2defense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit2offense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit3defense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit3offense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit4defense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit4offense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit5defense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit5offense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit6defense - 0
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit6offense - 0
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit7defense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit7offense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit8defense - 0
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit8offense - 0
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit9defense - 3
FF - user.js: greasemonkey.scriptvals.ikariamScript/Ikariam Inline Military Strength v1.0.unit9offense - 3
FF - user.js: greasemonkey.scriptvals.userscripts.org/Ikariam: End Time.ScriptUpdater_versionAvailable - 0.97
FF - user.js: greasemonkey.scriptvals.userscripts.org/Ikariam: End Time.ScriptUpdator.lastCheck_52268 - 1294916627020
FF - user.js: greasemonkey.scriptvals.userscripts.org/Ikariam: End Time.ScriptUpdator.versionsOfferedFor_52268 - [\0.96\, \0.97\]
FF - user.js: greasemonkey.version - 0.9.6
FF - user.js: icqtoolbar.allowSendURL - false
FF - user.js: icqtoolbar.engineVerified - false
FF - user.js: icqtoolbar.hiddenElements - itb_options
FF - user.js: icqtoolbar.installTime - 1284917587
FF - user.js: icqtoolbar.installsource - 1
FF - user.js: icqtoolbar.newtab_state - 1
FF - user.js: icqtoolbar.numberOfSearches - 0
FF - user.js: icqtoolbar.skip_default_search - yes
FF - user.js: icqtoolbar.suggestions - false
FF - user.js: icqtoolbar.uniqueID - 128483970812848391971284917587076
FF - user.js: icqtoolbar.usageStatstTimestamp - 1284917603
FF - user.js: icqtoolbar.xmlEnableSuggestions - false
FF - user.js: icqtoolbar.xmlLanguage - cs
FF - user.js: idle.lastDailyNotification - 1309685364
FF - user.js: intl.charsetmenu.browser.cache - ISO-8859-1, windows-1250, us-ascii, ISO-8859-2, UTF-8
FF - user.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=685749&p=
FF - user.js: microsoft.CLR.auto_install - false
FF - user.js: network.cookie.prefsMigrated - true
FF - user.js: network.proxy.type - 0
FF - user.js: places.database.lastMaintenance - 1309685370
FF - user.js: places.history.expiration.transient_current_max_pages - 31900
FF - user.js: places.last_vacuum - 1299373480
FF - user.js: plugin.disable_full_page_plugin_for_types - video/x-ms-wm
FF - user.js: pref.browser.homepage.disable_button.current_page - false
FF - user.js: pref.downloads.disable_button.edit_actions - false
FF - user.js: pref.privacy.disable_button.view_passwords - false
FF - user.js: privacy.sanitize.migrateFx3Prefs - true
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: services.sync.clients.lastSync - 0
FF - user.js: services.sync.clients.lastSyncLocal - 0
FF - user.js: services.sync.migrated - true
FF - user.js: services.sync.tabs.lastSync - 0
FF - user.js: services.sync.tabs.lastSyncLocal - 0
FF - user.js: storage.vacuum.last.index - 1
FF - user.js: storage.vacuum.last.places.sqlite - 1307298094
FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1309888034
FF - user.js: xpinstall.whitelist.add -
FF - user.js: xpinstall.whitelist.add.36 -

- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-ICQToolbar - C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-Smart Defrag 2_is1 - C:\Program Files\IObit\Smart Defrag 2\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-23 01:20:46
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

[Morfusof]

Ještě mám takový maly dotaz?!kamarád co mi to jakoby poslal na fb použil cituji:: SuperAntispyvare plus avast a kompled vyčisteni a myslí si že je to už dobré,ale podle mě neni. Co vy nato?
díky za odpověd.

[vyosek]

Urcite bych doporucil kamaradovi kontrolu u nas na foru

Jak se chova PC

[Morfusof]

Už jsem kamašovi posílal odkaz tak doufám že se tu ukáže.
Zatím jede suprově i se zrychlil.Díky moc za pomoc.

[vyosek]

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Projedte PC timto http://go.microsoft.com/?linkid=9748340 a jeste timto http://download.microsoft.com/download/ ... leanUp.exe

Nainstalujte Avast Free nebo MSE

Dejte novy log z RSIT a napiste jak se chova PC

[Morfusof]

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahl jsem spustil a ono se to nerestartlo samo ?

[vyosek]

Nevadi, pokracujte dale...

[Morfusof]

PC se chová normálně

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2011-08-23 22:34:10
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 52 GB (63%) free of 82 GB
Total RAM: 1014 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:34:21, on 23.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Documents and Settings\All Users\Data aplikací\Easybits GO\EasyBitsGO.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ICQ7.5\ICQ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ScreenShots\ScreenShots.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Martin\Dokumenty\Programy z netu\RSIT.exe
C:\Program Files\trend micro\Martin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cz.ikariam.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Lišta Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [EasyBits GO] "C:\Documents and Settings\All Users\Data aplikací\Easybits GO\EasyBitsGO.exe" /silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: ScreenShots.lnk = C:\Program Files\ScreenShots\ScreenShots.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: ScreenShots.lnk = C:\Program Files\ScreenShots\ScreenShots.exe (User 'Default user')
O4 - Startup: ScreenShots.lnk = C:\Program Files\ScreenShots\ScreenShots.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files\CentrumczToolbar\IEToolbar.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 0: (no name) - About:Home

--
End of file - 8733 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Norton Security Scan for Martin.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-18.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1498952867-1371975161-1665362881-1006.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-18.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1498952867-1371975161-1665362881-1006.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{4C726153-CAD8-42D6-A282-4C6C0AFD3417}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\hky34qda.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =685749&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"Cetrumcz@igeared"=C:\Program Files\CentrumczToolbar\Firefox\Cetrumcz@igeared
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609]
"Description"=12.0.1.609
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll
npwachk.dll

C:\Program Files\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\hky34qda.default\extensions\
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\hky34qda.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-01-16 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-15 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-23 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-03 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-07 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-08-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-07 1068904]
{D5D47440-0750-463D-BAEF-A47D02414806} - Lišta Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2010-03-26 1286448]
{855F3B16-6D32-4FE6-8A56-BBB695989046}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-11-19 83240]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EasyBits GO"=C:\Documents and Settings\All Users\Data aplikací\Easybits GO\EasyBitsGO.exe [2011-05-28 423296]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-06-15 15141768]
"ICQ"=C:\Program Files\ICQ7.5\ICQ.exe [2011-08-01 124480]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-27 3883840]

C:\Documents and Settings\Martin\Nabídka Start\Programy\Po spuštění
ScreenShots.lnk - C:\Program Files\ScreenShots\ScreenShots.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-09-24 205312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableSecureUIAPaths"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoInstrumentation"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Disabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Disabled:KTF MUSIC VoD Server"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Disabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Disabled:Windows Live Sync"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Disabled:Winamp"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Disabled:Nokia Software Updater"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-08-23 22:34:10 ----DC---- C:\rsit
2011-08-23 22:22:42 ----DC---- C:\WINSSLog
2011-08-23 21:57:44 ----D---- C:\Program Files\CCleaner
2011-08-23 21:26:27 ----SDC---- C:\Uninstall
2011-08-23 01:49:00 ----SHDC---- C:\RECYCLER
2011-08-23 01:18:20 ----D---- C:\WINDOWS\temp
2011-08-22 22:21:01 ----D---- C:\Program Files\trend micro
2011-08-22 17:43:15 ----A---- C:\WINDOWS\system32\Thawbrkr.dll
2011-08-22 17:43:12 ----A---- C:\WINDOWS\system32\c_iscii.dll
2011-08-22 17:43:08 ----A---- C:\WINDOWS\system32\kbdusa.dll
2011-08-22 17:42:54 ----A---- C:\WINDOWS\system32\ftlx041e.dll
2011-08-22 14:13:48 ----D---- C:\WINDOWS\Minidump
2011-08-22 00:06:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-08-22 00:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-08-21 23:57:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-08-21 19:51:22 ----AC---- C:\Boot.bak
2011-08-21 19:51:13 ----RASHDC---- C:\cmdcons
2011-08-21 18:55:27 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-08-21 18:55:10 ----D---- C:\WINDOWS\system32\drivers\NSS
2011-08-21 18:55:09 ----D---- C:\Program Files\Norton Security Scan
2011-08-21 18:55:08 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Norton
2011-08-21 18:55:04 ----DC---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2011-08-21 18:55:04 ----D---- C:\Program Files\NortonInstaller
2011-08-21 18:50:38 ----D---- C:\WINDOWS\system32\Adobe
2011-08-21 18:47:34 ----D---- C:\Program Files\Common Files\Java
2011-08-21 18:47:17 ----A---- C:\WINDOWS\system32\javaws.exe
2011-08-21 18:47:17 ----A---- C:\WINDOWS\system32\javaw.exe
2011-08-21 18:47:17 ----A---- C:\WINDOWS\system32\java.exe
2011-08-21 15:32:26 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-08-21 15:32:26 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-08-21 15:32:25 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-08-21 15:32:25 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-08-21 15:32:24 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-08-21 15:32:24 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-08-21 15:32:24 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-08-21 15:32:24 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-08-21 15:32:09 ----A---- C:\WINDOWS\avastSS.scr
2011-08-21 15:32:07 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-08-21 14:23:26 ----DC---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-08-21 14:23:26 ----D---- C:\Program Files\AVAST Software
2011-08-21 13:15:44 ----D---- C:\Documents and Settings\Martin\Data aplikací\SUPERAntiSpyware.com
2011-08-21 13:15:31 ----DC---- C:\Documents and Settings\All Users\Data aplikací\!SASCORE
2011-08-21 13:15:25 ----DC---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-08-21 13:15:25 ----D---- C:\Program Files\SUPERAntiSpyware
2011-08-21 12:33:10 ----DC---- C:\3d17dadf973743a5c3baa68a8bd9
2011-08-21 12:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-08-21 12:31:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-08-21 12:26:07 ----D---- C:\Documents and Settings\Martin\Data aplikací\Search Settings
2011-08-21 12:26:00 ----D---- C:\Program Files\Microsoft Security Client
2011-08-21 10:43:34 ----D---- C:\Program Files\IObit Toolbar(2)
2011-08-20 12:38:37 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-08-20 12:37:25 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-08-20 12:33:33 ----A---- C:\WINDOWS\unrar.exe
2011-08-20 12:30:38 ----A---- C:\WINDOWS\iplist.txt
2011-08-20 12:29:55 ----A---- C:\WINDOWS\front_ip_list.txt
2011-08-20 12:04:49 ----A---- C:\WINDOWS\winlog-ids.txt
2011-08-20 12:04:49 ----A---- C:\WINDOWS\winlog-dirs.txt
2011-07-25 18:15:52 ----A---- C:\WINDOWS\system32\ezGOSvcApp.exe
2011-07-25 18:15:51 ----A---- C:\WINDOWS\system32\ezGOSvc.dll

======List of files/folders modified in the last 1 month======

2011-08-23 22:34:16 ----D---- C:\WINDOWS\Prefetch
2011-08-23 22:26:50 ----D---- C:\Documents and Settings\Martin\Data aplikací\Skype
2011-08-23 22:26:32 ----SD---- C:\WINDOWS\Tasks
2011-08-23 22:26:15 ----D---- C:\WINDOWS
2011-08-23 22:24:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-23 22:23:36 ----RD---- C:\Program Files
2011-08-23 22:23:35 ----D---- C:\WINDOWS\system32\drivers
2011-08-23 22:19:54 ----SHD---- C:\WINDOWS\Installer
2011-08-23 22:19:35 ----DC---- C:\Config.Msi
2011-08-23 22:09:32 ----SHD---- C:\System Volume Information
2011-08-23 22:09:32 ----D---- C:\WINDOWS\system32\Restore
2011-08-23 22:00:46 ----D---- C:\WINDOWS\Logs
2011-08-23 21:42:51 ----D---- C:\WINDOWS\system32
2011-08-23 21:42:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-08-23 21:36:20 ----D---- C:\Documents and Settings\Martin\Data aplikací\go
2011-08-23 16:57:48 ----D---- C:\Documents and Settings\Martin\Data aplikací\ICQ
2011-08-23 01:21:52 ----AC---- C:\WINDOWS\system.ini
2011-08-23 01:20:29 ----D---- C:\WINDOWS\system32\drivers\etc
2011-08-23 01:18:52 ----D---- C:\WINDOWS\system32\config
2011-08-23 01:13:49 ----D---- C:\WINDOWS\AppPatch
2011-08-23 01:13:47 ----D---- C:\Program Files\Common Files
2011-08-23 01:07:46 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-23 00:26:48 ----D---- C:\WINDOWS\WinSxS
2011-08-22 17:43:22 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-08-22 17:43:15 ----RSD---- C:\WINDOWS\Fonts
2011-08-22 17:42:51 ----D---- C:\WINDOWS\Help
2011-08-22 16:02:21 ----D---- C:\WINDOWS\Debug
2011-08-22 14:15:10 ----DC---- C:\Documents and Settings
2011-08-22 00:26:47 ----RSD---- C:\WINDOWS\assembly
2011-08-22 00:14:59 ----D---- C:\WINDOWS\Microsoft.NET
2011-08-22 00:06:39 ----HD---- C:\WINDOWS\inf
2011-08-22 00:06:01 ----HD---- C:\WINDOWS\$hf_mig$
2011-08-21 21:59:24 ----D---- C:\WINDOWS\system32\Side 9 Screensaver dir
2011-08-21 21:52:20 ----DC---- C:\Documents and Settings\All Users\Data aplikací\IObit
2011-08-21 21:28:10 ----D---- C:\Documents and Settings\Martin\Data aplikací\IObit
2011-08-21 20:15:06 ----SD---- C:\Documents and Settings\Martin\Data aplikací\Microsoft
2011-08-21 20:15:06 ----D---- C:\Documents and Settings\Martin\Data aplikací\Adobe
2011-08-21 19:51:22 ----RASHC---- C:\boot.ini
2011-08-21 18:54:06 ----D---- C:\Program Files\Common Files\Adobe
2011-08-21 18:53:51 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-08-21 18:53:47 ----D---- C:\Program Files\Adobe
2011-08-21 18:47:11 ----D---- C:\Program Files\Java
2011-08-21 17:31:37 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-08-21 12:33:16 ----A---- C:\WINDOWS\system32\MRT.exe
2011-08-21 12:33:01 ----D---- C:\Program Files\Internet Explorer
2011-08-21 12:26:27 ----D---- C:\WINDOWS\system32\wbem
2011-08-21 12:26:27 ----D---- C:\WINDOWS\Registration
2011-08-17 18:30:46 ----D---- C:\Program Files\Mozilla Firefox
2011-08-06 02:16:49 ----DC---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2011-08-04 18:41:47 ----D---- C:\Program Files\ICQ7.5
2011-08-01 23:10:23 ----DC---- C:\Filmy
2011-07-30 20:22:35 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
2011-07-26 16:32:10 ----RD---- C:\Program Files\Skype
2011-07-26 16:32:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-07-25 18:25:22 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Skype Extras
2011-07-25 17:08:54 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2009-06-04 330264]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-29 685816]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 AsUpIO;AsUpIO; C:\WINDOWS\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-06 54752]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-08-12 1582624]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-09-24 6301696]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-04-09 5913632]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-07-27 44032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2011-06-29 47360]
R3 rtsuvc;Realtek USB2.0 PC Camera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2010-02-04 73088]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-11-19 230448]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-19 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-15 226656]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-06 704864]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-06 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------