POMOC PROSIM

[abdul99]

Dobrý den. Dnes jsem náhodou otevřel nevyžádanou poštu a od té doby se mi v okně Mozilly i Exploreru objevuje v levém horním rohu Detection V:2,loaded:212.179.38.67,site:16615,url:TB_CooolSoft
a nebo
Detection V:2,loaded:10.218.73.247,site:16615,url:
Nevíte někdo co s tím prosím? Moc děkuji za případné rady

Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2011-10-17 22:08:52
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 31 GB (52%) free of 60 GB
Total RAM: 1788 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:09:03, on 17.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\idt\wdm\STacSV.exe
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Program Files\VMware\VMware Player\hqtray.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Trayer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\VMware\VMware Player\vmware-authd.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Uživatel\Plocha\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... ritage.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... ritage.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.6\iobitToolbarIE.dll
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit0.dll
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.6\iobitToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitTorrentBar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit0.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Complitly - {D27FC31C-6E3D-4305-8D53-ACDAEFA5F862} - C:\Documents and Settings\Uživatel\Data aplikací\ComplitlyEngine\ComplitlyEngine.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit0.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.6\iobitToolbarIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 4] "C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe"
O4 - HKCU\..\Run: [Core Temp] "C:\Program Files\Core Temp\Core Temp.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Trayer.lnk = C:\Program Files\Trayer.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Trayer.lnk = C:\Program Files\Trayer.exe (User 'Default user')
O4 - Startup: Trayer.lnk = C:\Program Files\Trayer.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - c:\program files\idt\wdm\STacSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

--
End of file - 10044 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{9D3722B8-9C39-44F8-8D83-E5790B933727}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2hx07fx5.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "wrc@avast.com:6.0.1289, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.17, {33e0daa6-3af3-d8b5-6752-10e949c61516}:1.1, engine@conduit.com:3.3.3.2, {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.5.0.12, iobit@mybrowserbar.com:4.6, wtxpcom@mybrowserbar.com:4.6, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =382950&p="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsIBitCometAgent.xpt
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npBitCometAgent.dll
npnul32.dll
nppdf32.dll
npPDFXCviewNPPlugin.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
completebartb.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2hx07fx5.default\extensions\
engine@conduit.com
{20a82645-c095-46ed-80e3-08825760534b}
{33e0daa6-3af3-d8b5-6752-10e949c61516}
{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash

C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2hx07fx5.default\searchplugins\
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BDA0769-FD72-49F4-9266-E1FB004F4D8F}]
IObit Toolbar - C:\Program Files\IObit Toolbar\IE\4.6\iobitToolbarIE.dll [2011-08-17 734048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
BitTorrentBar Toolbar - C:\Program Files\BitTorrentBar\prxtbBit0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D27FC31C-6E3D-4305-8D53-ACDAEFA5F862}]
Complitly - C:\Documents and Settings\Uživatel\Data aplikací\ComplitlyEngine\ComplitlyEngine.dll [2011-04-17 139768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]
{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - BitTorrentBar Toolbar - C:\Program Files\BitTorrentBar\prxtbBit0.dll [2011-05-09 176936]
{0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - IObit Toolbar - C:\Program Files\IObit Toolbar\IE\4.6\iobitToolbarIE.dll [2011-08-17 734048]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 98304]
"VMware hqtray"=C:\Program Files\VMware\VMware Player\hqtray.exe [2010-03-31 64048]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2011-06-21 225280]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"RIMBBLaunchAgent.exe"=C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-02-18 79192]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-11-24 94208]
"Advanced SystemCare 4"=C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe [2011-08-09 417112]
"Core Temp"=C:\Program Files\Core Temp\Core Temp.exe [2011-09-02 722384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-08 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]
C:\WINDOWS\system32\AESTFltr.exe [2009-04-21 737280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2003-06-12 114688]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Po spuštění
Trayer.lnk - C:\Program Files\Trayer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-10 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\VMware\VMware Player\vmware-authd.exe"="C:\Program Files\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\BitTorrent\BitTorrent.exe"="C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\Codemasters\MTV Music Generator\client.exe"="C:\Codemasters\MTV Music Generator\client.exe:*:Enabled:m2kpc"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\VMware\VMware Player\vmware-authd.exe"="C:\Program Files\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=L3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.VMnc"=vmnc.dll
"vidc.ffds"=ffdshow.ax
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.WMV3"=wmv9vcm.dll
"msacm.ac3filter"=ac3filter.acm
"vidc.divx"=divx.dll
"vidc.div4"=DivXc32f.dll
"vidc.div3"=DivXc32.dll
"vidc.xvid"=xvid.dll
"vidc.mp43"=mpg4c32.dll
"msacm.l3radius"=l3codecp.acm
"msacm.divxa"=divxa32.acm
"msacm.vorbis"=Vorbis.acm
"msacm.a3d"=a3d.dll
"msacm.ogg"=ogg.dll
"msacm.vorbisenc"=vorbisenc.dll
"vidc.mjpg"=pvmjpg30.dll

======List of files/folders created in the last 1 month======

2011-10-17 22:08:52 ----D---- C:\rsit
2011-10-17 22:08:52 ----D---- C:\Program Files\trend micro
2011-10-16 15:39:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\ERS G-Studio
2011-10-16 15:39:04 ----D---- C:\Program Files\Serif Standa
2011-10-16 03:32:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2447961_WM9L$
2011-10-15 20:56:36 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\DivX
2011-10-15 20:54:58 ----A---- C:\WINDOWS\system32\drivers\MarvinBus.sys
2011-10-15 20:54:46 ----D---- C:\Program Files\Common Files\Pinnacle
2011-10-15 20:53:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate Collection
2011-10-15 20:48:28 ----D---- C:\Program Files\Common Files\Pegasus Imaging
2011-10-15 20:48:26 ----D---- C:\Program Files\Common Files\Yahoo!
2011-10-15 20:48:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Studio 14
2011-10-15 20:48:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Plus
2011-10-15 20:44:45 ----D---- C:\Program Files\Pinnacle
2011-10-15 20:43:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
2011-10-15 20:09:32 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2011-10-15 12:04:04 ----D---- C:\Program Files\TerraTec
2011-10-15 10:55:30 ----RA---- C:\WINDOWS\system32\drivers\p2usbwdm.sys
2011-10-15 10:52:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\InterVideo
2011-10-15 10:37:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\InstallShield
2011-10-15 10:36:52 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
2011-10-15 10:36:52 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
2011-10-15 10:36:52 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
2011-10-15 10:36:52 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
2011-10-15 10:36:52 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
2011-10-15 10:36:52 ----A---- C:\WINDOWS\system32\IVIresize.dll
2011-10-15 10:36:10 ----D---- C:\WINDOWS\system32\windows media
2011-10-15 10:35:59 ----D---- C:\WINDOWS\RegisteredPackages
2011-10-15 10:35:58 ----HD---- C:\WINDOWS\msdownld.tmp
2011-10-15 10:35:52 ----D---- C:\Program Files\Windows Media Components
2011-10-15 10:29:17 ----D---- C:\Program Files\Common Files\Ulead Systems
2011-10-15 10:29:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
2011-10-13 14:20:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2011-10-13 14:15:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2011-10-13 14:15:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2011-10-09 22:14:19 ----A---- C:\WINDOWS\d3dx.dat
2011-10-09 22:14:16 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\BlamGames
2011-10-09 22:13:50 ----D---- C:\Program Files\Auta snu
2011-10-07 22:22:46 ----A---- C:\WINDOWS\moto.INI
2011-10-07 22:08:55 ----D---- C:\Program Files\MotoRacer
2011-10-07 21:40:59 ----D---- C:\Program Files\Electronic Arts
2011-10-07 21:40:48 ----A---- C:\WINDOWS\uninst.exe
2011-10-06 20:25:40 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\PriceGong
2011-10-03 17:23:43 ----RA---- C:\WINDOWS\system32\drivers\RimSerial.sys
2011-10-03 17:08:29 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2011-10-03 17:08:25 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2011-10-03 17:07:22 ----D---- C:\Program Files\Common Files\Research In Motion
2011-09-29 21:20:50 ----D---- C:\Program Files\Speccy
2011-09-29 18:01:26 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\GARMIN
2011-09-29 18:01:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\GARMIN
2011-09-29 18:00:34 ----D---- C:\Garmin
2011-09-29 13:57:31 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Search Settings
2011-09-29 13:57:26 ----D---- C:\Program Files\IObit Toolbar
2011-09-29 13:57:26 ----D---- C:\Program Files\Application Updater
2011-09-21 18:54:33 ----D---- C:\Program Files\Core Temp

======List of files/folders modified in the last 1 month======

2011-10-17 22:08:57 ----D---- C:\WINDOWS\Prefetch
2011-10-17 22:08:52 ----RD---- C:\Program Files
2011-10-17 22:07:49 ----D---- C:\WINDOWS\Temp
2011-10-17 21:15:32 ----SHD---- C:\WINDOWS\Installer
2011-10-17 20:52:50 ----D---- C:\WINDOWS
2011-10-17 20:35:49 ----D---- C:\Program Files\Google
2011-10-17 20:35:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2011-10-17 20:30:42 ----SD---- C:\WINDOWS\Tasks
2011-10-17 20:29:24 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Media Player Classic
2011-10-17 20:26:50 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-17 20:26:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\VMware
2011-10-17 20:24:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-17 20:24:39 ----D---- C:\WINDOWS\system32
2011-10-17 20:24:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-17 20:20:12 ----HD---- C:\Program Files\InstallShield Installation Information
2011-10-17 15:13:48 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\BitTorrent
2011-10-16 19:55:13 ----A---- C:\WINDOWS\NeroDigital.ini
2011-10-16 15:38:19 ----D---- C:\Program Files\Utajeny svet umeni 2
2011-10-16 15:03:20 ----D---- C:\WINDOWS\Debug
2011-10-16 13:05:52 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Vso
2011-10-16 03:32:09 ----HD---- C:\WINDOWS\inf
2011-10-15 20:55:04 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-10-15 20:55:02 ----D---- C:\WINDOWS\system32\drivers
2011-10-15 20:54:46 ----D---- C:\Program Files\Common Files
2011-10-15 20:52:24 ----RSD---- C:\WINDOWS\Fonts
2011-10-15 20:49:14 ----D---- C:\WINDOWS\WinSxS
2011-10-15 20:09:51 ----D---- C:\WINDOWS\system32\mui
2011-10-15 20:09:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-15 12:03:36 ----A---- C:\WINDOWS\win.ini
2011-10-15 11:56:49 ----D---- C:\WINDOWS\system32\config
2011-10-15 10:37:08 ----D---- C:\Program Files\Common Files\InstallShield
2011-10-15 10:36:46 ----D---- C:\Program Files\InterVideo
2011-10-13 20:12:29 ----RSD---- C:\WINDOWS\assembly
2011-10-13 20:08:26 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-13 14:15:36 ----A---- C:\WINDOWS\system32\MRT.exe
2011-10-13 14:15:20 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-13 14:15:11 ----D---- C:\Program Files\Internet Explorer
2011-10-13 14:14:58 ----D---- C:\WINDOWS\ie8updates
2011-10-06 20:26:15 ----D---- C:\Program Files\BitTorrentBar
2011-10-05 16:23:24 ----D---- C:\Program Files\DOSBox-0.74
2011-10-03 17:23:45 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-10-03 10:31:24 ----A---- C:\WINDOWS\system32\mshtml.dll
2011-09-29 13:57:26 ----D---- C:\Program Files\Common Files\Spigot
2011-09-28 20:36:06 ----D---- C:\Program Files\Mozilla Firefox
2011-09-28 13:55:58 ----A---- C:\WINDOWS\MyHeritage.INI
2011-09-26 11:41:42 ----A---- C:\WINDOWS\system32\uiautomationcore.dll
2011-09-26 11:41:42 ----A---- C:\WINDOWS\system32\oleaccrc.dll
2011-09-26 11:41:20 ----A---- C:\WINDOWS\system32\oleacc.dll
2011-09-21 23:50:17 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\IObit

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 SmartDefragDriver;SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R0 vax347b;vax347b; C:\WINDOWS\system32\DRIVERS\vax347b.sys [2005-07-08 159616]
R0 vax347s;vax347s; C:\WINDOWS\System32\Drivers\vax347s.sys [2004-04-30 5248]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-09-06 30808]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKslc468177e;MpKslc468177e; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{1031FD7C-98EC-4BB9-96F3-54D0B765602F}\MpKslc468177e.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-09-06 110552]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys []
R2 vmci;VMware vmci; \??\C:\WINDOWS\system32\Drivers\vmci.sys []
R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2010-03-31 31280]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Player\vstor2-ws60.sys []
R3 AESTAud;AE Audio Service; C:\WINDOWS\system32\drivers\AESTAud.sys [2009-04-21 113664]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2009-08-13 1163328]
R3 ALSysIO;ALSysIO; \??\C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\ALSysIO.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-10 4614144]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2010-09-22 2696448]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-11-19 556200]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2010-01-15 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2010-04-01 911400]
R3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2009-11-19 118440]
R3 btwmodem;Modem Bluetooth; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2010-01-15 37032]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2010-04-15 51752]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-11-09 47360]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2009-04-14 3732608]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-11-27 177152]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2010-03-17 1659283]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2009-12-22 30392]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
R3 vmkbd;VMware kbd; \??\C:\WINDOWS\system32\drivers\VMkbd.sys []
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2010-03-31 16560]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S1 MpKsl2cb7c89a;MpKsl2cb7c89a; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{FA6EB2CB-2F5A-4F0B-8D18-5364288DE162}\MpKsl2cb7c89a.sys []
S1 MpKsla0ed4c17;MpKsla0ed4c17; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{FA6EB2CB-2F5A-4F0B-8D18-5364288DE162}\MpKsla0ed4c17.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 iComp;Python2 USB WDM Encoder; C:\WINDOWS\system32\DRIVERS\p2usbwdm.sys [2005-04-27 1548800]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\WINDOWS\System32\Drivers\RimUsb.sys [2011-02-16 64000]
S3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-08-09 328536]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-03-27 14336]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-08-17 402328]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-10 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2010-04-12 365912]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 STacSV;Audio Service; c:\program files\idt\wdm\STacSV.exe [2010-03-17 229458]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Player\vmware-authd.exe [2010-03-31 113200]
R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2010-03-31 326192]
R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2010-03-31 399920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-09 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-09 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Player\vmware-ufad.exe [2008-12-01 191024]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.09 2011-10-17 22:09:06

======Uninstall list======

-->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec /X{11AE6807-50D2-4F59-82B3-2C3E695E94C2}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
4Videosoft MKV Video Converter-->"C:\Program Files\4Videosoft Studio\4Videosoft MKV Video Converter\unins000.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10x_Plugin.exe -maintain plugin
Adobe Reader 9.4.6 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A94000000001}
Advanced SystemCare 4-->"C:\Program Files\IObit\Advanced SystemCare 4\unins000.exe"
Aktualizace systému Microsoft Windows (KB971513)-->"C:\WINDOWS\$NtUninstallKB971513$\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB2447568)-->"C:\WINDOWS\ie8updates\KB2447568-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2492386)-->"C:\WINDOWS\$NtUninstallKB2492386$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Encoder (KB2447961)-->"C:\WINDOWS\$NtUninstallKB2447961_WM9L$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Aktualizace zabezpečení pro Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"
Aktualizace zabezpečení produktu Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2482017)-->"C:\WINDOWS\$NtUninstallKB2482017$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
AMD Processor Driver-->C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0005 -removeonly
AMD USB Filter Driver-->MsiExec.exe /X{987B04C4-B5AC-4AD6-A7E9-8D681085B850}
Apple Application Support-->MsiExec.exe /I{EE6097DD-05F4-4178-9719-D3170BF098E8}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ashampoo Burning Studio 6-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 6\Uninstall\BS6_Uninstall.EXE"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATLAS Czech 2011 NT-->MsiExec.exe /X{A5A82A64-AA95-4BB0-8270-371BE1ADD26A}
Audacity 1.2.3-->"C:\Program Files\Audacity\unins000.exe"
Auta snů 1.0-->"C:\Program Files\Auta snu\unins000.exe"
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Balíček zprostředkovatele služby Microsoft Base Smart Card Cryptographic Service-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Bezdrátový adaptér Broadcom 802.11 LAN-->"C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
BitTorrent-->"C:\Program Files\BitTorrent\BitTorrent.exe" /UNINSTALL
BitTorrentBar Toolbar-->C:\Program Files\BitTorrentBar\uninstall.exe
BlackBerry Device Software Updater-->MsiExec.exe /X{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}
Broadcom 2070 Bluetooth 3.0-->MsiExec.exe /X{F48BE301-EC78-4686-B580-EE4934558798}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cinderella-->C:\Program Files\EDDICA\cinderella\uninst.exe
Clean My Registry v5.0-->"C:\Program Files\Smart PC Solutions\Clean My Registry\unins000.exe"
CloneCD-->"C:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="C:\Program Files\SlySoft\CloneCD"
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
ComplitlyEngine-->"C:\Program Files\ComplitlyEngine\unins000.exe"
Core Temp 1.0 RC2-->"C:\Program Files\Core Temp\unins000.exe"
DVD and CD Cover Print-->C:\WINDOWS\system32\UNWISE.EXE C:\WINDOWS\system32\INSTALL.LOG
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.8.5-->"C:\Program Files\DVDFab 5\unins000.exe"
Farm Frenzy 3: Madagascar-->C:\Program Files\Alawarhry.cz\Farm Frenzy 3 Madagascar\Uninstall.exe
Firebird SQL Server - MAGIX Edition-->MsiExec.exe /X{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}
Game Booster-->"C:\Program Files\IObit\Game Booster\unins000.exe"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Governor of Poker 2 Premium Edition v1.0 Multi-->"C:\Program Files\Governor of Poker 2 Premium Edition\unins000.exe"
Grabster AV 400-->MsiExec.exe /I{1E61538A-D482-4252-BBB7-D892FD52FC50}
Guitar Pro 5.2-->"C:\Program Files\Guitar Pro 5\unins000.exe"
Harry Potter TM-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F50AF3B-8997-4916-0095-99D63DDB785A}\setup.exe" -l0x9 Uninstall
Heroes of Might and Magic III Complete-->C:\Program Files\InstallShield Installation Information\{EDFB64A7-5BFD-4137-943D-5663149A15F5}\setup.exe -runfromtemp -l0x0405
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IDT Audio-->"C:\Program Files\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -runfromtemp -l0x0005 -remove -removeonly
InterVideo WinDVD 4-->"C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
IObit Toolbar v4.6-->MsiExec.exe /X{29D4D03C-F70B-43d9-82E4-6E5696FB0D1D}
Kodek 0.16 CZ-->"C:\Program Files\Kodek CZ\unins000.exe"
Magic DVD Ripper V5.4.2-->"C:\Program Files\MagicDVDRipper\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Antimalware Service CS-CZ Language Pack-->MsiExec.exe /X{17CA32D1-73BD-4990-B8F6-369D8D34B05D}
Microsoft Antimalware-->MsiExec.exe /X{05BFB060-4F22-4710-B0A2-2801A1B606C5}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe"
Microsoft Security Client CS-CZ Language Pack-->MsiExec.exe /I{50779A29-834E-4E36-BBEB-B7CABC67A825}
Microsoft Security Client-->MsiExec.exe /I{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Moto Racer-->C:\WINDOWS\uninst.exe -f"C:\Program Files\MotoRacer\DeIsL1.isu"
Mozilla Firefox (3.6.23)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
MTV Music Generator-->C:\WINDOWS\IsUninst.exe -f"C:\Codemasters\MTV Music Generator\Uninst.isu"
MyHeritage Family Tree Builder-->C:\Program Files\MyHeritage\Bin\Uninstall.exe
Native Instruments Traktor DJ Mixer v1.0-->C:\PROGRA~1\NATIVE~1\TRAKTO~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\TRAKTO~1\INSTALL.LOG
Nero 7 Demo-->MsiExec.exe /I{368E88DE-E5D2-83E7-11AF-23375B581029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA GAME System Software 2.8.1-->MsiExec.exe /I{4F0C7CCF-5666-474B-B02E-AC514A95EC93}
NVIDIA PhysX v8.05.26-->MsiExec.exe /X{11AE6807-50D2-4F59-82B3-2C3E695E94C2}
Ogg Vorbis ACM Codec-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_ACM 132 C:\WINDOWS\INF\Vorbis.inf
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org 3.0-->MsiExec.exe /I{3E1AB596-4F70-4DA9-8BB7-703B8E78EDC6}
Oprava hotfix aplikace Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Ovladače videa společnosti Pinnacle-->MsiExec.exe /X{6DE721A5-5E89-4D74-994C-652BB3C0672E}
PDF-Viewer-->"C:\Program Files\Tracker Software\PDF Viewer\unins000.exe"
Pinnacle Studio 14-->MsiExec.exe /I{AADD1C8F-D59F-4D55-A726-768C71A205A8}
QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\SETUP.EXE -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x5 -removeonly
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Simulátor stavby - Jeřáb-->"C:\Program Files\TopCD\Simulátor stavby - Jeřáb\unins000.exe"
Smart Defrag 2-->"C:\Program Files\IObit\Smart Defrag 2\unins000.exe"
Speccy-->"C:\Program Files\Speccy\uninst.exe"
Texas Hold'em Poker 3D - Deluxe Edition 1.0-->"C:\Program Files\Play+Smile\Texas Hold'em Poker 3D - Deluxe Edition\unins000.exe"
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
Total Commander (Remove or Repair)-->C:\Program Files\totalcmd\tcuninst.exe
Total Video Converter 3.20 090114-->"C:\Program Files\Total Video Converter\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
VLC media player 1.1.9-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VMware Player-->MsiExec.exe /I{A53A11EA-0095-493F-86FA-A15E8A86A405}
Vypnutí PC-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Project1\ST6UNST.LOG"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Management Framework Core-->"C:\WINDOWS\$968930Uinstall_KB968930$\spuninst\spuninst.exe"
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
X2X Free 3GP Converter 3.1-->"C:\Program Files\X2Xsoft\Free 3GP Converter\unins000.exe"
XP Codec Pack-->C:\Program Files\XP Codec Pack\Uninstall.exe
Zoner Photo Studio 12-->"C:\Program Files\Zoner\Photo Studio 12\unins000.exe" /SILENT /SILENT

======Security center information======

AV: Microsoft Security Essentials
AV: avast! Antivirus
AV: Microsoft Security Essentials (disabled)

======System event log======

Computer Name: U-46C323A92BA74
Event Code: 62464
Message: UVD Information

Record Number: 123613
Source Name: ati2mtag
Time Written: 20111015010108.000000+120
Event Type: Informace
User:

Computer Name: U-46C323A92BA74
Event Code: 62464
Message: UVD Information

Record Number: 123612
Source Name: ati2mtag
Time Written: 20111015010103.000000+120
Event Type: Informace
User:

Computer Name: U-46C323A92BA74
Event Code: 62464
Message: UVD Information

Record Number: 123611
Source Name: ati2mtag
Time Written: 20111015010103.000000+120
Event Type: Informace
User:

Computer Name: U-46C323A92BA74
Event Code: 62464
Message: UVD Information

Record Number: 123610
Source Name: ati2mtag
Time Written: 20111015010103.000000+120
Event Type: Informace
User:

Computer Name: U-46C323A92BA74
Event Code: 62464
Message: UVD Information

Record Number: 123609
Source Name: ati2mtag
Time Written: 20111015010103.000000+120
Event Type: Informace
User:

=====Application event log=====

Computer Name: U-46C323A92BA74
Event Code: 1000
Message: Using configuration file: C:\Documents and Settings\All Users\Data aplikací\VMware\vmnetnat.conf.
IP address: 192.168.88.2
Subnet: 255.255.255.0
External IP address: 0.0.0.0
Device: vmnet8.
MAC address: 00:50:56:FE:68:68.
Ignoring host MAC address: 00:50:56:C0:00:08.


Record Number: 4411
Source Name: VMware NAT Service
Time Written: 20110628174416.000000+120
Event Type: Informace
User:

Computer Name: U-46C323A92BA74
Event Code: 1000
Message: Service started

Record Number: 4410
Source Name: VMware NAT Service
Time Written: 20110628174416.000000+120
Event Type: Informace
User:

Computer Name: U-46C323A92BA74
Event Code: 0
Message:
Record Number: 4409
Source Name: gupdate
Time Written: 20110628174404.000000+120
Event Type: Informace
User:

Computer Name: U-46C323A92BA74
Event Code: 0
Message:
Record Number: 4408
Source Name: Fabs
Time Written: 20110628174404.000000+120
Event Type: Informace
User:

Computer Name: U-46C323A92BA74
Event Code: 5000
Message: EventType mptelemetry, P1 8024402c, P2 endsearch, P3 search, P4 3.0.8107.0, P5 mpsigdwn.dll, P6 3.0.8107.0, P7 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P8 NIL, P9 NIL, P10 NIL.

Record Number: 4407
Source Name: MPSampleSubmission
Time Written: 20110627235013.000000+120
Event Type: Chyba
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Acronis\SnapAPI\;C:\Program Files\QuickTime\QTSystem\;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Pinnacle\Shared Files\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=x86 Family 16 Model 6 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0603
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
"PSModulePath"=C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------

[Roli]

Zdravím, v první řadě přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj jeden z antivirů,

máš tam totiž dva AVAST a MSIE, ponechal bych Avast

a jako další i Advanced SystemCare


Tohle fixni v HJT :

R3 - URLSearchHook: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.6\iobitToolbarIE.dll
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit0.dll
O2 - BHO: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.6\iobitToolbarIE.dll
O2 - BHO: BitTorrentBar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit0.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\prxtbBit0.dll
O3 - Toolbar: IObit Toolbar - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Program Files\IObit Toolbar\IE\4.6\iobitToolbarIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"


HJT najdeš zde :

C:\Program Files\trend micro\Uživatel.exe

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

[abdul99]

Malwarebytes' Anti-Malware 1.50
http://www.malwarebytes.org

Verze databáze: 7968

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

17.10.2011 22:43:07
mbam-log-2011-10-17 (22-43-02).txt

Typ kontroly: Rychlý test
Testované objekty: 161070
Uplynulý čas: 2 minut, 29 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 1
Infikované klíče v registru: 0
Infikované hodnoty v registru: 1
Infikované datové položky v registru: 1
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> No action taken.

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> No action taken.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> No action taken.




Co radíte dál??

[Roli]

Vše co Mbam našel nech smazat.


Nyní použijeme větší kalibr tak že pozorně čti, protože tenhle softík netoleruje chyby.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.


P.S. kdybych už tu dneska nebyl tak měj trpělivost a pokračovat budeme zítra neboj

[abdul99]

Vše jsem provedl a tady je log

ComboFix 11-10-17.02 - Uživatel 17.10.2011 23:34:43.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1788.1269 [GMT 2:00]
Spuštěný z: c:\documents and settings\U×ivatel\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\UNWISE.EXE
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-17 do 2011-10-17 )))))))))))))))))))))))))))))))
.
.
2011-10-17 20:38 . 2011-10-17 20:38 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Malwarebytes
2011-10-17 20:38 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-10-17 20:37 . 2011-10-17 20:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-17 20:37 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-17 20:08 . 2011-10-17 20:34 -------- d-----w- c:\program files\trend micro
2011-10-17 20:08 . 2011-10-17 20:09 -------- d-----w- C:\rsit
2011-10-16 13:39 . 2011-10-17 18:19 -------- d-----w- c:\program files\Serif Standa
2011-10-15 18:56 . 2011-10-15 18:56 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\DivX
2011-10-15 18:54 . 2005-09-23 20:18 171520 ----a-w- c:\windows\system32\drivers\MarvinBus.sys
2011-10-15 18:54 . 2011-10-15 18:54 -------- d-----w- c:\program files\Common Files\Pinnacle
2011-10-15 18:54 . 2011-10-15 18:54 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Downloaded Installations
2011-10-15 18:54 . 2011-10-15 19:32 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Pinnacle
2011-10-15 18:53 . 2011-10-15 18:56 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-10-15 18:48 . 2011-10-15 18:48 -------- d-----w- c:\program files\Common Files\Pegasus Imaging
2011-10-15 18:48 . 2011-10-15 18:48 -------- d-----w- c:\program files\Common Files\Yahoo!
2011-10-15 18:44 . 2011-10-15 18:48 -------- d-----w- c:\program files\Pinnacle
2011-10-15 10:04 . 2011-10-15 10:04 -------- d-----w- c:\program files\TerraTec
2011-10-15 08:55 . 2004-07-20 07:15 146109 ----a-r- c:\windows\system32\cpnotify.ax
2011-10-15 08:55 . 2005-04-27 07:26 1548800 ----a-r- c:\windows\system32\drivers\p2usbwdm.sys
2011-10-15 08:37 . 2005-06-10 02:44 81920 ------r- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
2011-10-15 08:37 . 2005-06-10 02:44 618496 ------r- c:\program files\Common Files\InstallShield\UpdateService\agent.exe
2011-10-15 08:37 . 2005-06-10 02:44 368640 ------r- c:\program files\Common Files\InstallShield\UpdateService\_isusres.dll
2011-10-15 08:37 . 2005-06-10 02:44 278528 ------r- c:\program files\Common Files\InstallShield\UpdateService\ISDM.exe
2011-10-15 08:36 . 2002-11-21 08:57 204800 ----a-w- c:\windows\system32\IVIresizeW7.dll
2011-10-15 08:36 . 2002-11-21 08:57 200704 ----a-w- c:\windows\system32\IVIresizeA6.dll
2011-10-15 08:36 . 2002-11-21 08:57 192512 ----a-w- c:\windows\system32\IVIresizeP6.dll
2011-10-15 08:36 . 2002-11-21 08:57 192512 ----a-w- c:\windows\system32\IVIresizeM6.dll
2011-10-15 08:36 . 2002-11-21 08:57 188416 ----a-w- c:\windows\system32\IVIresizePX.dll
2011-10-15 08:36 . 2002-11-21 08:57 20480 ----a-w- c:\windows\system32\IVIresize.dll
2011-10-15 08:36 . 2011-10-15 08:36 -------- d-----w- c:\windows\system32\windows media
2011-10-15 08:35 . 2011-10-15 08:36 -------- d--h--w- c:\windows\msdownld.tmp
2011-10-15 08:35 . 2011-10-15 08:35 -------- d-----w- c:\program files\Windows Media Components
2011-10-15 08:29 . 2011-10-17 18:20 -------- d-----w- c:\program files\Common Files\Ulead Systems
2011-10-09 20:14 . 2011-10-09 20:14 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\BlamGames
2011-10-09 20:13 . 2011-10-09 20:14 -------- d-----w- c:\program files\Auta snu
2011-10-07 20:08 . 2011-10-07 20:08 -------- d-----w- c:\program files\MotoRacer
2011-10-07 19:40 . 2011-10-07 19:40 -------- d-----w- c:\program files\Electronic Arts
2011-10-07 19:40 . 1996-11-05 14:13 299008 ----a-w- c:\windows\uninst.exe
2011-10-07 19:40 . 2011-10-07 19:40 -------- d-----w- c:\documents and settings\Uživatel\WINDOWS
2011-10-06 18:25 . 2011-10-17 17:27 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\PriceGong
2011-10-03 17:58 . 2011-10-17 18:54 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Research In Motion
2011-10-03 15:23 . 2009-01-09 14:18 27136 ----a-r- c:\windows\system32\drivers\RimSerial.sys
2011-10-03 15:08 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-10-03 15:07 . 2011-10-03 15:07 53248 ----a-r- c:\documents and settings\Uživatel\Data aplikací\Microsoft\Installer\{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}\ARPPRODUCTICON.exe
2011-10-03 15:07 . 2011-10-17 18:52 -------- d-----w- c:\program files\Common Files\Research In Motion
2011-09-29 19:20 . 2011-09-29 19:20 -------- d-----w- c:\program files\Speccy
2011-09-29 16:01 . 2011-09-29 16:23 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\GARMIN
2011-09-29 16:00 . 2011-09-29 16:12 -------- d-----w- C:\Garmin
2011-09-29 11:57 . 2011-09-29 11:57 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Search Settings
2011-09-29 11:57 . 2011-09-29 11:57 -------- d-----w- c:\program files\IObit Toolbar
2011-09-29 11:57 . 2011-09-29 11:57 -------- d-----w- c:\program files\Application Updater
2011-09-21 16:54 . 2011-09-21 16:54 -------- d-----w- c:\program files\Core Temp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-26 16:29 . 2011-08-07 05:34 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41 . 2008-07-29 18:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2008-04-14 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2008-04-14 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2008-04-14 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 20:45 . 2011-02-27 12:56 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-02-27 12:56 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-02-27 12:56 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2011-02-27 12:56 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-02-27 12:56 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-02-27 12:56 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-02-27 12:56 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-09-06 20:36 . 2011-02-27 12:56 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-09-06 20:36 . 2011-02-27 12:56 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-06 20:33 . 2011-02-27 12:56 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-09-06 14:10 . 2008-04-14 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 23:41 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-08-22 23:41 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2011-08-19 14:33 . 2011-09-08 20:32 25944 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-08-17 13:49 . 2008-04-14 12:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2006-09-02 08:45 . 2010-09-22 20:37 159744 ----a-w- c:\program files\Trayer.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Core Temp"="c:\program files\Core Temp\Core Temp.exe" [2011-09-01 722384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VMware hqtray"="c:\program files\VMware\VMware Player\hqtray.exe" [2010-03-31 64048]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"Family Tree Builder Update"="c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-06-21 225280]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\
Trayer.lnk - c:\program files\Trayer.exe [2010-9-22 159744]
.
c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\
Trayer.lnk - c:\program files\Trayer.exe [2010-9-22 159744]
.
c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\
Trayer.lnk - c:\program files\Trayer.exe [2010-9-22 159744]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-4-12 636256]
.
c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\
Trayer.lnk - c:\program files\Trayer.exe [2010-9-22 159744]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]
2009-04-21 19:01 737280 ----a-w- c:\windows\system32\AESTFltr.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\VMware\\VMware Player\\vmware-authd.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Codemasters\\MTV Music Generator\\client.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\umi.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8777:TCP"= 8777:TCP:BitComet 8777 TCP
"8777:UDP"= 8777:UDP:BitComet 8777 UDP
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [8.9.2011 22:32 14776]
R0 vax347b;vax347b;c:\windows\system32\drivers\vax347b.sys [26.6.2011 16:19 159616]
R0 vax347s;vax347s;c:\windows\system32\drivers\vax347s.sys [26.6.2011 16:19 5248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [27.2.2011 14:56 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [27.2.2011 14:56 320856]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [17.8.2011 13:00 402328]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.2.2011 14:56 20568]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [27.8.2009 18:09 1253376]
R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [31.3.2010 23:32 54960]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [22.9.2010 19:40 113664]
R3 ALSysIO;ALSysIO;\??\c:\docume~1\UIVATE~1\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\UIVATE~1\LOCALS~1\Temp\ALSysIO.sys [?]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [9.11.2010 17:05 47360]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [16.9.2010 14:25 30392]
S1 MpKsl2cb7c89a;MpKsl2cb7c89a;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{FA6EB2CB-2F5A-4F0B-8D18-5364288DE162}\MpKsl2cb7c89a.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{FA6EB2CB-2F5A-4F0B-8D18-5364288DE162}\MpKsl2cb7c89a.sys [?]
S1 MpKsla0ed4c17;MpKsla0ed4c17;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{FA6EB2CB-2F5A-4F0B-8D18-5364288DE162}\MpKsla0ed4c17.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{FA6EB2CB-2F5A-4F0B-8D18-5364288DE162}\MpKsla0ed4c17.sys [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9.4.2011 13:23 136176]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [7.8.2008 12:10 3276800]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9.4.2011 13:23 136176]
S3 iComp;Python2 USB WDM Encoder;c:\windows\system32\drivers\p2usbwdm.sys [15.10.2011 10:55 1548800]
S3 MSICDSetup;MSICDSetup;\??\e:\cdriver.sys --> e:\CDriver.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 14:00 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-09 11:23]
.
2011-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-09 11:23]
.
2011-10-17 c:\windows\Tasks\User_Feed_Synchronization-{9D3722B8-9C39-44F8-8D83-E5790B933727}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
LSP: c:\program files\VMware\VMware Player\vsocklib.dll
TCP: DhcpNameServer = 192.168.15.1
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2hx07fx5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - SluneÄŤnice
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Live HTTP Headers: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} - %profile%\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
FF - Ext: ComplitlyEngine - Speed up your search with your personal search suggestions tool: {33e0daa6-3af3-d8b5-6752-10e949c61516} - %profile%\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: BitTorrentBar Community Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - %profile%\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-DVD and CD Cover Print - c:\windows\system32\UNWISE.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-17 23:41
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-448539723-1647877149-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0AA451B8-E300-12A4-F482-805EBE7E96D1}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"nabfmepphkdjfggmbadjeomgaedb"=hex:6a,61,65,65,61,70,64,6c,6c,6c,65,65,68,69,
69,62,69,6f,6f,6e,00,f7
"mahenkinkpbjjngpejffimjncc"=hex:6b,61,66,65,65,6e,67,6c,6c,62,61,6a,6c,62,6d,
6c,69,68,6c,69,62,67,00,00
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1204)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'lsass.exe'(1260)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
Celkový čas: 2011-10-17 23:44:19
ComboFix-quarantined-files.txt 2011-10-17 21:44
.
Před spuštěním: Volných bajtů: 33 385 869 312
Po spuštění: Volných bajtů: 33 499 557 888
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 3746A5817A5B64F8A6343216FC56470E

[Roli]

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

Folder::
c:\documents and settings\Uživatel\Data aplikací\Search Settings
c:\program files\IObit Toolbar
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware

Driver::
MpKsl2cb7c89a
MpKsla0ed4c17

FireFox::
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2hx07fx5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[abdul99]

Takže provedeno a už od včerejška se mi ta hlaška v okně nezobrazuje. Tady je novej log:

ComboFix 11-10-17.02 - Uživatel 18.10.2011 20:25:15.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1788.1190 [GMT 2:00]
Spuštěný z: c:\documents and settings\U×ivatel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\U×ivatel\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-18 do 2011-10-18 )))))))))))))))))))))))))))))))
.
.
2011-10-18 13:36 . 2011-10-18 13:36 -------- d-----w- c:\program files\Womble Multimedia
2011-10-17 20:38 . 2011-10-17 20:38 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Malwarebytes
2011-10-17 20:38 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-10-17 20:37 . 2011-10-17 20:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-17 20:37 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-17 20:08 . 2011-10-17 20:34 -------- d-----w- c:\program files\trend micro
2011-10-17 20:08 . 2011-10-17 20:09 -------- d-----w- C:\rsit
2011-10-16 13:39 . 2011-10-17 18:19 -------- d-----w- c:\program files\Serif Standa
2011-10-15 18:56 . 2011-10-15 18:56 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\DivX
2011-10-15 18:54 . 2005-09-23 20:18 171520 ----a-w- c:\windows\system32\drivers\MarvinBus.sys
2011-10-15 18:54 . 2011-10-15 18:54 -------- d-----w- c:\program files\Common Files\Pinnacle
2011-10-15 18:54 . 2011-10-15 18:54 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Downloaded Installations
2011-10-15 18:54 . 2011-10-15 19:32 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Pinnacle
2011-10-15 18:53 . 2011-10-15 18:56 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-10-15 18:48 . 2011-10-15 18:48 -------- d-----w- c:\program files\Common Files\Pegasus Imaging
2011-10-15 18:48 . 2011-10-15 18:48 -------- d-----w- c:\program files\Common Files\Yahoo!
2011-10-15 18:44 . 2011-10-15 18:48 -------- d-----w- c:\program files\Pinnacle
2011-10-15 10:04 . 2011-10-15 10:04 -------- d-----w- c:\program files\TerraTec
2011-10-15 08:55 . 2004-07-20 07:15 146109 ----a-r- c:\windows\system32\cpnotify.ax
2011-10-15 08:55 . 2005-04-27 07:26 1548800 ----a-r- c:\windows\system32\drivers\p2usbwdm.sys
2011-10-15 08:37 . 2005-06-10 02:44 81920 ------r- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
2011-10-15 08:37 . 2005-06-10 02:44 618496 ------r- c:\program files\Common Files\InstallShield\UpdateService\agent.exe
2011-10-15 08:37 . 2005-06-10 02:44 368640 ------r- c:\program files\Common Files\InstallShield\UpdateService\_isusres.dll
2011-10-15 08:37 . 2005-06-10 02:44 278528 ------r- c:\program files\Common Files\InstallShield\UpdateService\ISDM.exe
2011-10-15 08:36 . 2002-11-21 08:57 204800 ----a-w- c:\windows\system32\IVIresizeW7.dll
2011-10-15 08:36 . 2002-11-21 08:57 200704 ----a-w- c:\windows\system32\IVIresizeA6.dll
2011-10-15 08:36 . 2002-11-21 08:57 192512 ----a-w- c:\windows\system32\IVIresizeP6.dll
2011-10-15 08:36 . 2002-11-21 08:57 192512 ----a-w- c:\windows\system32\IVIresizeM6.dll
2011-10-15 08:36 . 2002-11-21 08:57 188416 ----a-w- c:\windows\system32\IVIresizePX.dll
2011-10-15 08:36 . 2002-11-21 08:57 20480 ----a-w- c:\windows\system32\IVIresize.dll
2011-10-15 08:36 . 2011-10-15 08:36 -------- d-----w- c:\windows\system32\windows media
2011-10-15 08:35 . 2011-10-15 08:36 -------- d--h--w- c:\windows\msdownld.tmp
2011-10-15 08:35 . 2011-10-15 08:35 -------- d-----w- c:\program files\Windows Media Components
2011-10-15 08:29 . 2011-10-17 18:20 -------- d-----w- c:\program files\Common Files\Ulead Systems
2011-10-09 20:14 . 2011-10-09 20:14 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\BlamGames
2011-10-09 20:13 . 2011-10-09 20:14 -------- d-----w- c:\program files\Auta snu
2011-10-07 20:08 . 2011-10-07 20:08 -------- d-----w- c:\program files\MotoRacer
2011-10-07 19:40 . 2011-10-07 19:40 -------- d-----w- c:\program files\Electronic Arts
2011-10-07 19:40 . 1996-11-05 14:13 299008 ----a-w- c:\windows\uninst.exe
2011-10-07 19:40 . 2011-10-07 19:40 -------- d-----w- c:\documents and settings\Uživatel\WINDOWS
2011-10-06 18:25 . 2011-10-17 17:27 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\PriceGong
2011-10-03 17:58 . 2011-10-17 18:54 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Research In Motion
2011-10-03 15:23 . 2009-01-09 14:18 27136 ----a-r- c:\windows\system32\drivers\RimSerial.sys
2011-10-03 15:08 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-10-03 15:07 . 2011-10-03 15:07 53248 ----a-r- c:\documents and settings\Uživatel\Data aplikací\Microsoft\Installer\{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}\ARPPRODUCTICON.exe
2011-10-03 15:07 . 2011-10-17 18:52 -------- d-----w- c:\program files\Common Files\Research In Motion
2011-09-29 19:20 . 2011-09-29 19:20 -------- d-----w- c:\program files\Speccy
2011-09-29 16:01 . 2011-09-29 16:23 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\GARMIN
2011-09-29 16:00 . 2011-09-29 16:12 -------- d-----w- C:\Garmin
2011-09-29 11:57 . 2011-09-29 11:57 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Search Settings
2011-09-29 11:57 . 2011-09-29 11:57 -------- d-----w- c:\program files\IObit Toolbar
2011-09-29 11:57 . 2011-09-29 11:57 -------- d-----w- c:\program files\Application Updater
2011-09-21 16:54 . 2011-09-21 16:54 -------- d-----w- c:\program files\Core Temp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-26 16:29 . 2011-08-07 05:34 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41 . 2008-07-29 18:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2008-04-14 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2008-04-14 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2008-04-14 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 20:45 . 2011-02-27 12:56 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-02-27 12:56 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-02-27 12:56 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2011-02-27 12:56 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-02-27 12:56 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-02-27 12:56 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-02-27 12:56 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-09-06 20:36 . 2011-02-27 12:56 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-09-06 20:36 . 2011-02-27 12:56 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-06 20:33 . 2011-02-27 12:56 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-09-06 14:10 . 2008-04-14 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 23:41 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-08-22 23:41 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2011-08-19 14:33 . 2011-09-08 20:32 25944 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-08-17 13:49 . 2008-04-14 12:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2006-09-02 08:45 . 2010-09-22 20:37 159744 ----a-w- c:\program files\Trayer.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-17_21.41.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-18 18:18 . 2011-10-18 18:18 16384 c:\windows\Temp\Perflib_Perfdata_c20.dat
- 2008-04-14 12:00 . 2011-10-17 21:25 69304 c:\windows\system32\perfc009.dat
+ 2008-04-14 12:00 . 2011-10-18 18:22 69304 c:\windows\system32\perfc009.dat
+ 2008-04-14 12:00 . 2011-10-18 18:22 79932 c:\windows\system32\perfc005.dat
- 2008-04-14 12:00 . 2011-10-17 21:25 79932 c:\windows\system32\perfc005.dat
+ 2011-10-18 01:02 . 2011-10-18 01:02 22016 c:\windows\Installer\caff9e.msi
- 2008-04-14 12:00 . 2011-10-17 21:25 435822 c:\windows\system32\perfh009.dat
+ 2008-04-14 12:00 . 2011-10-18 18:22 435822 c:\windows\system32\perfh009.dat
+ 2008-04-14 12:00 . 2011-10-18 18:22 432450 c:\windows\system32\perfh005.dat
- 2008-04-14 12:00 . 2011-10-17 21:25 432450 c:\windows\system32\perfh005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Core Temp"="c:\program files\Core Temp\Core Temp.exe" [2011-09-01 722384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VMware hqtray"="c:\program files\VMware\VMware Player\hqtray.exe" [2010-03-31 64048]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"Family Tree Builder Update"="c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-06-21 225280]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\
Trayer.lnk - c:\program files\Trayer.exe [2010-9-22 159744]
.
c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\
Trayer.lnk - c:\program files\Trayer.exe [2010-9-22 159744]
.
c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\
Trayer.lnk - c:\program files\Trayer.exe [2010-9-22 159744]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-4-12 636256]
.
c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\
Trayer.lnk - c:\program files\Trayer.exe [2010-9-22 159744]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]
2009-04-21 19:01 737280 ----a-w- c:\windows\system32\AESTFltr.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\VMware\\VMware Player\\vmware-authd.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Codemasters\\MTV Music Generator\\client.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\umi.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8777:TCP"= 8777:TCP:BitComet 8777 TCP
"8777:UDP"= 8777:UDP:BitComet 8777 UDP
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [8.9.2011 22:32 14776]
R0 vax347b;vax347b;c:\windows\system32\drivers\vax347b.sys [26.6.2011 16:19 159616]
R0 vax347s;vax347s;c:\windows\system32\drivers\vax347s.sys [26.6.2011 16:19 5248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [27.2.2011 14:56 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [27.2.2011 14:56 320856]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [17.8.2011 13:00 402328]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.2.2011 14:56 20568]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [27.8.2009 18:09 1253376]
R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [31.3.2010 23:32 54960]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [22.9.2010 19:40 113664]
R3 ALSysIO;ALSysIO;\??\c:\docume~1\UIVATE~1\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\UIVATE~1\LOCALS~1\Temp\ALSysIO.sys [?]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [9.11.2010 17:05 47360]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [16.9.2010 14:25 30392]
S1 MpKsl2cb7c89a;MpKsl2cb7c89a;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{FA6EB2CB-2F5A-4F0B-8D18-5364288DE162}\MpKsl2cb7c89a.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{FA6EB2CB-2F5A-4F0B-8D18-5364288DE162}\MpKsl2cb7c89a.sys [?]
S1 MpKsla0ed4c17;MpKsla0ed4c17;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{FA6EB2CB-2F5A-4F0B-8D18-5364288DE162}\MpKsla0ed4c17.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{FA6EB2CB-2F5A-4F0B-8D18-5364288DE162}\MpKsla0ed4c17.sys [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9.4.2011 13:23 136176]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [7.8.2008 12:10 3276800]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9.4.2011 13:23 136176]
S3 iComp;Python2 USB WDM Encoder;c:\windows\system32\drivers\p2usbwdm.sys [15.10.2011 10:55 1548800]
S3 MSICDSetup;MSICDSetup;\??\e:\cdriver.sys --> e:\CDriver.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 14:00 14336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-09 11:23]
.
2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-09 11:23]
.
2011-10-18 c:\windows\Tasks\User_Feed_Synchronization-{9D3722B8-9C39-44F8-8D83-E5790B933727}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
LSP: c:\program files\VMware\VMware Player\vsocklib.dll
TCP: DhcpNameServer = 192.168.15.1
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2hx07fx5.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - SluneÄŤnice
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Live HTTP Headers: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} - %profile%\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
FF - Ext: ComplitlyEngine - Speed up your search with your personal search suggestions tool: {33e0daa6-3af3-d8b5-6752-10e949c61516} - %profile%\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: BitTorrentBar Community Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - %profile%\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-18 20:32
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-448539723-1647877149-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0AA451B8-E300-12A4-F482-805EBE7E96D1}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"nabfmepphkdjfggmbadjeomgaedb"=hex:6a,61,65,65,61,70,64,6c,6c,6c,65,65,68,69,
69,62,69,6f,6f,6e,00,f7
"mahenkinkpbjjngpejffimjncc"=hex:6b,61,66,65,65,6e,67,6c,6c,62,61,6a,6c,62,6d,
6c,69,68,6c,69,62,67,00,00
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1200)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'lsass.exe'(1256)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'explorer.exe'(3704)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
c:\windows\system32\msi.dll
c:\windows\system32\btmmhook.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-10-18 20:35:27
ComboFix-quarantined-files.txt 2011-10-18 18:35
ComboFix2.txt 2011-10-17 21:44
.
Před spuštěním: Volných bajtů: 33 405 472 768
Po spuštění: Volných bajtů: 33 389 285 376
.
- - End Of File - - D186438C0BCB298DB24D8269C6B650F6

[Roli]

Takže provedeno a už od včerejška se mi ta hlaška v okně nezobrazuje

To je sice hezké, ale to co se mělo smazat se tak nestalo.

Tak že ještě jeden pokus, ale tentokrát trošku jinak.

Přesuň ComboFix i skript na Místní disk C a proveď tu akci



ještě jednou, samozřejmě jako admin a opět mi sem dej log.

[abdul99]

Tak provedeno. Zde log:

ComboFix 11-10-18.04 - Uživatel 18.10.2011 23:08:18.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1788.1302 [GMT 2:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IObit Toolbar
c:\program files\IObit Toolbar\FF\chrome.manifest
c:\program files\IObit Toolbar\FF\chrome\content\chevron.js
c:\program files\IObit Toolbar\FF\chrome\content\chevron.xul
c:\program files\IObit Toolbar\FF\chrome\content\login.js
c:\program files\IObit Toolbar\FF\chrome\content\login.xul
c:\program files\IObit Toolbar\FF\chrome\content\parser.js
c:\program files\IObit Toolbar\FF\chrome\content\RssTickerWidget.js
c:\program files\IObit Toolbar\FF\chrome\content\searchbox.js
c:\program files\IObit Toolbar\FF\chrome\content\searchbox.xul
c:\program files\IObit Toolbar\FF\chrome\content\utils.js
c:\program files\IObit Toolbar\FF\chrome\content\widgicomm.js
c:\program files\IObit Toolbar\FF\chrome\content\widgihandling.js
c:\program files\IObit Toolbar\FF\chrome\content\widgichevron.js
c:\program files\IObit Toolbar\FF\chrome\content\widgilisteners.js
c:\program files\IObit Toolbar\FF\chrome\content\widgitoolbarplugin.js
c:\program files\IObit Toolbar\FF\chrome\content\widgitoolbarplugin.xul
c:\program files\IObit Toolbar\FF\chrome\content\widgiui.js
c:\program files\IObit Toolbar\FF\chrome\locale\EN-US\searchbox.dtd
c:\program files\IObit Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd
c:\program files\IObit Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties
c:\program files\IObit Toolbar\FF\chrome\locale\EN-US\yahoo-search.gif
c:\program files\IObit Toolbar\FF\chrome\skin\amazon.gif
c:\program files\IObit Toolbar\FF\chrome\skin\ebay.gif
c:\program files\IObit Toolbar\FF\chrome\skin\chevron.gif
c:\program files\IObit Toolbar\FF\chrome\skin\icon_settings.gif
c:\program files\IObit Toolbar\FF\chrome\skin\iobit_logo.gif
c:\program files\IObit Toolbar\FF\chrome\skin\iobit_logo_hover.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search-button-hover.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search-button.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search-chevron-hover.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search-chevron.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search_amazon.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search_ebay.gif
c:\program files\IObit Toolbar\FF\chrome\skin\search_yahoo.gif
c:\program files\IObit Toolbar\FF\chrome\skin\searchbox.css
c:\program files\IObit Toolbar\FF\chrome\skin\security.gif
c:\program files\IObit Toolbar\FF\chrome\skin\splitter.gif
c:\program files\IObit Toolbar\FF\chrome\skin\system.gif
c:\program files\IObit Toolbar\FF\chrome\skin\widgitoolbarplugin.css
c:\program files\IObit Toolbar\FF\install.rdf
c:\program files\IObit Toolbar\IE\4.6\config.ini
c:\program files\IObit Toolbar\Res\amazon.gif
c:\program files\IObit Toolbar\Res\ebay.gif
c:\program files\IObit Toolbar\Res\icon_settings.gif
c:\program files\IObit Toolbar\Res\iobit_logo.gif
c:\program files\IObit Toolbar\Res\iobit_logo_hover.gif
c:\program files\IObit Toolbar\Res\search-button-hover.gif
c:\program files\IObit Toolbar\Res\search-button.gif
c:\program files\IObit Toolbar\Res\search-chevron-hover.gif
c:\program files\IObit Toolbar\Res\search-chevron.gif
c:\program files\IObit Toolbar\Res\search_amazon.gif
c:\program files\IObit Toolbar\Res\search_ebay.gif
c:\program files\IObit Toolbar\Res\search_yahoo.gif
c:\program files\IObit Toolbar\Res\security.gif
c:\program files\IObit Toolbar\Res\system.gif
c:\program files\IObit Toolbar\Res\widgets.xml
c:\program files\IObit Toolbar\WidgiHelper.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_MpKsl2cb7c89a
-------\Service_MpKsla0ed4c17
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-18 do 2011-10-18 )))))))))))))))))))))))))))))))
.
.
2011-10-18 13:36 . 2011-10-18 13:36 -------- d-----w- c:\program files\Womble Multimedia
2011-10-17 20:38 . 2011-10-17 20:38 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Malwarebytes
2011-10-17 20:38 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-10-17 20:37 . 2011-10-17 20:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-17 20:37 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-17 20:08 . 2011-10-17 20:34 -------- d-----w- c:\program files\trend micro
2011-10-17 20:08 . 2011-10-17 20:09 -------- d-----w- C:\rsit
2011-10-16 13:39 . 2011-10-17 18:19 -------- d-----w- c:\program files\Serif Standa
2011-10-15 18:56 . 2011-10-15 18:56 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\DivX
2011-10-15 18:54 . 2005-09-23 20:18 171520 ----a-w- c:\windows\system32\drivers\MarvinBus.sys
2011-10-15 18:54 . 2011-10-15 18:54 -------- d-----w- c:\program files\Common Files\Pinnacle
2011-10-15 18:54 . 2011-10-15 18:54 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Downloaded Installations
2011-10-15 18:54 . 2011-10-15 19:32 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Pinnacle
2011-10-15 18:53 . 2011-10-15 18:56 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2011-10-15 18:48 . 2011-10-15 18:48 -------- d-----w- c:\program files\Common Files\Pegasus Imaging
2011-10-15 18:48 . 2011-10-15 18:48 -------- d-----w- c:\program files\Common Files\Yahoo!
2011-10-15 18:44 . 2011-10-15 18:48 -------- d-----w- c:\program files\Pinnacle
2011-10-15 10:04 . 2011-10-15 10:04 -------- d-----w- c:\program files\TerraTec
2011-10-15 08:55 . 2004-07-20 07:15 146109 ----a-r- c:\windows\system32\cpnotify.ax
2011-10-15 08:55 . 2005-04-27 07:26 1548800 ----a-r- c:\windows\system32\drivers\p2usbwdm.sys
2011-10-15 08:37 . 2005-06-10 02:44 81920 ------r- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
2011-10-15 08:37 . 2005-06-10 02:44 618496 ------r- c:\program files\Common Files\InstallShield\UpdateService\agent.exe
2011-10-15 08:37 . 2005-06-10 02:44 368640 ------r- c:\program files\Common Files\InstallShield\UpdateService\_isusres.dll
2011-10-15 08:37 . 2005-06-10 02:44 278528 ------r- c:\program files\Common Files\InstallShield\UpdateService\ISDM.exe
2011-10-15 08:36 . 2002-11-21 08:57 204800 ----a-w- c:\windows\system32\IVIresizeW7.dll
2011-10-15 08:36 . 2002-11-21 08:57 200704 ----a-w- c:\windows\system32\IVIresizeA6.dll
2011-10-15 08:36 . 2002-11-21 08:57 192512 ----a-w- c:\windows\system32\IVIresizeP6.dll
2011-10-15 08:36 . 2002-11-21 08:57 192512 ----a-w- c:\windows\system32\IVIresizeM6.dll
2011-10-15 08:36 . 2002-11-21 08:57 188416 ----a-w- c:\windows\system32\IVIresizePX.dll
2011-10-15 08:36 . 2002-11-21 08:57 20480 ----a-w- c:\windows\system32\IVIresize.dll
2011-10-15 08:36 . 2011-10-15 08:36 -------- d-----w- c:\windows\system32\windows media
2011-10-15 08:35 . 2011-10-15 08:36 -------- d--h--w- c:\windows\msdownld.tmp
2011-10-15 08:35 . 2011-10-15 08:35 -------- d-----w- c:\program files\Windows Media Components
2011-10-15 08:29 . 2011-10-17 18:20 -------- d-----w- c:\program files\Common Files\Ulead Systems
2011-10-09 20:14 . 2011-10-09 20:14 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\BlamGames
2011-10-09 20:13 . 2011-10-09 20:14 -------- d-----w- c:\program files\Auta snu
2011-10-07 20:08 . 2011-10-07 20:08 -------- d-----w- c:\program files\MotoRacer
2011-10-07 19:40 . 2011-10-07 19:40 -------- d-----w- c:\program files\Electronic Arts
2011-10-07 19:40 . 1996-11-05 14:13 299008 ----a-w- c:\windows\uninst.exe
2011-10-07 19:40 . 2011-10-07 19:40 -------- d-----w- c:\documents and settings\Uživatel\WINDOWS
2011-10-06 18:25 . 2011-10-17 17:27 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\PriceGong
2011-10-03 17:58 . 2011-10-17 18:54 -------- d-----w- c:\documents and settings\Uživatel\Local Settings\Data aplikací\Research In Motion
2011-10-03 15:23 . 2009-01-09 14:18 27136 ----a-r- c:\windows\system32\drivers\RimSerial.sys
2011-10-03 15:08 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-10-03 15:07 . 2011-10-03 15:07 53248 ----a-r- c:\documents and settings\Uživatel\Data aplikací\Microsoft\Installer\{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}\ARPPRODUCTICON.exe
2011-10-03 15:07 . 2011-10-17 18:52 -------- d-----w- c:\program files\Common Files\Research In Motion
2011-09-29 19:20 . 2011-09-29 19:20 -------- d-----w- c:\program files\Speccy
2011-09-29 16:01 . 2011-09-29 16:23 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\GARMIN
2011-09-29 16:00 . 2011-09-29 16:12 -------- d-----w- C:\Garmin
2011-09-29 11:57 . 2011-09-29 11:57 -------- d-----w- c:\documents and settings\Uživatel\Data aplikací\Search Settings
2011-09-29 11:57 . 2011-09-29 11:57 -------- d-----w- c:\program files\Application Updater
2011-09-21 16:54 . 2011-09-21 16:54 -------- d-----w- c:\program files\Core Temp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-26 16:29 . 2011-08-07 05:34 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41 . 2008-07-29 18:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2008-04-14 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2008-04-14 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2008-04-14 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 20:45 . 2011-02-27 12:56 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-02-27 12:56 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-02-27 12:56 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2011-02-27 12:56 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-02-27 12:56 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-02-27 12:56 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-02-27 12:56 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-09-06 20:36 . 2011-02-27 12:56 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-09-06 20:36 . 2011-02-27 12:56 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-06 20:33 . 2011-02-27 12:56 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-09-06 14:10 . 2008-04-14 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 23:41 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-08-22 23:41 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-08-22 11:56 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2011-08-19 14:33 . 2011-09-08 20:32 25944 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2011-08-17 13:49 . 2008-04-14 12:00 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2006-09-02 08:45 . 2010-09-22 20:37 159744 ----a-w- c:\program files\Trayer.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-17_21.41.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-18 18:18 . 2011-10-18 18:18 16384 c:\windows\Temp\Perflib_Perfdata_c20.dat
+ 2011-10-18 21:17 . 2011-10-18 21:17 16384 c:\windows\Temp\Perflib_Perfdata_310.dat
+ 2008-04-14 12:00 . 2011-10-18 18:22 69304 c:\windows\system32\perfc009.dat
- 2008-04-14 12:00 . 2011-10-17 21:25 69304 c:\windows\system32\perfc009.dat
+ 2008-04-14 12:00 . 2011-10-18 18:22 79932 c:\windows\system32\perfc005.dat
- 2008-04-14 12:00 . 2011-10-17 21:25 79932 c:\windows\system32\perfc005.dat
+ 2011-10-18 01:02 . 2011-10-18 01:02 22016 c:\windows\Installer\caff9e.msi
+ 2008-04-14 12:00 . 2011-10-18 18:22 435822 c:\windows\system32\perfh009.dat
- 2008-04-14 12:00 . 2011-10-17 21:25 435822 c:\windows\system32\perfh009.dat
+ 2008-04-14 12:00 . 2011-10-18 18:22 432450 c:\windows\system32\perfh005.dat
- 2008-04-14 12:00 . 2011-10-17 21:25 432450 c:\windows\system32\perfh005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Core Temp"="c:\program files\Core Temp\Core Temp.exe" [2011-09-01 722384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VMware hqtray"="c:\program files\VMware\VMware Player\hqtray.exe" [2010-03-31 64048]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"Family Tree Builder Update"="c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-06-21 225280]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\
Trayer.lnk - c:\program files\Trayer.exe [2010-9-22 159744]
.
c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\
Trayer.lnk - c:\program files\Trayer.exe [2010-9-22 159744]
.
c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\
Trayer.lnk - c:\program files\Trayer.exe [2010-9-22 159744]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-4-12 636256]
.
c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\
Trayer.lnk - c:\program files\Trayer.exe [2010-9-22 159744]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^InterVideo WinCinema Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk
backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AESTFltr]
2009-04-21 19:01 737280 ----a-w- c:\windows\system32\AESTFltr.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\VMware\\VMware Player\\vmware-authd.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Codemasters\\MTV Music Generator\\client.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 14\\Programs\\umi.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8777:TCP"= 8777:TCP:BitComet 8777 TCP
"8777:UDP"= 8777:UDP:BitComet 8777 UDP
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [8.9.2011 22:32 14776]
R0 vax347b;vax347b;c:\windows\system32\drivers\vax347b.sys [26.6.2011 16:19 159616]
R0 vax347s;vax347s;c:\windows\system32\drivers\vax347s.sys [26.6.2011 16:19 5248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [27.2.2011 14:56 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [27.2.2011 14:56 320856]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [17.8.2011 13:00 402328]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.2.2011 14:56 20568]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [27.8.2009 18:09 1253376]
R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [31.3.2010 23:32 54960]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [22.9.2010 19:40 113664]
R3 ALSysIO;ALSysIO;\??\c:\docume~1\UIVATE~1\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\UIVATE~1\LOCALS~1\Temp\ALSysIO.sys [?]
R3 iComp;Python2 USB WDM Encoder;c:\windows\system32\drivers\p2usbwdm.sys [15.10.2011 10:55 1548800]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [9.11.2010 17:05 47360]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [16.9.2010 14:25 30392]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9.4.2011 13:23 136176]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [7.8.2008 12:10 3276800]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [9.4.2011 13:23 136176]
S3 MSICDSetup;MSICDSetup;\??\e:\cdriver.sys --> e:\CDriver.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 14:00 14336]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ALSYSIO
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-09 11:23]
.
2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-09 11:23]
.
2011-10-18 c:\windows\Tasks\User_Feed_Synchronization-{9D3722B8-9C39-44F8-8D83-E5790B933727}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
LSP: c:\program files\VMware\VMware Player\vsocklib.dll
TCP: DhcpNameServer = 192.168.15.1
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2hx07fx5.default\
FF - prefs.js: browser.search.selectedEngine - SluneÄŤnice
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=382950&p=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Live HTTP Headers: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} - %profile%\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
FF - Ext: ComplitlyEngine - Speed up your search with your personal search suggestions tool: {33e0daa6-3af3-d8b5-6752-10e949c61516} - %profile%\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: BitTorrentBar Community Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - %profile%\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-18 23:17
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-448539723-1647877149-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0AA451B8-E300-12A4-F482-805EBE7E96D1}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"nabfmepphkdjfggmbadjeomgaedb"=hex:6a,61,65,65,61,70,64,6c,6c,6c,65,65,68,69,
69,62,69,6f,6f,6e,00,f7
"mahenkinkpbjjngpejffimjncc"=hex:6b,61,66,65,65,6e,67,6c,6c,62,61,6a,6c,62,6d,
6c,69,68,6c,69,62,67,00,00
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1208)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'lsass.exe'(1264)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'explorer.exe'(3264)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
c:\windows\system32\msi.dll
c:\windows\system32\btmmhook.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\idt\wdm\STacSV.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\windows\system32\vmnat.exe
c:\windows\system32\vmnetdhcp.exe
c:\program files\VMware\VMware Player\vmware-authd.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\wscntfy.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
.
**************************************************************************
.
Celkový čas: 2011-10-18 23:21:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-18 21:21
ComboFix2.txt 2011-10-18 18:35
ComboFix3.txt 2011-10-17 21:44
.
Před spuštěním: Volných bajtů: 33 393 213 440
Po spuštění: Volných bajtů: 33 177 165 824
.
- - End Of File - - C6762D860A901DCCBF26352523E139AE

[Roli]

To už je lepší, ale pořád tam někde trčí Microsoft Security Essentials.

Tak se zeptám, troufneš si do registru ?

[abdul99]

to je pro mě španělská vesnice.. jak na to?

[Roli]

Aha tak to raději provedem jinak

Přes Start >> Spustit >> do okénka nakopíruj - net stop msmpsvc >> Enter.

Pak ještě jednou to samé, ale s tímto příkazem - sc config msmpsvc start= disabled


Dále stáhni SystemLook

spusť aplikaci a do otevřeného okna zkopíruj :

Kód: Vybrat vše

:regfind
Microsoft Security Essentials
Microsoft Antimalware

pak klik na Look aplikace vytvoří SystemLook.txt jeho obsah mi sem zkopíruj.


Je možné že to chvilku potrvá, tak že na to mrknu zítra (už dnes ) večer.

[abdul99]

SystemLook 30.07.11 by jpshortstuff
Log created at 15:34 on 19/10/2011 by Uživatel
Administrator - Elevation successful

========== regfind ==========

Searching for "Microsoft Security Essentials"
[HKEY_CURRENT_USER\Software\WinRAR\VirusScan]
"Name"="C:\Program Files\Microsoft Security Essentials\msseces.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Microsoft Security Essentials\"=""
[HKEY_USERS\S-1-5-21-448539723-1647877149-1801674531-1004\Software\WinRAR\VirusScan]
"Name"="C:\Program Files\Microsoft Security Essentials\msseces.exe"

Searching for "Microsoft Antimalware"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Quarantine\"="1"

-= EOF =-

[abdul99]

co dal?

[Roli]

Tak že ještě jednou a opět z Místního disku C s tímto skriptem :

Kód: Vybrat vše

Folder::
C:\Program Files\Microsoft Security Essentials
C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware

Registry:: 
[HKEY_CURRENT_USER\Software\WinRAR\VirusScan]
"Name"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\Microsoft Security Essentials"=-
[HKEY_USERS\S-1-5-21-448539723-1647877149-1801674531-1004\Software\WinRAR\VirusScan]
"Name"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Quarantine"=-

Pak mi sem dej opět log.