nemohu nainstalovat Office

Zpráva

kachna20 · #1 Příspěvek od **kachna20** » 18 zář 2011 13:13

Logfile of random's system information tool 1.09 (written by random/random)
Run by Kachna at 2011-09-18 13:39:57
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 48 GB (20%) free of 234 GB
Total RAM: 2039 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:40:18, on 18.9.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\WINDOWS\system32\igfxsrvc.exe
c:\WINDOWS\system32\ifxspmgt.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
c:\WINDOWS\system32\ifxtcs.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
c:\WINDOWS\system32\IfxPsdSv.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\ASScrPro.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\CfgWiz.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\P4P\P4P.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\acovcnt.exe
C:\Program Files\Winamp\winampa.exe
c:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\msiexec.exe
c:\WINDOWS\system32\MsiExec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Kachna\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Kachna.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=15383
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\PROGRA~1\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\ASScrPro.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IS CfgWiz] "c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" /MODULE CfgWiz /GUID {BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [IFXSPMGT] c:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [MultiFrame] C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files\Zrychleni Pocitace\PCSpeedUp.lnk
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: ASUS Security Protect Manager e-Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra 'Tools' menuitem: ASUS Security Protect Manager e-&Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\APSHook.dll
O20 - Winlogon Notify: OneCard - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\WINDOWS\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\WINDOWS\system32\ifxtcs.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - c:\WINDOWS\system32\IfxPsdSv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 19271 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\WGASetup.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Kachna\Data aplikací\Mozilla\Firefox\Profiles\n9lmbglm.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.14, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, foxdie_ext_ocelot@foxdie.us:3.6.4, plugin2@gameplaylabs.com:2.0, engine@conduit.com:3.3.3.2, {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, FoxdieGraphite@tanjihay.com:3.6.4"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="

"{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}"=C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\Plugin_FireFox
"m3ffxtbr@mywebsearch.com"=C:\Program Files\MyWebSearch\bar\2.bin
"ShopperReports@ShopperReports.com"=C:\Program Files\ShopperReports3\bin\3.1.71.0\firefox\firefoxtoolbar\extensions
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46]
"Description"=6.0.12.46
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
browsercomps.dll
binary.manifest
nsIBitCometAgent.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
npBitCometAgent.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Kachna\Data aplikací\Mozilla\Firefox\Profiles\n9lmbglm.default\extensions\
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
{ea614400-e918-4741-9a97-7a972ff7c30b}
{872b5b88-9db5-4310-bdd0-ac189557e5f5}

C:\Documents and Settings\Kachna\Data aplikací\Mozilla\Firefox\Profiles\n9lmbglm.default\searchplugins\
conduit.xml
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11222041-111B-46E3-BD29-EFB2449479B1}]
IEPlugin Class - C:\PROGRA~1\ArcSoft\MEDIAC~1\INTERN~1\ARCURL~1.DLL [2008-12-24 145920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-01-11 96936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11 767280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45AD732C-2CE2-4666-B366-B2214AD57A49}]
Idea2 SidebarBrowserMonitor Class - C:\Program Files\Desktop Sidebar\sbhelp.dll [2006-07-09 278528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-09-02 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-07-10 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
ASUS Security Protect Manager - c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll [2006-11-23 70928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-01-11 607888]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-09-02 305328]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-08-11 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-08-11 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-08-11 137752]
"ATKHOTKEY"=C:\Program Files\ATK Hotkey\Hcontrol.exe [2007-06-29 225280]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-07-03 7708672]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-19 2879488]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-17 16270848]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-08-10 573440]
"ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-07-19 49520]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-15 815104]
"ASUS Camera ScreenSaver"=C:\WINDOWS\ASScrProlog.exe [2008-06-02 37232]
"ASUS Screen Saver Protector"=C:\WINDOWS\ASScrPro.exe [2008-06-02 33136]
"ABLKSR"=C:\WINDOWS\ABLKSR\ABLKSR.exe [2006-01-06 61440]
"RemoteControl"=C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [2007-01-08 68640]
"LanguageShortcut"=C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe [2007-01-08 52256]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-06-01 1629744]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-06-01 1057328]
"ccApp"=c:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-01-09 115816]
"IS CfgWiz"=c:\Program Files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe [2007-01-12 431752]
"osCheck"=c:\Program Files\Norton Internet Security\osCheck.exe [2007-01-13 771704]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"PowerForPhone"=C:\Program Files\P4P\P4P.exe [2007-07-19 778240]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2007-06-26 851968]
"IFXSPMGT"=c:\WINDOWS\system32\ifxspmgt.exe [2007-03-03 677408]
"CognizanceTS"=c:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll [2003-12-24 17920]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-06-01 823296]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-06-01 974848]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe [2002-07-11 188416]
"SsAAD.exe"=C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe [2006-01-07 81920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MultiFrame"=C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe [2007-06-21 999792]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-06-20 451872]
"RocketDock"=C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-08-08 39408]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
"PCSpeedUp"=C:\Program Files\Zrychleni Pocitace\PCSpeedUp.lnk [2011-08-12 1913]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

C:\Documents and Settings\Kachna\Nabídka Start\Programy\Po spuštění
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-08 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OneCard]
c:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll [2007-02-09 74240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=serwvdrv.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.tscc"=C:\PROGRA~1\MpcStar\Codecs\tscc\tsccvid.dll
"VIDC.FMVC"=fmcodec.dll

======List of files/folders created in the last 1 month======

2011-09-18 13:39:58 ----D---- C:\Program Files\trend micro
2011-09-18 13:39:57 ----D---- C:\rsit
2011-09-18 10:30:35 ----A---- C:\WINDOWS\system32\acovcnt.exe
2011-09-18 10:26:12 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-09-18 10:26:12 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-09-18 10:26:09 ----A---- C:\WINDOWS\system32\drivers\aswFW.sys
2011-09-18 10:25:47 ----A---- C:\WINDOWS\system32\drivers\aswNdis2.sys
2011-09-18 10:25:46 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-09-18 10:25:46 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-09-18 10:25:46 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-09-18 10:25:45 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-09-18 10:25:45 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-09-18 10:25:45 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-09-18 10:25:27 ----A---- C:\WINDOWS\system32\drivers\aswNdis.sys
2011-09-18 10:25:27 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-09-18 10:25:27 ----A---- C:\WINDOWS\avastSS.scr
2011-09-18 10:25:07 ----D---- C:\Program Files\AVAST Software
2011-09-18 10:25:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-09-18 10:06:18 ----SHD---- C:\FOUND.358
2011-09-18 00:38:01 ----A---- C:\ComboFix.txt
2011-09-18 00:34:46 ----SHD---- C:\Recycled
2011-09-18 00:24:00 ----D---- C:\ComboFix
2011-09-17 23:47:41 ----A---- C:\Boot.bak
2011-09-17 23:47:36 ----RASHD---- C:\cmdcons
2011-09-17 23:43:53 ----A---- C:\WINDOWS\NIRCMD.exe
2011-09-17 23:43:53 ----A---- C:\WINDOWS\MBR.exe
2011-09-17 23:43:52 ----A---- C:\WINDOWS\PEV.exe
2011-09-17 23:43:51 ----A---- C:\WINDOWS\zip.exe
2011-09-17 23:43:51 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-09-17 23:43:51 ----A---- C:\WINDOWS\SWSC.exe
2011-09-17 23:43:51 ----A---- C:\WINDOWS\SWREG.exe
2011-09-17 23:43:51 ----A---- C:\WINDOWS\sed.exe
2011-09-17 23:43:51 ----A---- C:\WINDOWS\grep.exe
2011-09-17 23:43:25 ----D---- C:\WINDOWS\ERDNT
2011-09-17 23:39:14 ----D---- C:\Qoobox
2011-09-17 16:50:58 ----D---- C:\FOUND.357
2011-09-16 09:40:09 ----HD---- C:\WINDOWS\$NtUninstallKB2616676$
2011-09-16 09:38:10 ----HD---- C:\WINDOWS\$NtUninstallKB2570947$
2011-09-14 12:34:48 ----D---- C:\FOUND.356
2011-09-13 13:43:28 ----D---- C:\FOUND.355
2011-09-12 13:27:12 ----D---- C:\FOUND.354
2011-09-11 13:41:14 ----RD---- C:\MSOCache
2011-09-11 10:45:08 ----D---- C:\FOUND.353
2011-09-10 16:46:15 ----D---- C:\sql2ksp3
2011-09-10 16:11:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\LightScribe
2011-09-10 16:09:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2011-09-10 16:06:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Intel
2011-09-10 16:06:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Infineon
2011-09-10 16:05:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\ArcSoft
2011-09-10 16:04:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2011-09-10 16:04:01 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-09-10 15:46:16 ----D---- C:\Config.Msi
2011-09-10 14:56:33 ----A---- C:\WINDOWS\system32\msonpmon.dll
2011-09-10 14:09:12 ----D---- C:\Documents and Settings\Kachna\Data aplikací\Ipswitch
2011-09-10 14:08:25 ----D---- C:\Program Files\Ipswitch
2011-09-08 23:15:48 ----D---- C:\WINDOWS\Prefetch
2011-09-08 23:00:24 ----HD---- C:\WINDOWS\$NtUninstallKB971486$
2011-09-08 23:00:07 ----HD---- C:\WINDOWS\$NtUninstallKB969059$
2011-09-08 22:59:56 ----HD---- C:\WINDOWS\$NtUninstallKB974112$
2011-09-08 22:59:45 ----HD---- C:\WINDOWS\$NtUninstallKB975025$
2011-09-08 22:59:35 ----HD---- C:\WINDOWS\$NtUninstallKB974571$
2011-09-08 22:59:25 ----HD---- C:\WINDOWS\$NtUninstallKB975467$
2011-09-08 22:59:08 ----HD---- C:\WINDOWS\$NtUninstallKB968389$
2011-09-08 22:58:49 ----HD---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-09-08 22:58:35 ----HD---- C:\WINDOWS\$NtUninstallKB946648$
2011-09-08 22:58:13 ----HD---- C:\WINDOWS\$NtUninstallKB956803$
2011-09-08 22:57:56 ----HD---- C:\WINDOWS\$NtUninstallKB956572$
2011-09-08 22:57:43 ----HD---- C:\WINDOWS\$NtUninstallKB956844$
2011-09-08 22:57:32 ----HD---- C:\WINDOWS\$NtUninstallKB938464-v2$
2011-09-08 22:57:20 ----HD---- C:\WINDOWS\$NtUninstallKB973869$
2011-09-08 22:57:08 ----HD---- C:\WINDOWS\$NtUninstallKB950762$
2011-09-08 22:56:55 ----HD---- C:\WINDOWS\$NtUninstallKB957097$
2011-09-08 22:56:42 ----HD---- C:\WINDOWS\$NtUninstallKB958687$
2011-09-08 22:56:30 ----HD---- C:\WINDOWS\$NtUninstallKB952287$
2011-09-08 22:56:16 ----HD---- C:\WINDOWS\$NtUninstallKB973354$
2011-09-08 22:56:03 ----HD---- C:\WINDOWS\$NtUninstallKB951066$
2011-09-08 22:55:37 ----HD---- C:\WINDOWS\$NtUninstallKB973815$
2011-09-08 22:55:16 ----HD---- C:\WINDOWS\$NtUninstallKB954600$
2011-09-08 22:55:03 ----HD---- C:\WINDOWS\$NtUninstallKB955069$
2011-09-08 22:54:51 ----HD---- C:\WINDOWS\$NtUninstallKB956802$
2011-09-08 22:54:38 ----HD---- C:\WINDOWS\$NtUninstallKB923561$
2011-09-08 22:54:27 ----HD---- C:\WINDOWS\$NtUninstallKB952954$
2011-09-08 22:54:01 ----HD---- C:\WINDOWS\$NtUninstallKB959426$
2011-09-08 22:53:43 ----HD---- C:\WINDOWS\$NtUninstallKB960859$
2011-09-08 22:53:20 ----HD---- C:\WINDOWS\$NtUninstallKB950974$
2011-09-08 22:53:05 ----HD---- C:\WINDOWS\$NtUninstallKB971557$
2011-09-08 22:52:51 ----HD---- C:\WINDOWS\$NtUninstallKB960225$
2011-09-08 22:52:39 ----HD---- C:\WINDOWS\$NtUninstallKB961501$
2011-09-08 22:52:28 ----HD---- C:\WINDOWS\$NtUninstallKB971633$
2011-09-08 22:52:15 ----HD---- C:\WINDOWS\$NtUninstallKB952004$
2011-09-08 22:52:03 ----HD---- C:\WINDOWS\$NtUninstallKB973507$
2011-09-08 22:51:53 ----HD---- C:\WINDOWS\$NtUninstallKB967715$
2011-09-08 22:51:40 ----HD---- C:\WINDOWS\$NtUninstallKB951748$
2011-09-08 22:51:29 ----HD---- C:\WINDOWS\$NtUninstallKB970238$
2011-09-08 22:51:16 ----HD---- C:\WINDOWS\$NtUninstallKB960803$
2011-09-08 22:50:54 ----HD---- C:\WINDOWS\$NtUninstallKB968537$
2011-09-08 22:50:41 ----HD---- C:\WINDOWS\$NtUninstallKB961371-v2$
2011-09-08 22:50:30 ----HD---- C:\WINDOWS\$NtUninstallKB971657$
2011-09-08 22:50:14 ----HD---- C:\WINDOWS\$NtUninstallKB958644$
2011-09-08 22:49:01 ----N---- C:\WINDOWS\system32\ieencode.dll
2011-09-08 22:47:54 ----A---- C:\WINDOWS\000001_.tmp
2011-09-08 20:00:34 ----N---- C:\WINDOWS\system32\spmsg2.dll
2011-09-08 20:00:28 ----HD---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2011-09-08 19:56:16 ----D---- C:\WINDOWS\system32\XPSViewer
2011-09-08 19:56:10 ----D---- C:\Program Files\MSBuild
2011-09-08 19:56:05 ----D---- C:\WINDOWS\system32\en-US
2011-09-08 19:55:54 ----D---- C:\Program Files\Reference Assemblies
2011-09-08 10:18:31 ----HD---- C:\WINDOWS\$NtUninstallKB2607712$
2011-09-07 13:26:18 ----D---- C:\FOUND.352
2011-09-06 13:01:04 ----D---- C:\FOUND.351
2011-09-04 18:54:57 ----D---- C:\Program Files\Microsoft Office
2011-09-02 13:05:44 ----D---- C:\FOUND.350
2011-09-01 09:31:40 ----D---- C:\FOUND.349
2011-08-25 18:01:39 ----HD---- C:\WINDOWS\$NtUninstallKB2570791$

======List of files/folders modified in the last 1 month======

2011-09-18 13:34:36 ----A---- C:\WINDOWS\ModemLog_Motorola SM56 Speakerphone Modem.txt
2011-09-18 11:49:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-09-18 00:34:42 ----A---- C:\WINDOWS\system.ini
2011-09-17 23:47:42 ----RASH---- C:\boot.ini
2011-09-16 09:38:24 ----A---- C:\WINDOWS\system32\MRT.exe
2011-09-16 09:38:18 ----A---- C:\WINDOWS\imsins.BAK
2011-09-13 00:22:20 ----A---- C:\WINDOWS\NeroDigital.ini
2011-09-10 15:49:44 ----A---- C:\WINDOWS\win.ini
2011-09-10 10:24:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-09-09 11:12:04 ----A---- C:\WINDOWS\system32\crypt32.dll
2011-09-08 23:14:48 ----A---- C:\WINDOWS\setuplog.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\aswNdis.sys [2011-09-06 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\WINDOWS\system32\drivers\aswNdis2.sys [2011-09-06 195416]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-09-06 30808]
R1 aswFW;avast! TDI Firewall driver; C:\WINDOWS\system32\drivers\aswFW.sys [2011-09-06 111320]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-06-01 37040]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-06-01 38576]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ItSDisk;ItSDisk; C:\WINDOWS\System32\Drivers\ItSDisk.sys [2006-05-19 23232]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2007-01-29 39080]
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2007-01-11 25400]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-01-09 191544]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.4.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-06-03 21393]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-09-06 110552]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-05-29 12416]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l151x86.sys [2007-08-31 36864]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2007-06-16 146824]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-08 5776864]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-01-29 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-18 4225920]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-27 5632]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-17 7680]
R3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-06-21 2208512]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-08-10 980608]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-09-30 1769984]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-10-15 198976]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-06-01 118704]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Kachna\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101376]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070110.052\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070110.052\NAVEX15.SYS []
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2007-01-11 247608]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2007-01-11 276792]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20070108.003\SymIDSCo.sys []
S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-01-09 27576]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 ASBroker;Logon Session Broker; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 ASChannel;Local Communication Channel; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-01-05 554616]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2011-09-06 127192]
R2 ccEvtMgr;Symantec Event Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 ccSetMgr;Symantec Settings Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-06-01 647168]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\WINDOWS\system32\ifxspmgt.exe [2007-03-03 677408]
R2 IFXTCS;Trusted Platform Core Service; c:\WINDOWS\system32\ifxtcs.exe [2007-02-28 849440]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-06-01 1551408]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 PersonalSecureDriveService;Personal Secure Drive Service; c:\WINDOWS\system32\IfxPsdSv.exe [2007-02-28 140832]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-06-01 327680]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-08 171040]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-06-01 987136]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-28 123248]
R2 SymAppCore;Symantec AppCore Service; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2007-01-04 47712]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-08 135664]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 comHost;COM Host; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-01-12 49248]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-08 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-08-08 182768]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ISPwdSvc;Symantec IS Password Validation; c:\Program Files\Norton Internet Security\isPwdSvc.exe [2007-01-13 80504]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-01-05 2918008]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2005-11-24 53337]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2005-11-24 53337]
S3 SerialKeys;SerialKeys; C:\WINDOWS\system32\skeys.exe [2008-04-14 26112]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2005-11-24 69718]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2006-01-06 69632]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-06-03 1174664]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Roli** » 18 zář 2011 13:56

Zdravím, proč tam máš dvoje zabezpečení ?

Plnou verzi Avastu a Norton Internet Security, to na jednom systému není dobré.

Tohle fixni v HJT :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=15383
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\ASUSTek\ASUSDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing)

HJT najdeš zde :

C:\Program Files\trend micro\Kachna.exe

Fix znamená že spustíš HJT Obrázek

jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

Služba Google Update (gupdate)

Služba Google Update (gupdatem)

Google Software Updater (gusvc)

ICQ Service

InCD Helper (InCDsrv)

NBService - Nero AG

NMIndexingService - Nero AG

Cyberlink RichVideo Service

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.

Přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj ICQ6Toolbar

Koukám že tam máš ComboFix, to znamená že s ním asi umíš tak že ho použij dej mi sem z něj log.

kachna20 · #3 Příspěvek od **kachna20** » 18 zář 2011 17:18

Děkuju mockrát za rady

) a tady je lob z ComboFix...

ComboFix 11-09-17.03 - Kachna 18.09.2011 18:06:53.4.2 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2039.1452 [GMT 2:00]
Spuštěný z: c:\documents and settings\Kachna\Dokumenty\Stažené soubory\ComboFix.exe
AV: Norton Internet Security *Disabled/Outdated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\windows\WindowsUpdate.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-18 do 2011-09-18 )))))))))))))))))))))))))))))))
.
.
2011-09-18 16:03 . 2011-09-18 16:13 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-09-18 15:26 . 2011-09-18 15:26 -------- d-----w- C:\FOUND.359
2011-09-18 11:39 . 2011-09-18 11:40 -------- d-----w- c:\program files\trend micro
2011-09-18 11:39 . 2011-09-18 11:39 -------- d-----w- C:\rsit
2011-09-18 08:25 . 2011-09-18 08:25 -------- d-----w- c:\program files\AVAST Software
2011-09-18 08:06 . 2011-09-18 08:06 -------- d-----w- C:\FOUND.358
2011-09-17 14:50 . 2011-09-17 14:50 -------- d-----w- C:\FOUND.357
2011-09-14 10:34 . 2011-09-14 10:34 -------- d-----w- C:\FOUND.356
2011-09-13 11:43 . 2011-09-13 11:43 -------- d-----w- C:\FOUND.355
2011-09-12 11:27 . 2011-09-12 11:27 -------- d-----w- C:\FOUND.354
2011-09-11 11:41 . 2011-09-11 11:41 -------- d-----r- C:\MSOCache
2011-09-11 08:45 . 2011-09-11 08:45 -------- d-----w- C:\FOUND.353
2011-09-10 14:46 . 2011-09-10 14:46 -------- d-----w- C:\sql2ksp3
2011-09-10 14:04 . 2011-09-10 14:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací
2011-09-10 12:56 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2011-09-10 12:56 . 2006-10-26 17:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2011-09-10 12:09 . 2011-09-10 12:09 -------- d-----w- c:\documents and settings\Kachna\Data aplikací\Ipswitch
2011-09-10 12:08 . 2011-09-10 12:08 -------- d-----w- c:\program files\Ipswitch
2011-09-08 20:49 . 2008-04-14 06:51 81920 ------w- c:\windows\system32\ieencode.dll
2011-09-08 20:47 . 2006-12-28 22:31 19569 ----a-w- c:\windows\000001_.tmp
2011-09-08 19:24 . 2011-09-08 19:24 -------- d-----w- c:\documents and settings\All Users\Microsoft
2011-09-08 18:00 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2011-09-08 17:56 . 2011-09-08 17:56 -------- d-----w- c:\windows\system32\XPSViewer
2011-09-08 17:56 . 2011-09-08 17:56 -------- d-----w- c:\program files\MSBuild
2011-09-08 17:55 . 2011-09-08 17:55 -------- d-----w- c:\program files\Reference Assemblies
2011-09-07 11:26 . 2011-09-07 11:26 -------- d-----w- C:\FOUND.352
2011-09-06 11:01 . 2011-09-06 11:01 -------- d-----w- C:\FOUND.351
2011-09-03 10:17 . 2011-09-09 09:12 602112 ------w- c:\windows\system32\dllcache\crypt32.dll
2011-09-02 11:05 . 2011-09-02 11:05 -------- d-----w- C:\FOUND.350
2011-09-01 07:31 . 2011-09-01 07:31 -------- d-----w- C:\FOUND.349
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-09 09:12 . 2004-06-29 15:09 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2004-06-29 15:09 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-06-29 15:09 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2008-06-02 20:57 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2004-06-29 15:10 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2004-06-29 15:09 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2004-06-29 15:09 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-06-29 15:09 385024 ----a-w- c:\windows\system32\html.iec
2011-06-20 17:44 . 2004-06-29 15:10 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-09-11 14:00 . 2011-05-07 11:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-09-17_22.34.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-09-18 16:04 . 2011-09-18 16:04 16384 c:\windows\Temp\Perflib_Perfdata_9b0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Secure Disks]
@="{666C7836-A9B6-4AB4-94ED-DC238C81E925}"
[HKEY_CLASSES_ROOT\CLSID\{666C7836-A9B6-4AB4-94ED-DC238C81E925}]
2006-10-29 07:35 391168 ----a-r- c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MultiFrame"="c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe" [2007-06-21 999792]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-06-20 451872]
"RocketDock"="c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-18 630784]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2011-01-05 133432]
"PCSpeedUp"="c:\program files\Zrychleni Pocitace\PCSpeedUp.lnk" [2011-08-12 1913]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-08 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-08-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-08-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-08-11 137752]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-06-29 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"SkyTel"="SkyTel.EXE" [2006-05-19 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-17 16270848]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-08-10 573440]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-15 815104]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-06-02 37232]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2008-06-02 33136]
"ABLKSR"="c:\windows\ABLKSR\ABLKSR.exe" [2006-01-06 61440]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 115816]
"IS CfgWiz"="c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" [2007-01-12 431752]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2007-01-13 771704]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"PowerForPhone"="c:\program files\P4P\P4P.exe" [2007-07-19 778240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-06-26 851968]
"IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2007-03-03 677408]
"CognizanceTS"="c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2003-12-24 17920]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-06-01 823296]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-06-01 974848]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb06.exe" [2002-07-11 188416]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]
.
c:\documents and settings\Kachna\Nabˇdka Start\Programy\Po spuçtŘnˇ\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2007-02-09 08:30 74240 ----a-r- c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17191:TCP"= 17191:TCP:BitComet 17191 TCP
"17191:UDP"= 17191:UDP:BitComet 17191 UDP
"26939:TCP"= 26939:TCP:BitComet 26939 TCP
"26939:UDP"= 26939:UDP:BitComet 26939 UDP
"8015:TCP"= 8015:TCP:BitComet 8015 TCP
"8015:UDP"= 8015:UDP:BitComet 8015 UDP
"7716:TCP"= 7716:TCP:BitComet 7716 TCP
"7716:UDP"= 7716:UDP:BitComet 7716 UDP
.
R1 ItSDisk;ItSDisk;c:\windows\system32\drivers\itsdisk.sys [19.5.2006 10:14 23232]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [29.1.2007 5:07 39080]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [29.6.2004 17:10 14336]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [29.6.2004 17:10 14336]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [31.8.2007 4:40 36864]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [29.1.2007 4:13 36608]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys --> c:\windows\system32\DRIVERS\adusbser.sys [?]
S4 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2010 11:24 135664]
S4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2010 11:24 135664]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - COMHOST
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker ASChannel
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 10:47 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-18 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-10-11 20:18]
.
2011-09-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-08 09:24]
.
2011-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-08 09:24]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Kachna\Data aplikací\Mozilla\Firefox\Profiles\n9lmbglm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.seznam.cz/?sourceid=undefined&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-18 18:12
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1236)
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\bin\ItMsg.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\TrayIcon.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\bin\brand.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItDAC.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItReports.DLL
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\BioAuth.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASBioAT.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItVCClient.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\AuthWiz.dll
.
- - - - - - - > 'explorer.exe'(176)
c:\program files\ASUS\Asus MultiFrame\HookTitle.dll
c:\windows\system32\APSHook.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItMsg.dll
c:\windows\system32\webcheck.dll
.
Celkový čas: 2011-09-18 18:14:37
ComboFix-quarantined-files.txt 2011-09-18 16:14
ComboFix2.txt 2011-09-17 22:38
.
Před spuštěním: Volných bajtů: 50 357 895 168
Po spuštění: Volných bajtů: 50 343 477 248
.
- - End Of File - - EDAD499D314ACCD1365636E14C179613

#4 Příspěvek od **Roli** » 18 zář 2011 18:32

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File:: 
c:\windows\000001_.tmp 

Folder::
c:\windows\000001_.tmp
c:\program files\AVAST Software
C:\FOUND.359
C:\FOUND.358
C:\FOUND.357
C:\FOUND.356
C:\FOUND.355
C:\FOUND.354
C:\FOUND.353
C:\FOUND.352
C:\FOUND.351
C:\FOUND.350
C:\FOUND.349

FireFox::
FF - ProfilePath - c:\documents and settings\Kachna\Data aplikací\Mozilla\Firefox\Profiles\n9lmbglm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

kachna20 · #5 Příspěvek od **kachna20** » 18 zář 2011 23:56

ComboFix 11-09-17.03 - Kachna 19.09.2011 0:46.5.2 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2039.1382 [GMT 2:00]
Spuštěný z: c:\documents and settings\Kachna\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Kachna\Plocha\CFScript.txt
AV: Norton Internet Security *Disabled/Outdated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
FILE ::
"c:\windows\000001_.tmp"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\FOUND.349
c:\found.349\FILE0000.CHK
c:\found.349\FILE0001.CHK
C:\FOUND.350
c:\found.350\FILE0000.CHK
c:\found.350\FILE0001.CHK
C:\FOUND.351
c:\found.351\FILE0000.CHK
c:\found.351\FILE0001.CHK
c:\found.351\FILE0002.CHK
c:\found.351\FILE0003.CHK
C:\FOUND.352
c:\found.352\FILE0000.CHK
c:\found.352\FILE0001.CHK
c:\found.352\FILE0002.CHK
C:\FOUND.353
c:\found.353\FILE0000.CHK
c:\found.353\FILE0001.CHK
c:\found.353\FILE0002.CHK
c:\found.353\FILE0003.CHK
c:\found.353\FILE0004.CHK
c:\found.353\FILE0005.CHK
c:\found.353\FILE0006.CHK
C:\FOUND.354
c:\found.354\FILE0000.CHK
c:\found.354\FILE0001.CHK
c:\found.354\FILE0002.CHK
c:\found.354\FILE0003.CHK
c:\found.354\FILE0004.CHK
c:\found.354\FILE0005.CHK
c:\found.354\FILE0006.CHK
c:\found.354\FILE0007.CHK
c:\found.354\FILE0008.CHK
c:\found.354\FILE0009.CHK
C:\FOUND.355
c:\found.355\FILE0000.CHK
c:\found.355\FILE0001.CHK
c:\found.355\FILE0002.CHK
c:\found.355\FILE0003.CHK
C:\FOUND.356
c:\found.356\FILE0000.CHK
c:\found.356\FILE0001.CHK
c:\found.356\FILE0002.CHK
c:\found.356\FILE0003.CHK
c:\found.356\FILE0004.CHK
c:\found.356\FILE0005.CHK
c:\found.356\FILE0006.CHK
c:\found.356\FILE0007.CHK
c:\found.356\FILE0008.CHK
c:\found.356\FILE0009.CHK
c:\found.356\FILE0010.CHK
c:\found.356\FILE0011.CHK
c:\found.356\FILE0012.CHK
c:\found.356\FILE0013.CHK
c:\found.356\FILE0014.CHK
c:\found.356\FILE0015.CHK
c:\found.356\FILE0016.CHK
C:\FOUND.357
c:\found.357\FILE0000.CHK
C:\FOUND.358
c:\found.358\FILE0000.CHK
c:\found.358\FILE0001.CHK
c:\found.358\FILE0002.CHK
c:\found.358\FILE0003.CHK
c:\found.358\FILE0004.CHK
C:\FOUND.359
c:\found.359\FILE0000.CHK
c:\found.359\FILE0001.CHK
c:\found.359\FILE0002.CHK
c:\found.359\FILE0003.CHK
c:\found.359\FILE0004.CHK
c:\found.359\FILE0005.CHK
c:\found.359\FILE0006.CHK
c:\found.359\FILE0007.CHK
c:\found.359\FILE0008.CHK
c:\found.359\FILE0009.CHK
c:\found.359\FILE0010.CHK
c:\found.359\FILE0011.CHK
c:\found.359\FILE0012.CHK
c:\found.359\FILE0013.CHK
c:\found.359\FILE0014.CHK
c:\found.359\FILE0015.CHK
c:\found.359\FILE0016.CHK
c:\found.359\FILE0017.CHK
c:\found.359\FILE0018.CHK
c:\found.359\FILE0019.CHK
c:\found.359\FILE0020.CHK
c:\found.359\FILE0021.CHK
c:\found.359\FILE0022.CHK
c:\found.359\FILE0023.CHK
c:\found.359\FILE0024.CHK
c:\found.359\FILE0025.CHK
c:\found.359\FILE0026.CHK
c:\found.359\FILE0027.CHK
c:\found.359\FILE0028.CHK
c:\found.359\FILE0029.CHK
c:\found.359\FILE0030.CHK
c:\found.359\FILE0031.CHK
c:\found.359\FILE0032.CHK
c:\found.359\FILE0033.CHK
c:\found.359\FILE0034.CHK
c:\found.359\FILE0035.CHK
c:\found.359\FILE0036.CHK
c:\found.359\FILE0037.CHK
c:\found.359\FILE0038.CHK
c:\found.359\FILE0039.CHK
c:\found.359\FILE0040.CHK
c:\found.359\FILE0041.CHK
c:\found.359\FILE0042.CHK
c:\found.359\FILE0043.CHK
c:\found.359\FILE0044.CHK
c:\found.359\FILE0045.CHK
c:\found.359\FILE0046.CHK
c:\found.359\FILE0047.CHK
c:\found.359\FILE0048.CHK
c:\found.359\FILE0049.CHK
c:\found.359\FILE0050.CHK
c:\found.359\FILE0051.CHK
c:\found.359\FILE0052.CHK
c:\found.359\FILE0053.CHK
c:\found.359\FILE0054.CHK
c:\found.359\FILE0055.CHK
c:\found.359\FILE0056.CHK
c:\found.359\FILE0057.CHK
c:\found.359\FILE0058.CHK
c:\found.359\FILE0059.CHK
c:\found.359\FILE0060.CHK
c:\found.359\FILE0061.CHK
c:\found.359\FILE0062.CHK
c:\found.359\FILE0063.CHK
c:\found.359\FILE0064.CHK
c:\found.359\FILE0065.CHK
c:\found.359\FILE0066.CHK
c:\found.359\FILE0067.CHK
c:\found.359\FILE0068.CHK
c:\found.359\FILE0069.CHK
c:\found.359\FILE0070.CHK
c:\found.359\FILE0071.CHK
c:\found.359\FILE0072.CHK
c:\found.359\FILE0073.CHK
c:\found.359\FILE0074.CHK
c:\found.359\FILE0075.CHK
c:\found.359\FILE0076.CHK
c:\found.359\FILE0077.CHK
c:\found.359\FILE0078.CHK
c:\found.359\FILE0079.CHK
c:\found.359\FILE0080.CHK
c:\found.359\FILE0081.CHK
c:\found.359\FILE0082.CHK
c:\found.359\FILE0083.CHK
c:\found.359\FILE0084.CHK
c:\found.359\FILE0085.CHK
c:\found.359\FILE0086.CHK
c:\found.359\FILE0087.CHK
c:\found.359\FILE0088.CHK
c:\found.359\FILE0089.CHK
c:\found.359\FILE0090.CHK
c:\found.359\FILE0091.CHK
c:\found.359\FILE0092.CHK
c:\found.359\FILE0093.CHK
c:\found.359\FILE0094.CHK
c:\found.359\FILE0095.CHK
c:\found.359\FILE0096.CHK
c:\found.359\FILE0097.CHK
c:\found.359\FILE0098.CHK
c:\found.359\FILE0099.CHK
c:\found.359\FILE0100.CHK
c:\found.359\FILE0101.CHK
c:\found.359\FILE0102.CHK
c:\found.359\FILE0103.CHK
c:\found.359\FILE0104.CHK
c:\found.359\FILE0105.CHK
c:\found.359\FILE0106.CHK
c:\found.359\FILE0107.CHK
c:\found.359\FILE0108.CHK
c:\found.359\FILE0109.CHK
c:\found.359\FILE0110.CHK
c:\found.359\FILE0111.CHK
c:\found.359\FILE0112.CHK
c:\found.359\FILE0113.CHK
c:\found.359\FILE0114.CHK
c:\found.359\FILE0115.CHK
c:\found.359\FILE0116.CHK
c:\found.359\FILE0117.CHK
c:\found.359\FILE0118.CHK
c:\found.359\FILE0119.CHK
c:\found.359\FILE0120.CHK
c:\found.359\FILE0121.CHK
c:\found.359\FILE0122.CHK
c:\found.359\FILE0123.CHK
c:\found.359\FILE0124.CHK
c:\found.359\FILE0125.CHK
c:\found.359\FILE0126.CHK
c:\found.359\FILE0127.CHK
c:\found.359\FILE0128.CHK
c:\found.359\FILE0129.CHK
c:\found.359\FILE0130.CHK
c:\program files\AVAST Software
c:\program files\AVAST Software\Avast\Setup\setup.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-18 do 2011-09-18 )))))))))))))))))))))))))))))))
.
.
2011-09-18 16:03 . 2011-09-18 22:52 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-09-18 11:39 . 2011-09-18 11:40 -------- d-----w- c:\program files\trend micro
2011-09-18 11:39 . 2011-09-18 11:39 -------- d-----w- C:\rsit
2011-09-11 11:41 . 2011-09-11 11:41 -------- d-----r- C:\MSOCache
2011-09-10 14:46 . 2011-09-10 14:46 -------- d-----w- C:\sql2ksp3
2011-09-10 14:04 . 2011-09-10 14:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací
2011-09-10 12:56 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2011-09-10 12:56 . 2006-10-26 17:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2011-09-10 12:09 . 2011-09-10 12:09 -------- d-----w- c:\documents and settings\Kachna\Data aplikací\Ipswitch
2011-09-10 12:08 . 2011-09-10 12:08 -------- d-----w- c:\program files\Ipswitch
2011-09-08 20:49 . 2008-04-14 06:51 81920 ------w- c:\windows\system32\ieencode.dll
2011-09-08 20:47 . 2006-12-28 22:31 19569 ----a-w- c:\windows\000001_.tmp
2011-09-08 19:24 . 2011-09-08 19:24 -------- d-----w- c:\documents and settings\All Users\Microsoft
2011-09-08 18:00 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2011-09-08 17:56 . 2011-09-08 17:56 -------- d-----w- c:\windows\system32\XPSViewer
2011-09-08 17:56 . 2011-09-08 17:56 -------- d-----w- c:\program files\MSBuild
2011-09-08 17:55 . 2011-09-08 17:55 -------- d-----w- c:\program files\Reference Assemblies
2011-09-03 10:17 . 2011-09-09 09:12 602112 ------w- c:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-09 09:12 . 2004-06-29 15:09 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-07-15 13:29 . 2004-06-29 15:09 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-06-29 15:09 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2008-06-02 20:57 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2004-06-29 15:10 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2004-06-29 15:09 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2004-06-29 15:09 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2004-06-29 15:09 385024 ----a-w- c:\windows\system32\html.iec
2011-09-11 14:00 . 2011-05-07 11:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[7] 2009-08-06 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-09-17_22.34.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-09-18 19:43 . 2011-09-18 19:43 16384 c:\windows\Temp\Perflib_Perfdata_d34.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Secure Disks]
@="{666C7836-A9B6-4AB4-94ED-DC238C81E925}"
[HKEY_CLASSES_ROOT\CLSID\{666C7836-A9B6-4AB4-94ED-DC238C81E925}]
2006-10-29 07:35 391168 ----a-r- c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\SFSShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MultiFrame"="c:\program files\ASUS\Asus MultiFrame\MultiFrame.exe" [2007-06-21 999792]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-06-20 451872]
"RocketDock"="c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe" [2007-03-18 630784]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2011-01-05 133432]
"PCSpeedUp"="c:\program files\Zrychleni Pocitace\PCSpeedUp.lnk" [2011-08-12 1913]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-08 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-08-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-08-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-08-11 137752]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-06-29 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"SkyTel"="SkyTel.EXE" [2006-05-19 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-17 16270848]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-08-10 573440]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-15 815104]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-06-02 37232]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2008-06-02 33136]
"ABLKSR"="c:\windows\ABLKSR\ABLKSR.exe" [2006-01-06 61440]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 115816]
"IS CfgWiz"="c:\program files\Common Files\Symantec Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\cltUIStb.exe" [2007-01-12 431752]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2007-01-13 771704]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"PowerForPhone"="c:\program files\P4P\P4P.exe" [2007-07-19 778240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-06-26 851968]
"IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2007-03-03 677408]
"CognizanceTS"="c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2003-12-24 17920]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-06-01 823296]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-06-01 974848]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb06.exe" [2002-07-11 188416]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]
.
c:\documents and settings\Kachna\Nabˇdka Start\Programy\Po spuçtŘnˇ\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
2007-02-09 08:30 74240 ----a-r- c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\APSHook.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17191:TCP"= 17191:TCP:BitComet 17191 TCP
"17191:UDP"= 17191:UDP:BitComet 17191 UDP
"26939:TCP"= 26939:TCP:BitComet 26939 TCP
"26939:UDP"= 26939:UDP:BitComet 26939 UDP
"8015:TCP"= 8015:TCP:BitComet 8015 TCP
"8015:UDP"= 8015:UDP:BitComet 8015 UDP
"7716:TCP"= 7716:TCP:BitComet 7716 TCP
"7716:UDP"= 7716:UDP:BitComet 7716 UDP
.
R1 ItSDisk;ItSDisk;c:\windows\system32\drivers\itsdisk.sys [19.5.2006 10:14 23232]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [29.1.2007 5:07 39080]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [29.6.2004 17:10 14336]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [29.6.2004 17:10 14336]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [31.8.2007 4:40 36864]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [29.1.2007 4:13 36608]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys --> c:\windows\system32\DRIVERS\adusbser.sys [?]
S4 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2010 11:24 135664]
S4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [8.8.2010 11:24 135664]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - COMHOST
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker ASChannel
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 10:47 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-18 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-10-11 20:18]
.
2011-09-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-08 09:24]
.
2011-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-08 09:24]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Kachna\Data aplikací\Mozilla\Firefox\Profiles\n9lmbglm.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-19 00:52
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1236)
c:\windows\system32\APSHook.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\bin\ItMsg.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\TrayIcon.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\bin\brand.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsChnl.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItDAC.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItReports.DLL
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\BioAuth.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASBioAT.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItVCClient.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\AuthWiz.dll
.
- - - - - - - > 'lsass.exe'(1292)
c:\windows\system32\APSHook.dll
.
Celkový čas: 2011-09-19 00:54:03
ComboFix-quarantined-files.txt 2011-09-18 22:54
ComboFix2.txt 2011-09-18 16:14
ComboFix3.txt 2011-09-17 22:38
.
Před spuštěním: Volných bajtů: 50 230 755 328
Po spuštění: Volných bajtů: 50 240 815 104
.
- - End Of File - - C5A4C433A7BEEB8CBB1793F8DE4A9E0B

#6 Příspěvek od **Roli** » 19 zář 2011 08:34

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
C:\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\tasks\At*.job /s
C:\FOUND.*

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

Tohle :

c:\windows\system32\acovcnt.exe

otestuj na VIRUSTOTAL

(po načtení stránky klikni na tlačítko Procházet, najdi cestu k výše zmíněnému souboru a klikni na tlačítko Odeslat soubor

trvá to okolo deseti minut pak mi sem zkopíruj link, to je ten řádek nahoře v prohlížeči)

Pokud ti to napíše že soubor již byl testován nech otestovat znovu.

kachna20 · #7 Příspěvek od **kachna20** » 19 zář 2011 17:17

Ahoj, tady je link:
http://www.virustotal.com/file-scan/rep ... 1316448174

A tady je log.

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\*.tmp not found.
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\System32\ConduitEngine.tmp moved successfully.
C:\WINDOWS\000001_.tmp moved successfully.
C:\WINDOWS\002729_.tmp moved successfully.
File/Folder C:\WINDOWS\tasks\At*.job not found.
C:\FOUND.000 folder moved successfully.
C:\FOUND.002 folder moved successfully.
C:\FOUND.269 folder moved successfully.
C:\FOUND.001 folder moved successfully.
C:\FOUND.003 folder moved successfully.
C:\FOUND.004 folder moved successfully.
C:\FOUND.005 folder moved successfully.
C:\FOUND.006 folder moved successfully.
C:\FOUND.007 folder moved successfully.
C:\FOUND.008 folder moved successfully.
C:\FOUND.009 folder moved successfully.
C:\FOUND.010 folder moved successfully.
C:\FOUND.011 folder moved successfully.
C:\FOUND.012 folder moved successfully.
C:\FOUND.013 folder moved successfully.
C:\FOUND.014 folder moved successfully.
C:\FOUND.015 folder moved successfully.
C:\FOUND.016 folder moved successfully.
C:\FOUND.017 folder moved successfully.
C:\FOUND.018 folder moved successfully.
C:\FOUND.019 folder moved successfully.
C:\FOUND.020 folder moved successfully.
C:\FOUND.021 folder moved successfully.
C:\FOUND.022 folder moved successfully.
C:\FOUND.023 folder moved successfully.
C:\FOUND.024 folder moved successfully.
C:\FOUND.025 folder moved successfully.
C:\FOUND.026 folder moved successfully.
C:\FOUND.027 folder moved successfully.
C:\FOUND.028 folder moved successfully.
C:\FOUND.029 folder moved successfully.
C:\FOUND.030 folder moved successfully.
C:\FOUND.031 folder moved successfully.
C:\FOUND.032 folder moved successfully.
C:\FOUND.033 folder moved successfully.
C:\FOUND.034 folder moved successfully.
C:\FOUND.035 folder moved successfully.
C:\FOUND.036 folder moved successfully.
C:\FOUND.037 folder moved successfully.
C:\FOUND.038 folder moved successfully.
C:\FOUND.039 folder moved successfully.
C:\FOUND.040 folder moved successfully.
C:\FOUND.041 folder moved successfully.
C:\FOUND.042 folder moved successfully.
C:\FOUND.043 folder moved successfully.
C:\FOUND.044 folder moved successfully.
C:\FOUND.045 folder moved successfully.
C:\FOUND.046 folder moved successfully.
C:\FOUND.047 folder moved successfully.
C:\FOUND.048 folder moved successfully.
C:\FOUND.049 folder moved successfully.
C:\FOUND.050 folder moved successfully.
C:\FOUND.051 folder moved successfully.
C:\FOUND.052 folder moved successfully.
C:\FOUND.053 folder moved successfully.
C:\FOUND.054 folder moved successfully.
C:\FOUND.055 folder moved successfully.
C:\FOUND.056 folder moved successfully.
C:\FOUND.057 folder moved successfully.
C:\FOUND.058 folder moved successfully.
C:\FOUND.059 folder moved successfully.
C:\FOUND.060 folder moved successfully.
C:\FOUND.061 folder moved successfully.
C:\FOUND.062 folder moved successfully.
C:\FOUND.063 folder moved successfully.
C:\FOUND.064 folder moved successfully.
C:\FOUND.065 folder moved successfully.
C:\FOUND.066 folder moved successfully.
C:\FOUND.067 folder moved successfully.
C:\FOUND.068 folder moved successfully.
C:\FOUND.069 folder moved successfully.
C:\FOUND.070 folder moved successfully.
C:\FOUND.071 folder moved successfully.
C:\FOUND.072 folder moved successfully.
C:\FOUND.073 folder moved successfully.
C:\FOUND.074 folder moved successfully.
C:\FOUND.075 folder moved successfully.
C:\FOUND.076 folder moved successfully.
C:\FOUND.077 folder moved successfully.
C:\FOUND.078 folder moved successfully.
C:\FOUND.079 folder moved successfully.
C:\FOUND.080 folder moved successfully.
C:\FOUND.081 folder moved successfully.
C:\FOUND.082 folder moved successfully.
C:\FOUND.083 folder moved successfully.
C:\FOUND.084 folder moved successfully.
C:\FOUND.085 folder moved successfully.
C:\FOUND.086 folder moved successfully.
C:\FOUND.087 folder moved successfully.
C:\FOUND.088 folder moved successfully.
C:\FOUND.089 folder moved successfully.
C:\FOUND.090 folder moved successfully.
C:\FOUND.091 folder moved successfully.
C:\FOUND.092 folder moved successfully.
C:\FOUND.093 folder moved successfully.
C:\FOUND.094 folder moved successfully.
C:\FOUND.095 folder moved successfully.
C:\FOUND.096 folder moved successfully.
C:\FOUND.097 folder moved successfully.
C:\FOUND.098 folder moved successfully.
C:\FOUND.099 folder moved successfully.
C:\FOUND.100 folder moved successfully.
C:\FOUND.101 folder moved successfully.
C:\FOUND.102 folder moved successfully.
C:\FOUND.103 folder moved successfully.
C:\FOUND.104 folder moved successfully.
C:\FOUND.105 folder moved successfully.
C:\FOUND.106 folder moved successfully.
C:\FOUND.107 folder moved successfully.
C:\FOUND.108 folder moved successfully.
C:\FOUND.109 folder moved successfully.
C:\FOUND.110 folder moved successfully.
C:\FOUND.111 folder moved successfully.
C:\FOUND.112 folder moved successfully.
C:\FOUND.113 folder moved successfully.
C:\FOUND.114 folder moved successfully.
C:\FOUND.115 folder moved successfully.
C:\FOUND.116 folder moved successfully.
C:\FOUND.117 folder moved successfully.
C:\FOUND.118 folder moved successfully.
C:\FOUND.119 folder moved successfully.
C:\FOUND.120 folder moved successfully.
C:\FOUND.121 folder moved successfully.
C:\FOUND.122 folder moved successfully.
C:\FOUND.123 folder moved successfully.
C:\FOUND.124 folder moved successfully.
C:\FOUND.125 folder moved successfully.
C:\FOUND.126 folder moved successfully.
C:\FOUND.127 folder moved successfully.
C:\FOUND.128 folder moved successfully.
C:\FOUND.129 folder moved successfully.
C:\FOUND.130 folder moved successfully.
C:\FOUND.131 folder moved successfully.
C:\FOUND.132 folder moved successfully.
C:\FOUND.133 folder moved successfully.
C:\FOUND.134 folder moved successfully.
C:\FOUND.135 folder moved successfully.
C:\FOUND.136 folder moved successfully.
C:\FOUND.137 folder moved successfully.
C:\FOUND.138 folder moved successfully.
C:\FOUND.139 folder moved successfully.
C:\FOUND.140 folder moved successfully.
C:\FOUND.141 folder moved successfully.
C:\FOUND.142 folder moved successfully.
C:\FOUND.143 folder moved successfully.
C:\FOUND.144 folder moved successfully.
C:\FOUND.145 folder moved successfully.
C:\FOUND.146 folder moved successfully.
C:\FOUND.147 folder moved successfully.
C:\FOUND.148 folder moved successfully.
C:\FOUND.149 folder moved successfully.
C:\FOUND.150 folder moved successfully.
C:\FOUND.151 folder moved successfully.
C:\FOUND.152 folder moved successfully.
C:\FOUND.153 folder moved successfully.
C:\FOUND.154 folder moved successfully.
C:\FOUND.155 folder moved successfully.
C:\FOUND.156 folder moved successfully.
C:\FOUND.157 folder moved successfully.
C:\FOUND.158 folder moved successfully.
C:\FOUND.165 folder moved successfully.
C:\FOUND.166 folder moved successfully.
C:\FOUND.159 folder moved successfully.
C:\FOUND.160 folder moved successfully.
C:\FOUND.161 folder moved successfully.
C:\FOUND.162 folder moved successfully.
C:\FOUND.163 folder moved successfully.
C:\FOUND.164 folder moved successfully.
C:\FOUND.167 folder moved successfully.
C:\FOUND.168 folder moved successfully.
C:\FOUND.169 folder moved successfully.
C:\FOUND.170 folder moved successfully.
C:\FOUND.171 folder moved successfully.
C:\FOUND.172 folder moved successfully.
C:\FOUND.173 folder moved successfully.
C:\FOUND.174 folder moved successfully.
C:\FOUND.175 folder moved successfully.
C:\FOUND.176 folder moved successfully.
C:\FOUND.177 folder moved successfully.
C:\FOUND.178 folder moved successfully.
C:\FOUND.179 folder moved successfully.
C:\FOUND.180 folder moved successfully.
C:\FOUND.181 folder moved successfully.
C:\FOUND.182 folder moved successfully.
C:\FOUND.183 folder moved successfully.
C:\FOUND.184 folder moved successfully.
C:\FOUND.185 folder moved successfully.
C:\FOUND.186 folder moved successfully.
C:\FOUND.187 folder moved successfully.
C:\FOUND.188 folder moved successfully.
C:\FOUND.189 folder moved successfully.
C:\FOUND.190 folder moved successfully.
C:\FOUND.191 folder moved successfully.
C:\FOUND.192 folder moved successfully.
C:\FOUND.193 folder moved successfully.
C:\FOUND.194 folder moved successfully.
C:\FOUND.195 folder moved successfully.
C:\FOUND.196 folder moved successfully.
C:\FOUND.197 folder moved successfully.
C:\FOUND.198 folder moved successfully.
C:\FOUND.199 folder moved successfully.
C:\FOUND.200 folder moved successfully.
C:\FOUND.201 folder moved successfully.
C:\FOUND.202 folder moved successfully.
C:\FOUND.203 folder moved successfully.
C:\FOUND.204 folder moved successfully.
C:\FOUND.205 folder moved successfully.
C:\FOUND.206 folder moved successfully.
C:\FOUND.207 folder moved successfully.
C:\FOUND.208 folder moved successfully.
C:\FOUND.209 folder moved successfully.
C:\FOUND.210 folder moved successfully.
C:\FOUND.211 folder moved successfully.
C:\FOUND.212 folder moved successfully.
C:\FOUND.213 folder moved successfully.
C:\FOUND.214 folder moved successfully.
C:\FOUND.215 folder moved successfully.
C:\FOUND.216 folder moved successfully.
C:\FOUND.217 folder moved successfully.
C:\FOUND.218 folder moved successfully.
C:\FOUND.219 folder moved successfully.
C:\FOUND.220 folder moved successfully.
C:\FOUND.221 folder moved successfully.
C:\FOUND.222 folder moved successfully.
C:\FOUND.223 folder moved successfully.
C:\FOUND.224 folder moved successfully.
C:\FOUND.225 folder moved successfully.
C:\FOUND.226 folder moved successfully.
C:\FOUND.227 folder moved successfully.
C:\FOUND.228 folder moved successfully.
C:\FOUND.229 folder moved successfully.
C:\FOUND.230 folder moved successfully.
C:\FOUND.231 folder moved successfully.
C:\FOUND.232 folder moved successfully.
C:\FOUND.233 folder moved successfully.
C:\FOUND.234 folder moved successfully.
C:\FOUND.235 folder moved successfully.
C:\FOUND.236 folder moved successfully.
C:\FOUND.237 folder moved successfully.
C:\FOUND.238 folder moved successfully.
C:\FOUND.239 folder moved successfully.
C:\FOUND.240 folder moved successfully.
C:\FOUND.241 folder moved successfully.
C:\FOUND.242 folder moved successfully.
C:\FOUND.243 folder moved successfully.
C:\FOUND.244 folder moved successfully.
C:\FOUND.245 folder moved successfully.
C:\FOUND.246 folder moved successfully.
C:\FOUND.247 folder moved successfully.
C:\FOUND.248 folder moved successfully.
C:\FOUND.249 folder moved successfully.
C:\FOUND.250 folder moved successfully.
C:\FOUND.251 folder moved successfully.
C:\FOUND.252 folder moved successfully.
C:\FOUND.253 folder moved successfully.
C:\FOUND.254 folder moved successfully.
C:\FOUND.255 folder moved successfully.
C:\FOUND.256 folder moved successfully.
C:\FOUND.257 folder moved successfully.
C:\FOUND.258 folder moved successfully.
C:\FOUND.259 folder moved successfully.
C:\FOUND.260 folder moved successfully.
C:\FOUND.261 folder moved successfully.
C:\FOUND.262 folder moved successfully.
C:\FOUND.263 folder moved successfully.
C:\FOUND.264 folder moved successfully.
C:\FOUND.265 folder moved successfully.
C:\FOUND.266 folder moved successfully.
C:\FOUND.267 folder moved successfully.
C:\FOUND.268 folder moved successfully.
C:\FOUND.270 folder moved successfully.
C:\FOUND.271 folder moved successfully.
C:\FOUND.272 folder moved successfully.
C:\FOUND.273 folder moved successfully.
C:\FOUND.274 folder moved successfully.
C:\FOUND.275 folder moved successfully.
C:\FOUND.276 folder moved successfully.
C:\FOUND.277 folder moved successfully.
C:\FOUND.278 folder moved successfully.
C:\FOUND.279 folder moved successfully.
C:\FOUND.280 folder moved successfully.
C:\FOUND.281 folder moved successfully.
C:\FOUND.282 folder moved successfully.
C:\FOUND.283 folder moved successfully.
C:\FOUND.284 folder moved successfully.
C:\FOUND.285 folder moved successfully.
C:\FOUND.286 folder moved successfully.
C:\FOUND.287 folder moved successfully.
C:\FOUND.288 folder moved successfully.
C:\FOUND.289 folder moved successfully.
C:\FOUND.290 folder moved successfully.
C:\FOUND.291 folder moved successfully.
C:\FOUND.292 folder moved successfully.
C:\FOUND.293 folder moved successfully.
C:\FOUND.294 folder moved successfully.
C:\FOUND.295 folder moved successfully.
C:\FOUND.296 folder moved successfully.
C:\FOUND.297 folder moved successfully.
C:\FOUND.298 folder moved successfully.
C:\FOUND.299 folder moved successfully.
C:\FOUND.300 folder moved successfully.
C:\FOUND.301 folder moved successfully.
C:\FOUND.302 folder moved successfully.
C:\FOUND.303 folder moved successfully.
C:\FOUND.304 folder moved successfully.
C:\FOUND.305 folder moved successfully.
C:\FOUND.306 folder moved successfully.
C:\FOUND.307 folder moved successfully.
C:\FOUND.308 folder moved successfully.
C:\FOUND.309 folder moved successfully.
C:\FOUND.310 folder moved successfully.
C:\FOUND.311 folder moved successfully.
C:\FOUND.312 folder moved successfully.
C:\FOUND.313 folder moved successfully.
C:\FOUND.314 folder moved successfully.
C:\FOUND.315 folder moved successfully.
C:\FOUND.316 folder moved successfully.
C:\FOUND.317 folder moved successfully.
C:\FOUND.318 folder moved successfully.
C:\FOUND.319 folder moved successfully.
C:\FOUND.320 folder moved successfully.
C:\FOUND.321 folder moved successfully.
C:\FOUND.322 folder moved successfully.
C:\FOUND.323 folder moved successfully.
C:\FOUND.324 folder moved successfully.
C:\FOUND.325 folder moved successfully.
C:\FOUND.326 folder moved successfully.
C:\FOUND.327 folder moved successfully.
C:\FOUND.328 folder moved successfully.
C:\FOUND.329 folder moved successfully.
C:\FOUND.330 folder moved successfully.
C:\FOUND.331 folder moved successfully.
C:\FOUND.332 folder moved successfully.
C:\FOUND.333 folder moved successfully.
C:\FOUND.334 folder moved successfully.
C:\FOUND.335 folder moved successfully.
C:\FOUND.336 folder moved successfully.
C:\FOUND.337 folder moved successfully.
C:\FOUND.338 folder moved successfully.
C:\FOUND.340 folder moved successfully.
C:\FOUND.341 folder moved successfully.
C:\FOUND.339 folder moved successfully.
C:\FOUND.342 folder moved successfully.
C:\FOUND.343 folder moved successfully.
C:\FOUND.344 folder moved successfully.
C:\FOUND.345 folder moved successfully.
C:\FOUND.346 folder moved successfully.
C:\FOUND.347 folder moved successfully.
C:\FOUND.348 folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 75 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 75 bytes

User: Kachna
->Temp folder emptied: 16384 bytes
->Temporary Internet Files folder emptied: 7815302 bytes
->FireFox cache emptied: 99056083 bytes
->Google Chrome cache emptied: 36346473 bytes
->Opera cache emptied: 14654019 bytes
->Flash cache emptied: 14749519 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 23342 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34306 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 165,00 mb

OTM by OldTimer - Version 3.1.18.0 log created on 09192011_175413

Files moved on Reboot...
C:\WINDOWS\temp\Perflib_Perfdata_2e8.dat moved successfully.

Registry entries deleted on Reboot...

#8 Příspěvek od **Roli** » 19 zář 2011 20:09

Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.

Pak dej vědět jaký je stav PC.

kachna20 · #9 Příspěvek od **kachna20** » 19 zář 2011 21:55

Čau...
díky moc za všechny rady a pomoc. PC funguje uplně v pohodě

) jetě jednou dík, konečně mi někdo helfnul...

#10 Příspěvek od **Roli** » 20 zář 2011 14:04

Není zač a kdyby zase byl nějaký problém klidně písni

Měj se.

VIRY.CZ

nemohu nainstalovat Office

nemohu nainstalovat Office

Re: nemohu nainstalovat Office

Re: nemohu nainstalovat Office

Re: nemohu nainstalovat Office

Re: nemohu nainstalovat Office

Re: nemohu nainstalovat Office

Re: nemohu nainstalovat Office

Re: nemohu nainstalovat Office

Re: nemohu nainstalovat Office

Re: nemohu nainstalovat Office