PROSÍM O POMOC! Po startu se objeví tato hláška:
Probíhá vypnutí systému.Uložte... atd. Vypnutí vyvolal NT AUTHORITY\SYSTEM
čas do vypnutí 59 sec
Zpráva
Systémový proces
C:\WINDOWS\system32\Isass.exe neočekávaně skončil se stavovým kodem -1073741819. System bude nyní ukončen a restartován
Log z RSIST:
Logfile of random's system information tool 1.09 (written by random/random)
Run by at 2012-04-30 18:05:06
WIN_XP Service Pack 3
System drive C: has 6 GB (1%) free of 410 GB
Total RAM: 3327 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:05:10, on 30.4.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Zrychleni Pocitace\PCSUService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Documents and Settings\All Users\Data aplikací\FileOpen\Services\FileOpenManagerSvc32.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\KaraokeSer.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\PrintCtrl.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\explorer.exe
C:\Downloads\RSIT(1).exe
C:\Program Files\trend micro\.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1606980848-2049760794-725345543-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: FileOpenManagerSvc - FileOpen Systems Inc. - C:\Documents and Settings\All Users\Data aplikací\FileOpen\Services\FileOpenManagerSvc32.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GSService - Unknown owner - C:\WINDOWS\system32\GSService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: VIA Karaoke digital mixer Service (KaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\KaraokeSer.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\WINDOWS\system32\mfevtps.exe (file missing)
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSUService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - C:\WINDOWS\system32\PrintCtrl.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
--
End of file - 10235 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Auslogics BoostSpeed Integrator Start On JF Logon.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1606980848-2049760794-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1606980848-2049760794-725345543-1004.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-19 414416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-16 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29 3844768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-16 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-04-16 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [2010-03-05 411864]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-10-19 273528]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
"TrojanScanner"=C:\Program Files\Trojan Remover\Trjscan.exe [2011-04-30 1239312]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutorunRemover.exe]
C:\Program Files\AutorunRemover\AutorunRemover.exe [2009-10-21 1360896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [2010-03-05 411864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
C:\Program Files\EgisTec IPS\PmmUpdate.exe [2011-06-22 418672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-06-22 202608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KalkulackaDph]
C:\Program Files\Kalkulacka DPH\KalkulackaDph.exe [2010-01-17 61440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MWLTSR]
C:\Program Files\EgisTec MyWinLocker\MWLTSR.exe [2011-07-22 126320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2011-11-01 1053056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [2011-12-06 187616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-10-19 273528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\20DEB9~1.181\SSSCHE~1.EXE []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-07-31 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avas_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avss_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpavdrw_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpmgma_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"C:\Documents and Settings\JF\Local Settings\Data aplikací\Super Internet TV\Super Internet TV.exe"="C:\Documents and Settings\JF\Local Settings\Data aplikací\Super Internet TV\Super Internet TV.exe:*:Enabled:Super Internet TV"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\RipTiger\RipTiger.exe"="C:\Program Files\RipTiger\RipTiger.exe:*:Enabled:RipTiger"
"C:\Program Files\RipTiger\HTTPDownloaderApp.exe"="C:\Program Files\RipTiger\HTTPDownloaderApp.exe:*:Enabled:RipTiger HTTP Downloader"
"C:\Program Files\RipTiger\RTMPDownloaderApp.exe"="C:\Program Files\RipTiger\RTMPDownloaderApp.exe:*:Enabled:RipTiger RTMP Downloader"
"C:\Program Files\RipTiger\VideoDownloadApp_RTMP.exe"="C:\Program Files\RipTiger\VideoDownloadApp_RTMP.exe:*:Enabled:RipTiger RTMP Download Agent"
"C:\Program Files\RipTiger\MMSDownloaderApp.exe"="C:\Program Files\RipTiger\MMSDownloaderApp.exe:*:Enabled:RipTiger MMS/RTSP Downloader"
"C:\Downloads\MlcCamServer\MlcCamServer.exe"="C:\Downloads\MlcCamServer\MlcCamServer.exe:*:Enabled:MlcCamClient"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"msacm.l3codec"=l3codecp.acm
======List of files/folders created in the last 1 month======
2012-05-02 17:08:03 ----D---- C:\Documents and Settings\JF\Data aplikací\PlotSoft LLC
2012-05-01 22:51:56 ----SHD---- C:\RECYCLER
2012-05-01 21:17:03 ----D---- C:\WINDOWS\temp
2012-05-01 19:29:19 ----D---- C:\Program Files\IGC
2012-05-01 15:35:22 ----D---- C:\Program Files\PlotSoft
2012-04-30 23:57:06 ----D---- C:\Program Files\stinger
2012-04-30 20:54:16 ----D---- C:\Documents and Settings\JF\Data aplikací\FolderSync
2012-04-30 20:54:15 ----D---- C:\Documents and Settings\JF\Data aplikací\OutlookSync
2012-04-30 20:53:57 ----D---- C:\Documents and Settings\JF\Data aplikací\ASUS
2012-04-30 17:39:45 ----D---- C:\WINDOWS\RegisteredPackages
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\ztvunrar36.dll
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\ztvunace26.dll
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\ztvcabinet.dll
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\UNRAR3.dll
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\unacev2.dll
2012-04-30 06:26:05 ----D---- C:\Program Files\Trojan Remover
2012-04-30 06:26:05 ----D---- C:\Documents and Settings\JF\Data aplikací\Simply Super Software
2012-04-30 06:26:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2012-04-22 09:25:06 ----D---- C:\Documents and Settings\JF\Data aplikací\Auslogics
2012-04-22 09:23:35 ----D---- C:\Program Files\Auslogics
2012-04-20 20:48:28 ----D---- C:\Program Files\DAEMON Tools Toolbar
2012-04-20 20:48:20 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
2012-04-20 20:48:07 ----D---- C:\Program Files\DAEMON Tools Lite
2012-04-20 20:47:40 ----D---- C:\Documents and Settings\JF\Data aplikací\DAEMON Tools Lite
2012-04-20 20:47:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2012-04-16 08:04:45 ----D---- C:\Program Files\Common Files\Java
2012-04-16 08:02:36 ----A---- C:\WINDOWS\system32\javaws.exe
2012-04-16 08:02:36 ----A---- C:\WINDOWS\system32\javaw.exe
2012-04-16 08:02:36 ----A---- C:\WINDOWS\system32\java.exe
2012-04-16 08:02:18 ----D---- C:\Program Files\Java
2012-04-14 14:37:06 ----D---- C:\Program Files\Kalkulacka DPH
2012-04-08 15:55:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\EgisTec
2012-04-08 15:53:45 ----A---- C:\WINDOWS\system32\drivers\mwlPSDVDisk.sys
2012-04-08 15:53:45 ----A---- C:\WINDOWS\system32\drivers\mwlPSDNserv.sys
2012-04-08 15:53:45 ----A---- C:\WINDOWS\system32\drivers\mwlPSDFilter.sys
2012-04-08 15:53:11 ----D---- C:\Program Files\EgisTec MyWinLocker
2012-04-08 15:53:11 ----D---- C:\Program Files\EgisTec IPS
2012-04-08 15:53:11 ----D---- C:\Program Files\Common Files\EgisTec
2012-04-08 15:53:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\EgisTec IPS
2012-04-07 19:28:18 ----D---- C:\Program Files\Portrait Professional Studio 9
2012-04-07 17:03:06 ----D---- C:\Program Files\Total Video Converter
2012-04-06 17:40:35 ----D---- C:\Program Files\AutorunRemover
2012-04-06 17:33:36 ----D---- C:\Program Files\YTD
2012-04-04 08:11:08 ----D---- C:\Documents and Settings\JF\Data aplikací\Yandex
2012-03-31 13:13:41 ----D---- C:\Documents and Settings\JF\Data aplikací\TomTom
======List of files/folders modified in the last 1 month======
2012-05-04 06:34:05 ----D---- C:\WINDOWS
2012-05-04 06:26:56 ----D---- C:\WINDOWS\system32\CatRoot2
2012-05-04 06:26:51 ----D---- C:\Program Files\Zrychleni Pocitace
2012-05-04 00:15:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-05-03 06:36:22 ----SD---- C:\WINDOWS\Tasks
2012-05-02 17:09:33 ----D---- C:\WINDOWS\system32\wbem
2012-05-02 17:09:27 ----D---- C:\WINDOWS\Registration
2012-05-01 22:52:18 ----D---- C:\Program Files\Winamp
2012-05-01 22:48:51 ----D---- C:\Program Files\CCleaner
2012-05-01 21:17:03 ----AD---- C:\Qoobox
2012-05-01 21:09:39 ----D---- C:\WINDOWS\system32\drivers\etc
2012-05-01 21:03:50 ----D---- C:\WINDOWS\system32\config
2012-05-01 21:03:34 ----RSD---- C:\WINDOWS\Fonts
2012-05-01 20:07:32 ----D---- C:\UCTO2011
2012-05-01 19:27:16 ----HD---- C:\WINDOWS\inf
2012-05-01 18:32:48 ----D---- C:\WINDOWS\ERDNT
2012-05-01 18:30:08 ----D---- C:\WINDOWS\AppPatch
2012-05-01 18:30:06 ----D---- C:\Program Files\Common Files
2012-05-01 15:04:03 ----A---- C:\WINDOWS\system32\tiskarny.txt
2012-05-01 12:57:02 ----D---- C:\Program Files\iTV
2012-05-01 10:11:07 ----D---- C:\KLIMŠA moje CD s programy
2012-05-01 06:58:51 ----D---- C:\WINDOWS\system32\CatRoot
2012-05-01 06:57:17 ----D---- C:\Program Files\Movie Maker
2012-04-30 18:05:09 ----D---- C:\Program Files\Trend Micro
2012-04-30 18:04:09 ----D---- C:\WINDOWS\Help
2012-04-30 18:03:39 ----D---- C:\WINDOWS\Prefetch
2012-04-30 18:02:10 ----D---- C:\Downloads
2012-04-30 18:01:12 ----D---- C:\WINDOWS\system32\NtmsData
2012-04-30 17:43:41 ----D---- C:\WINDOWS\Debug
2012-04-30 16:33:34 ----SHD---- C:\WINDOWS\Installer
2012-04-30 16:33:34 ----D---- C:\Config.Msi
2012-04-30 16:03:27 ----D---- C:\WINDOWS\system32\drivers
2012-04-30 16:03:27 ----D---- C:\WINDOWS\system32
2012-04-30 09:21:48 ----D---- C:\Program Files\BarCodeXP
2012-04-30 06:28:48 ----D---- C:\Program Files\internet explorer
2012-04-30 06:26:05 ----RD---- C:\Program Files
2012-04-29 20:55:26 ----D---- C:\Documents and Settings\JF\Data aplikací\vlc
2012-04-29 19:57:06 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-04-29 19:44:50 ----D---- C:\Program Files\Zoner
2012-04-29 19:25:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-04-29 10:52:21 ----D---- C:\PROGRAMY
2012-04-29 10:52:21 ----D---- C:\_MEGAN
2012-04-29 10:52:16 ----D---- C:\Documents and Settings\JF\Data aplikací\PhotoMontageGuide
2012-04-29 10:05:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\MAGIX
2012-04-29 09:03:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avanquest
2012-04-29 09:03:16 ----HD---- C:\Program Files\InstallShield Installation Information
2012-04-29 08:43:40 ----D---- C:\Program Files\MOJOSOFT
2012-04-29 08:34:55 ----D---- C:\Program Files\Ashampoo
2012-04-29 08:28:42 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2012-04-29 08:05:10 ----RSD---- C:\WINDOWS\assembly
2012-04-29 08:04:06 ----D---- C:\WINDOWS\SHELLNEW
2012-04-29 07:20:25 ----D---- C:\Program Files\A-PDF Scan Optimizer
2012-04-29 07:16:01 ----D---- C:\Program Files\VDownloader
2012-04-29 07:15:59 ----D---- C:\ProgramData
2012-04-29 07:14:55 ----D---- C:\Program Files\RipTiger
2012-04-29 07:13:33 ----D---- C:\Program Files\DsNET Corp
2012-04-29 07:09:54 ----D---- C:\Documents and Settings\JF\Data aplikací\mojosoft
2012-04-29 07:09:22 ----D---- C:\Program Files\NirSoft
2012-04-29 07:07:40 ----D---- C:\Program Files\MyHeritage
2012-04-29 07:04:54 ----D---- C:\Program Files\Labels
2012-04-29 07:04:38 ----D---- C:\Program Files\Kalendar
2012-04-29 06:28:55 ----D---- C:\FOTO
2012-04-28 12:46:24 ----D---- C:\Program Files\Microsoft Security Client
2012-04-27 00:35:32 ----D---- C:\Revize
2012-04-24 06:38:58 ----D---- C:\Program Files\WinRAR
2012-04-22 11:41:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-04-20 21:17:05 ----D---- C:\Program Files\Google
2012-04-18 15:43:46 ----D---- C:\Spotrebice
2012-04-18 06:43:20 ----D---- C:\Program Files\Rozvodné sítě
2012-04-16 19:41:36 ----D---- C:\Documents and Settings\JF\Data aplikací\Zoner
2012-04-16 08:02:22 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-04-15 08:17:12 ----D---- C:\Program Files\TuneUp Utilities 2012
2012-04-14 18:13:24 ----D---- C:\Program Files\Mozilla Firefox
2012-04-14 15:35:40 ----D---- C:\WINDOWS\pss
2012-04-12 06:51:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2012-04-11 17:29:00 ----D---- C:\WINDOWS\Microsoft.NET
2012-04-11 17:27:44 ----HD---- C:\WINDOWS\$hf_mig$
2012-04-11 17:27:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-04-11 17:26:22 ----D---- C:\WINDOWS\WinSxS
2012-04-11 17:15:08 ----A---- C:\WINDOWS\system32\MRT.exe
2012-04-07 09:49:26 ----D---- C:\Temp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys []
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-08-25 36528]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-04-20 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2009-08-04 11296]
R1 AsUpIO;AsUpIO; C:\WINDOWS\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 MpKslf49035a1;MpKslf49035a1; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{74533BF8-F3D2-4BA8-B9F4-1CDFE886C323}\MpKslf49035a1.sys []
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-04-08 18024]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-04-08 15208]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-04-08 60800]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-23 12032]
R2 BT848;Bt878, WDM Video Capture; C:\WINDOWS\system32\drivers\BT848.sys [2001-05-28 204728]
R2 BTTUNER;BtTuner, WDM TvTuner; C:\WINDOWS\system32\drivers\BTTUNER.sys [2001-09-12 8312]
R2 BTXBAR;BtXBar, WDM Crossbar; C:\WINDOWS\system32\drivers\BTXBAR.sys [2000-03-13 12600]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-07-16 35088]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-07-31 4411392]
R3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\System32\DRIVERS\Dot4.sys [2008-04-14 206976]
R3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\System32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-09-23 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2009-06-25 3734976]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-07-28 143360]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys []
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2011-03-29 2799728]
S3 ajofe144;ajofe144; C:\WINDOWS\system32\drivers\ajofe144.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-12-08 30312]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\WINDOWS\system32\DRIVERS\clwvd.sys []
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys []
S3 MFE_RR;MFE_RR; \??\C:\DOCUME~1\JF\LOCALS~1\Temp\mfe_rr.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-08-17 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 rkhdrv40;Rootkit Unhooker Driver; C:\WINDOWS\system32\drivers\rkhdrv40.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 XHASP;XHASP; \??\c:\windows\system32\drivers\XHASP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-07-31 602112]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-03-05 235752]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-07-22 173424]
R2 FileOpenManagerSvc;FileOpenManagerSvc; C:\Documents and Settings\All Users\Data aplikací\FileOpen\Services\FileOpenManagerSvc32.exe [2011-04-18 211840]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-04-16 153376]
R2 KaraokeService;VIA Karaoke digital mixer Service; C:\WINDOWS\system32\KaraokeSer.exe [2011-03-29 88688]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe []
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
R2 PCSUService;PC Speed Up Service; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2011-12-06 267488]
R2 Printer Control;Printer Control; C:\WINDOWS\system32\PrintCtrl.exe [2009-10-28 65536]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-10-14 1479488]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-05 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 253088]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-10-28 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GSService;GSService; C:\WINDOWS\system32\GSService.exe [2012-01-23 249856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-05 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu (asi wormBlaster? )
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu (asi wormBlaster? )
Zazálohujte si program Účto2011 a dejte log ComboFix.
Utilita ComboFix omylem Účto maže!Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu (asi wormBlaster? )
Udělal jsem dle rad,ale je to stejný. Nevím, včem může být problém
ComboFix 12-05-05.06 - JF 29.04.2012 0:03.5.2 - x86
Spuštěný z: c:\downloads\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-05 do 2012-05-05 )))))))))))))))))))))))))))))))
.
.
2012-05-02 15:13 . 2012-04-13 07:36 6734704 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{74533BF8-F3D2-4BA8-B9F4-1CDFE886C323}\mpengine.dll
2012-05-02 15:09 . 2012-05-02 15:09 -------- d-----w- c:\windows\system32\wbem\Repository
2012-05-02 15:08 . 2012-05-02 15:08 -------- d-----w- c:\documents and settings\JF\Data aplikací\PlotSoft LLC
2012-05-02 04:10 . 2012-05-02 04:10 29904 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{74533BF8-F3D2-4BA8-B9F4-1CDFE886C323}\MpKsl3081fc0d.sys
2012-05-01 17:29 . 2012-05-01 17:29 -------- d-----w- c:\program files\IGC
2012-05-01 13:35 . 2012-05-01 13:35 -------- d-----w- c:\program files\PlotSoft
2012-04-30 21:57 . 2012-04-30 14:36 -------- d-----w- c:\program files\stinger
2012-04-30 19:11 . 2012-04-30 19:11 -------- d-----w- c:\documents and settings\JF\Local Settings\Data aplikací\GSMiscDownload
2012-04-30 18:54 . 2012-04-30 18:54 -------- d-----w- c:\documents and settings\JF\Data aplikací\FolderSync
2012-04-30 18:54 . 2012-04-30 18:54 -------- d-----w- c:\documents and settings\JF\Data aplikací\OutlookSync
2012-04-30 18:53 . 2012-04-30 18:53 -------- d-----w- c:\documents and settings\JF\Data aplikací\ASUS
2012-04-30 17:31 . 2012-04-28 21:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-04-30 17:31 . 2012-05-05 22:40 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2012-04-30 04:26 . 2006-06-19 10:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2012-04-30 04:26 . 2006-05-25 12:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2012-04-30 04:26 . 2005-08-25 22:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2012-04-30 04:26 . 2003-02-02 17:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2012-04-30 04:26 . 2002-03-05 22:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2012-04-30 04:26 . 2012-04-30 04:26 -------- d-----w- c:\documents and settings\JF\Data aplikací\Simply Super Software
2012-04-30 04:26 . 2012-04-30 04:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Simply Super Software
2012-04-30 04:26 . 2011-04-30 09:24 -------- d-----w- c:\program files\Trojan Remover
2012-04-29 05:21 . 2012-04-13 07:36 6734704 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-04-28 21:29 . 2012-04-28 21:29 -------- d-----w- c:\documents and settings\NetworkService\Plocha
2012-04-28 20:42 . 2009-01-25 10:14 15224 ----a-w- c:\windows\system32\sdnclean.exe
2012-04-22 07:25 . 2012-04-22 10:19 -------- d-----w- c:\documents and settings\JF\Data aplikací\Auslogics
2012-04-22 07:23 . 2012-04-22 07:23 -------- d-----w- c:\program files\Auslogics
2012-04-20 18:48 . 2012-04-20 18:48 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2012-04-20 18:48 . 2012-04-20 18:48 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-04-20 18:48 . 2012-04-20 18:48 -------- d-----w- c:\program files\DAEMON Tools Lite
2012-04-20 18:47 . 2012-04-21 05:09 -------- d-----w- c:\documents and settings\JF\Data aplikací\DAEMON Tools Lite
2012-04-20 18:47 . 2012-04-20 18:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2012-04-16 06:04 . 2012-04-16 06:04 -------- d-----w- c:\program files\Common Files\Java
2012-04-16 06:02 . 2012-04-16 06:02 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-16 06:02 . 2012-04-16 06:02 -------- d-----w- c:\program files\Java
2012-04-14 16:11 . 2012-04-14 16:11 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2012-04-14 16:11 . 2012-04-14 16:11 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2012-04-14 16:11 . 2012-04-14 16:11 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-04-14 16:11 . 2012-04-14 16:11 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-04-14 16:11 . 2012-04-14 16:11 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-04-09 22:06 . 2012-04-09 22:06 -------- d-----w- c:\documents and settings\JF\Local Settings\Data aplikací\EgisTec
2012-04-08 15:00 . 2012-04-08 15:00 -------- d-----w- c:\documents and settings\JF\Local Settings\Data aplikací\EgisTec IPS
2012-04-08 13:55 . 2012-04-08 13:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\EgisTec
2012-04-08 13:53 . 2012-04-08 13:53 60800 ----a-w- c:\windows\system32\drivers\mwlPSDVDisk.sys
2012-04-08 13:53 . 2012-04-08 13:53 18024 ----a-w- c:\windows\system32\drivers\mwlPSDFilter.sys
2012-04-08 13:53 . 2012-04-08 13:53 15208 ----a-w- c:\windows\system32\drivers\mwlPSDNserv.sys
2012-04-08 13:53 . 2012-04-08 15:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\EgisTec IPS
2012-04-08 13:53 . 2012-04-08 13:53 -------- d-----w- c:\program files\EgisTec MyWinLocker
2012-04-08 13:53 . 2012-04-08 13:53 -------- d-----w- c:\program files\EgisTec IPS
2012-04-08 13:53 . 2012-04-08 13:53 -------- d-----w- c:\program files\Common Files\EgisTec
2012-04-07 17:28 . 2012-04-07 17:30 -------- d-----w- c:\program files\Portrait Professional Studio 9
2012-04-07 15:03 . 2012-04-29 19:07 -------- d-----w- c:\program files\Total Video Converter
2012-04-06 15:40 . 2012-04-06 16:06 -------- d-----w- c:\program files\AutorunRemover
2012-04-06 15:33 . 2012-04-06 15:34 -------- d-----w- c:\program files\YTD
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-30 14:03 . 2010-04-01 09:21 14664 ----a-w- c:\windows\stinger.sys
2012-04-29 17:57 . 2012-03-30 04:33 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-29 17:57 . 2011-10-19 07:59 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-16 06:02 . 2011-10-20 18:08 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr
2012-03-20 18:44 . 2011-04-18 11:18 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-01 10:59 . 2011-10-18 22:26 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2011-10-18 22:26 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 10:59 . 2011-10-18 22:26 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2011-10-18 22:26 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2011-10-18 22:25 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2011-10-18 22:56 385024 ----a-w- c:\windows\system32\html.iec
2012-02-14 10:09 . 2012-02-14 10:09 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2010-02-10 03:18 . 2012-01-27 19:53 2131336 ----a-w- c:\program files\Common Files\AskToolbarInstaller.exe
2012-04-14 16:11 . 2011-10-19 07:36 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-04-30_19.38.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-05-05 22:44 . 2012-05-05 22:44 16384 c:\windows\temp\Perflib_Perfdata_7c.dat
+ 2012-05-05 22:41 . 2012-05-05 22:41 16384 c:\windows\temp\Perflib_Perfdata_720.dat
+ 2012-04-29 20:12 . 2012-04-29 20:12 16384 c:\windows\temp\Perflib_Perfdata_4c0.dat
+ 2012-05-05 22:41 . 2012-05-05 22:41 16384 c:\windows\temp\Perflib_Perfdata_3e0.dat
+ 2012-05-05 22:44 . 2012-05-05 22:44 16384 c:\windows\temp\Perflib_Perfdata_17c.dat
+ 2012-04-29 20:12 . 2012-04-29 20:12 16384 c:\windows\temp\Perflib_Perfdata_134.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe" [2010-03-05 411864]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2012-02-07 3865504]
"Spybot-S&D Cleaning"="c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-02-07 2972056]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2008-04-14 78848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SDWinLogon]
SDWinLogon.dll [BU]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\e:\0autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutorunRemover.exe]
2009-10-21 21:08 1360896 ----a-w- c:\program files\AutorunRemover\AutorunRemover.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]
2010-03-05 08:15 411864 ----a-w- c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 06:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
2011-06-22 14:37 418672 ----a-w- c:\program files\EgisTec IPS\PmmUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
2011-06-22 14:37 202608 ----a-w- c:\program files\EgisTec IPS\EgisUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2012-03-26 15:08 931200 ----a-w- c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MWLTSR]
2011-07-22 11:45 126320 ----a-w- c:\program files\EgisTec MyWinLocker\MWLTSR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2011-11-01 14:40 1053056 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
2011-12-06 12:27 187616 ----a-w- c:\program files\Zrychleni Pocitace\PCSUNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
2012-02-07 15:19 3865504 ----a-w- c:\program files\Spybot - Search & Destroy 2\SDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 12:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-10-19 16:09 273528 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
2011-04-30 09:24 1239312 ----a-w- c:\program files\Trojan Remover\Trjscan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\documents and settings\JF\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
"Kalendar"=c:\program files\Kalendar\kalendar.exe
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"Screen OCR"=c:\program files\Screen OCR\OCR.exe
"TomTomHOME.exe"="c:\downloads\TomTom-HOME-2011-License-bez-instalace\TomTom HOME 2011-License-bez instalace\TomTomHOMERunner.exe" -s
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe"
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" -osboot
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"vspdfprsrv.exe"=c:\program files\Avanquest\Expert PDF 7 Professional\vspdfprsrv.exe --background
"SweetIM"=c:\program files\SweetIM\Messenger\SweetIM.exe
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"CanonSolutionMenuEx"=c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
"facemoods"="c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
"Bonus.SSR.FR11"="c:\program files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\RipTiger\\RipTiger.exe"=
"c:\\Program Files\\RipTiger\\HTTPDownloaderApp.exe"=
"c:\\Program Files\\RipTiger\\RTMPDownloaderApp.exe"=
"c:\\Program Files\\RipTiger\\VideoDownloadApp_RTMP.exe"=
"c:\\Program Files\\RipTiger\\MMSDownloaderApp.exe"=
"c:\\Downloads\\MlcCamServer\\MlcCamServer.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-01-05 136176]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-02-07 1185704]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 253088]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-12-08 30312]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
R3 GSService;GSService;c:\windows\system32\GSService.exe [2012-01-23 249856]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-01-05 136176]
R3 MFE_RR;MFE_RR;c:\docume~1\JF\LOCALS~1\Temp\mfe_rr.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-08-17 8576]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
R3 rkhdrv40;Rootkit Unhooker Driver; [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [2012-01-15 259584]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-04-20 691696]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-04-08 18024]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-04-08 15208]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-04-08 60800]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
S2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-03-05 235752]
S2 BT848;Bt878, WDM Video Capture;c:\windows\system32\drivers\BT848.sys [2001-05-28 204728]
S2 BTTUNER;BtTuner, WDM TvTuner;c:\windows\system32\drivers\BTTUNER.sys [2001-09-12 8312]
S2 BTXBAR;BtXBar, WDM Crossbar;c:\windows\system32\drivers\BTXBAR.sys [2000-03-13 12600]
S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-07-22 173424]
S2 FileOpenManagerSvc;FileOpenManagerSvc;c:\documents and settings\All Users\Data aplikací\FileOpen\Services\FileOpenManagerSvc32.exe [2011-04-18 211840]
S2 KaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\KaraokeSer.exe [2011-03-29 88688]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-07-16 35088]
S2 PCSUService;PC Speed Up Service;c:\program files\Zrychleni Pocitace\PCSUService.exe [2011-12-06 267488]
S2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [2009-10-28 65536]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-10-14 1479488]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-13 10064]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-29 2799728]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - FileOpenWebPublisherScreenHookDriver
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 17:57]
.
2012-05-05 c:\windows\Tasks\Auslogics BoostSpeed Integrator Start On JF Logon.job
- c:\program files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe [2012-04-22 13:02]
.
2012-05-05 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2012-04-28 15:19]
.
2012-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-05 12:58]
.
2012-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-05 12:58]
.
2012-04-30 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
2012-05-05 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1606980848-2049760794-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 11:40]
.
2012-04-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1606980848-2049760794-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 11:40]
.
2012-04-28 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2012-04-28 15:19]
.
2012-04-28 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2012-04-28 15:19]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
SafeBoot-Wdf01000.sys
MSConfigStartUp-KalkulackaDph - c:\program files\Kalkulacka DPH\KalkulackaDph.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-05 00:46
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1340)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'Explorer.EXE'(1188)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Office\Office12\1029\GrooveIntlResource.dll
c:\program files\Tracker Software\Shell Extensions\XCShInfo.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
Celkový čas: 2012-05-05 00:48:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-04 22:48
ComboFix2.txt 2012-04-30 19:45
ComboFix3.txt 2010-04-01 09:21
ComboFix4.txt 2011-11-07 12:11
ComboFix5.txt 2012-04-28 22:02
.
Před spuštěním: Volných bajtů: 16 495 087 616
Po spuštění: Volných bajtů: 16 468 463 616
.
- - End Of File - - 6776662E72D09C6C925584102EF39B7E
ComboFix 12-05-05.06 - JF 29.04.2012 0:03.5.2 - x86
Spuštěný z: c:\downloads\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-05 do 2012-05-05 )))))))))))))))))))))))))))))))
.
.
2012-05-02 15:13 . 2012-04-13 07:36 6734704 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{74533BF8-F3D2-4BA8-B9F4-1CDFE886C323}\mpengine.dll
2012-05-02 15:09 . 2012-05-02 15:09 -------- d-----w- c:\windows\system32\wbem\Repository
2012-05-02 15:08 . 2012-05-02 15:08 -------- d-----w- c:\documents and settings\JF\Data aplikací\PlotSoft LLC
2012-05-02 04:10 . 2012-05-02 04:10 29904 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{74533BF8-F3D2-4BA8-B9F4-1CDFE886C323}\MpKsl3081fc0d.sys
2012-05-01 17:29 . 2012-05-01 17:29 -------- d-----w- c:\program files\IGC
2012-05-01 13:35 . 2012-05-01 13:35 -------- d-----w- c:\program files\PlotSoft
2012-04-30 21:57 . 2012-04-30 14:36 -------- d-----w- c:\program files\stinger
2012-04-30 19:11 . 2012-04-30 19:11 -------- d-----w- c:\documents and settings\JF\Local Settings\Data aplikací\GSMiscDownload
2012-04-30 18:54 . 2012-04-30 18:54 -------- d-----w- c:\documents and settings\JF\Data aplikací\FolderSync
2012-04-30 18:54 . 2012-04-30 18:54 -------- d-----w- c:\documents and settings\JF\Data aplikací\OutlookSync
2012-04-30 18:53 . 2012-04-30 18:53 -------- d-----w- c:\documents and settings\JF\Data aplikací\ASUS
2012-04-30 17:31 . 2012-04-28 21:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-04-30 17:31 . 2012-05-05 22:40 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2012-04-30 04:26 . 2006-06-19 10:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2012-04-30 04:26 . 2006-05-25 12:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2012-04-30 04:26 . 2005-08-25 22:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2012-04-30 04:26 . 2003-02-02 17:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2012-04-30 04:26 . 2002-03-05 22:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2012-04-30 04:26 . 2012-04-30 04:26 -------- d-----w- c:\documents and settings\JF\Data aplikací\Simply Super Software
2012-04-30 04:26 . 2012-04-30 04:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Simply Super Software
2012-04-30 04:26 . 2011-04-30 09:24 -------- d-----w- c:\program files\Trojan Remover
2012-04-29 05:21 . 2012-04-13 07:36 6734704 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-04-28 21:29 . 2012-04-28 21:29 -------- d-----w- c:\documents and settings\NetworkService\Plocha
2012-04-28 20:42 . 2009-01-25 10:14 15224 ----a-w- c:\windows\system32\sdnclean.exe
2012-04-22 07:25 . 2012-04-22 10:19 -------- d-----w- c:\documents and settings\JF\Data aplikací\Auslogics
2012-04-22 07:23 . 2012-04-22 07:23 -------- d-----w- c:\program files\Auslogics
2012-04-20 18:48 . 2012-04-20 18:48 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2012-04-20 18:48 . 2012-04-20 18:48 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-04-20 18:48 . 2012-04-20 18:48 -------- d-----w- c:\program files\DAEMON Tools Lite
2012-04-20 18:47 . 2012-04-21 05:09 -------- d-----w- c:\documents and settings\JF\Data aplikací\DAEMON Tools Lite
2012-04-20 18:47 . 2012-04-20 18:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2012-04-16 06:04 . 2012-04-16 06:04 -------- d-----w- c:\program files\Common Files\Java
2012-04-16 06:02 . 2012-04-16 06:02 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-04-16 06:02 . 2012-04-16 06:02 -------- d-----w- c:\program files\Java
2012-04-14 16:11 . 2012-04-14 16:11 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll
2012-04-14 16:11 . 2012-04-14 16:11 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll
2012-04-14 16:11 . 2012-04-14 16:11 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-04-14 16:11 . 2012-04-14 16:11 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-04-14 16:11 . 2012-04-14 16:11 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-04-09 22:06 . 2012-04-09 22:06 -------- d-----w- c:\documents and settings\JF\Local Settings\Data aplikací\EgisTec
2012-04-08 15:00 . 2012-04-08 15:00 -------- d-----w- c:\documents and settings\JF\Local Settings\Data aplikací\EgisTec IPS
2012-04-08 13:55 . 2012-04-08 13:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\EgisTec
2012-04-08 13:53 . 2012-04-08 13:53 60800 ----a-w- c:\windows\system32\drivers\mwlPSDVDisk.sys
2012-04-08 13:53 . 2012-04-08 13:53 18024 ----a-w- c:\windows\system32\drivers\mwlPSDFilter.sys
2012-04-08 13:53 . 2012-04-08 13:53 15208 ----a-w- c:\windows\system32\drivers\mwlPSDNserv.sys
2012-04-08 13:53 . 2012-04-08 15:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\EgisTec IPS
2012-04-08 13:53 . 2012-04-08 13:53 -------- d-----w- c:\program files\EgisTec MyWinLocker
2012-04-08 13:53 . 2012-04-08 13:53 -------- d-----w- c:\program files\EgisTec IPS
2012-04-08 13:53 . 2012-04-08 13:53 -------- d-----w- c:\program files\Common Files\EgisTec
2012-04-07 17:28 . 2012-04-07 17:30 -------- d-----w- c:\program files\Portrait Professional Studio 9
2012-04-07 15:03 . 2012-04-29 19:07 -------- d-----w- c:\program files\Total Video Converter
2012-04-06 15:40 . 2012-04-06 16:06 -------- d-----w- c:\program files\AutorunRemover
2012-04-06 15:33 . 2012-04-06 15:34 -------- d-----w- c:\program files\YTD
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-30 14:03 . 2010-04-01 09:21 14664 ----a-w- c:\windows\stinger.sys
2012-04-29 17:57 . 2012-03-30 04:33 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-29 17:57 . 2011-10-19 07:59 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-16 06:02 . 2011-10-20 18:08 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr
2012-03-20 18:44 . 2011-04-18 11:18 171064 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-01 10:59 . 2011-10-18 22:26 916992 ----a-w- c:\windows\system32\wininet.dll
2012-03-01 10:59 . 2011-10-18 22:26 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-03-01 10:59 . 2011-10-18 22:26 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2011-10-18 22:26 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2011-10-18 22:25 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2011-10-18 22:56 385024 ----a-w- c:\windows\system32\html.iec
2012-02-14 10:09 . 2012-02-14 10:09 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2010-02-10 03:18 . 2012-01-27 19:53 2131336 ----a-w- c:\program files\Common Files\AskToolbarInstaller.exe
2012-04-14 16:11 . 2011-10-19 07:36 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-04-30_19.38.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-05-05 22:44 . 2012-05-05 22:44 16384 c:\windows\temp\Perflib_Perfdata_7c.dat
+ 2012-05-05 22:41 . 2012-05-05 22:41 16384 c:\windows\temp\Perflib_Perfdata_720.dat
+ 2012-04-29 20:12 . 2012-04-29 20:12 16384 c:\windows\temp\Perflib_Perfdata_4c0.dat
+ 2012-05-05 22:41 . 2012-05-05 22:41 16384 c:\windows\temp\Perflib_Perfdata_3e0.dat
+ 2012-05-05 22:44 . 2012-05-05 22:44 16384 c:\windows\temp\Perflib_Perfdata_17c.dat
+ 2012-04-29 20:12 . 2012-04-29 20:12 16384 c:\windows\temp\Perflib_Perfdata_134.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe" [2010-03-05 411864]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2012-02-07 3865504]
"Spybot-S&D Cleaning"="c:\program files\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-02-07 2972056]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2008-04-14 78848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SDWinLogon]
SDWinLogon.dll [BU]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\e:\0autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutorunRemover.exe]
2009-10-21 21:08 1360896 ----a-w- c:\program files\AutorunRemover\AutorunRemover.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]
2010-03-05 08:15 411864 ----a-w- c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 06:52 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
2011-06-22 14:37 418672 ----a-w- c:\program files\EgisTec IPS\PmmUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
2011-06-22 14:37 202608 ----a-w- c:\program files\EgisTec IPS\EgisUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2012-03-26 15:08 931200 ----a-w- c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MWLTSR]
2011-07-22 11:45 126320 ----a-w- c:\program files\EgisTec MyWinLocker\MWLTSR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2011-11-01 14:40 1053056 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
2011-12-06 12:27 187616 ----a-w- c:\program files\Zrychleni Pocitace\PCSUNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
2012-02-07 15:19 3865504 ----a-w- c:\program files\Spybot - Search & Destroy 2\SDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 12:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-10-19 16:09 273528 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
2011-04-30 09:24 1239312 ----a-w- c:\program files\Trojan Remover\Trjscan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51 17408 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\documents and settings\JF\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
"Kalendar"=c:\program files\Kalendar\kalendar.exe
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"Screen OCR"=c:\program files\Screen OCR\OCR.exe
"TomTomHOME.exe"="c:\downloads\TomTom-HOME-2011-License-bez-instalace\TomTom HOME 2011-License-bez instalace\TomTomHOMERunner.exe" -s
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"BCU"="c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe"
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" -osboot
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"vspdfprsrv.exe"=c:\program files\Avanquest\Expert PDF 7 Professional\vspdfprsrv.exe --background
"SweetIM"=c:\program files\SweetIM\Messenger\SweetIM.exe
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"CanonSolutionMenuEx"=c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
"facemoods"="c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
"Bonus.SSR.FR11"="c:\program files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\RipTiger\\RipTiger.exe"=
"c:\\Program Files\\RipTiger\\HTTPDownloaderApp.exe"=
"c:\\Program Files\\RipTiger\\RTMPDownloaderApp.exe"=
"c:\\Program Files\\RipTiger\\VideoDownloadApp_RTMP.exe"=
"c:\\Program Files\\RipTiger\\MMSDownloaderApp.exe"=
"c:\\Downloads\\MlcCamServer\\MlcCamServer.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2012-01-05 136176]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-02-07 1185704]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 253088]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-12-08 30312]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
R3 GSService;GSService;c:\windows\system32\GSService.exe [2012-01-23 249856]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2012-01-05 136176]
R3 MFE_RR;MFE_RR;c:\docume~1\JF\LOCALS~1\Temp\mfe_rr.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-08-17 8576]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
R3 rkhdrv40;Rootkit Unhooker Driver; [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [2012-01-15 259584]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-04-20 691696]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-04-08 18024]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-04-08 15208]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-04-08 60800]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
S2 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-03-05 235752]
S2 BT848;Bt878, WDM Video Capture;c:\windows\system32\drivers\BT848.sys [2001-05-28 204728]
S2 BTTUNER;BtTuner, WDM TvTuner;c:\windows\system32\drivers\BTTUNER.sys [2001-09-12 8312]
S2 BTXBAR;BtXBar, WDM Crossbar;c:\windows\system32\drivers\BTXBAR.sys [2000-03-13 12600]
S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-07-22 173424]
S2 FileOpenManagerSvc;FileOpenManagerSvc;c:\documents and settings\All Users\Data aplikací\FileOpen\Services\FileOpenManagerSvc32.exe [2011-04-18 211840]
S2 KaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\KaraokeSer.exe [2011-03-29 88688]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-07-16 35088]
S2 PCSUService;PC Speed Up Service;c:\program files\Zrychleni Pocitace\PCSUService.exe [2011-12-06 267488]
S2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [2009-10-28 65536]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-10-14 1479488]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-13 10064]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-03-29 2799728]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - FileOpenWebPublisherScreenHookDriver
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 17:57]
.
2012-05-05 c:\windows\Tasks\Auslogics BoostSpeed Integrator Start On JF Logon.job
- c:\program files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe [2012-04-22 13:02]
.
2012-05-05 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2012-04-28 15:19]
.
2012-05-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-05 12:58]
.
2012-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-05 12:58]
.
2012-04-30 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
2012-05-05 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1606980848-2049760794-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 11:40]
.
2012-04-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1606980848-2049760794-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 11:40]
.
2012-04-28 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2012-04-28 15:19]
.
2012-04-28 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2012-04-28 15:19]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
SafeBoot-Wdf01000.sys
MSConfigStartUp-KalkulackaDph - c:\program files\Kalkulacka DPH\KalkulackaDph.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-05 00:46
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1340)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'Explorer.EXE'(1188)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Office\Office12\1029\GrooveIntlResource.dll
c:\program files\Tracker Software\Shell Extensions\XCShInfo.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
Celkový čas: 2012-05-05 00:48:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-04 22:48
ComboFix2.txt 2012-04-30 19:45
ComboFix3.txt 2010-04-01 09:21
ComboFix4.txt 2011-11-07 12:11
ComboFix5.txt 2012-04-28 22:02
.
Před spuštěním: Volných bajtů: 16 495 087 616
Po spuštění: Volných bajtů: 16 468 463 616
.
- - End Of File - - 6776662E72D09C6C925584102EF39B7E
Re: Prosím o kontrolu (asi wormBlaster? )
A ještě log RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by at 2012-05-05 01:22:37
WIN_XP Service Pack 3
System drive C: has 16 GB (4%) free of 410 GB
Total RAM: 3327 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:22:38, on 5.5.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Zrychleni Pocitace\PCSUService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Documents and Settings\All Users\Data aplikací\FileOpen\Services\FileOpenManagerSvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\KaraokeSer.exe
C:\WINDOWS\system32\PrintCtrl.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Downloads\RSIT(1).exe
C:\Program Files\trend micro\.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (file missing)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: FileOpenManagerSvc - FileOpen Systems Inc. - C:\Documents and Settings\All Users\Data aplikací\FileOpen\Services\FileOpenManagerSvc32.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GSService - Unknown owner - C:\WINDOWS\system32\GSService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: VIA Karaoke digital mixer Service (KaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\KaraokeSer.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSUService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - C:\WINDOWS\system32\PrintCtrl.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Unknown owner - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (file missing)
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
--
End of file - 9986 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Auslogics BoostSpeed Integrator Start On JF Logon.job
C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1606980848-2049760794-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1606980848-2049760794-725345543-1004.job
C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-19 414416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-16 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29 3844768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-16 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-04-16 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [2010-03-05 411864]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2012-02-07 3865504]
"Spybot-S&D Cleaning"=C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [2012-02-07 2972056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutorunRemover.exe]
C:\Program Files\AutorunRemover\AutorunRemover.exe [2009-10-21 1360896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [2010-03-05 411864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
C:\Program Files\EgisTec IPS\PmmUpdate.exe [2011-06-22 418672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-06-22 202608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MWLTSR]
C:\Program Files\EgisTec MyWinLocker\MWLTSR.exe [2011-07-22 126320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2011-11-01 1053056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [2011-12-06 187616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2012-02-07 3865504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-10-19 273528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
C:\Program Files\Trojan Remover\Trjscan.exe [2011-04-30 1239312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\20DEB9~1.181\SSSCHE~1.EXE []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-07-31 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avas_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avss_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpavdrw_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpmgma_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\RipTiger\RipTiger.exe"="C:\Program Files\RipTiger\RipTiger.exe:*:Enabled:RipTiger"
"C:\Program Files\RipTiger\HTTPDownloaderApp.exe"="C:\Program Files\RipTiger\HTTPDownloaderApp.exe:*:Enabled:RipTiger HTTP Downloader"
"C:\Program Files\RipTiger\RTMPDownloaderApp.exe"="C:\Program Files\RipTiger\RTMPDownloaderApp.exe:*:Enabled:RipTiger RTMP Downloader"
"C:\Program Files\RipTiger\VideoDownloadApp_RTMP.exe"="C:\Program Files\RipTiger\VideoDownloadApp_RTMP.exe:*:Enabled:RipTiger RTMP Download Agent"
"C:\Program Files\RipTiger\MMSDownloaderApp.exe"="C:\Program Files\RipTiger\MMSDownloaderApp.exe:*:Enabled:RipTiger MMS/RTSP Downloader"
"C:\Downloads\MlcCamServer\MlcCamServer.exe"="C:\Downloads\MlcCamServer\MlcCamServer.exe:*:Enabled:MlcCamClient"
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"msacm.l3codec"=l3codecp.acm
======List of files/folders created in the last 1 month======
2012-05-06 00:41:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-05-05 00:48:25 ----A---- C:\ComboFix.txt
2012-05-02 17:08:03 ----D---- C:\Documents and Settings\JF\Data aplikací\PlotSoft LLC
2012-05-01 22:51:56 ----D---- C:\RECYCLER
2012-05-01 19:29:19 ----D---- C:\Program Files\IGC
2012-05-01 15:35:22 ----D---- C:\Program Files\PlotSoft
2012-04-30 23:57:06 ----D---- C:\Program Files\stinger
2012-04-30 21:45:04 ----D---- C:\WINDOWS\temp
2012-04-30 20:54:16 ----D---- C:\Documents and Settings\JF\Data aplikací\FolderSync
2012-04-30 20:54:15 ----D---- C:\Documents and Settings\JF\Data aplikací\OutlookSync
2012-04-30 20:53:57 ----D---- C:\Documents and Settings\JF\Data aplikací\ASUS
2012-04-30 19:31:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-04-30 19:31:07 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2012-04-30 17:39:45 ----D---- C:\WINDOWS\RegisteredPackages
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\ztvunrar36.dll
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\ztvunace26.dll
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\ztvcabinet.dll
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\UNRAR3.dll
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\unacev2.dll
2012-04-30 06:26:05 ----D---- C:\Program Files\Trojan Remover
2012-04-30 06:26:05 ----D---- C:\Documents and Settings\JF\Data aplikací\Simply Super Software
2012-04-30 06:26:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2012-04-29 00:02:32 ----A---- C:\WINDOWS\zip.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\SWXCACLS.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\SWSC.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\SWREG.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\sed.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\PEV.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\NIRCMD.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\MBR.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\grep.exe
2012-04-29 00:02:28 ----D---- C:\ComboFix
2012-04-28 22:42:17 ----A---- C:\WINDOWS\system32\sdnclean.exe
2012-04-22 09:25:06 ----D---- C:\Documents and Settings\JF\Data aplikací\Auslogics
2012-04-22 09:23:35 ----D---- C:\Program Files\Auslogics
2012-04-20 20:48:28 ----D---- C:\Program Files\DAEMON Tools Toolbar
2012-04-20 20:48:20 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
2012-04-20 20:48:07 ----D---- C:\Program Files\DAEMON Tools Lite
2012-04-20 20:47:40 ----D---- C:\Documents and Settings\JF\Data aplikací\DAEMON Tools Lite
2012-04-20 20:47:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2012-04-16 08:04:45 ----D---- C:\Program Files\Common Files\Java
2012-04-16 08:02:36 ----A---- C:\WINDOWS\system32\javaws.exe
2012-04-16 08:02:36 ----A---- C:\WINDOWS\system32\javaw.exe
2012-04-16 08:02:36 ----A---- C:\WINDOWS\system32\java.exe
2012-04-16 08:02:18 ----D---- C:\Program Files\Java
2012-04-08 15:55:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\EgisTec
2012-04-08 15:53:45 ----A---- C:\WINDOWS\system32\drivers\mwlPSDVDisk.sys
2012-04-08 15:53:45 ----A---- C:\WINDOWS\system32\drivers\mwlPSDNserv.sys
2012-04-08 15:53:45 ----A---- C:\WINDOWS\system32\drivers\mwlPSDFilter.sys
2012-04-08 15:53:11 ----D---- C:\Program Files\EgisTec MyWinLocker
2012-04-08 15:53:11 ----D---- C:\Program Files\EgisTec IPS
2012-04-08 15:53:11 ----D---- C:\Program Files\Common Files\EgisTec
2012-04-08 15:53:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\EgisTec IPS
2012-04-07 19:28:18 ----D---- C:\Program Files\Portrait Professional Studio 9
2012-04-07 17:03:06 ----D---- C:\Program Files\Total Video Converter
2012-04-06 17:40:35 ----D---- C:\Program Files\AutorunRemover
2012-04-06 17:33:36 ----D---- C:\Program Files\YTD
======List of files/folders modified in the last 1 month======
2012-05-06 00:45:03 ----D---- C:\WINDOWS
2012-05-06 00:45:03 ----A---- C:\WINDOWS\system.ini
2012-05-06 00:44:48 ----D---- C:\WINDOWS\system32\drivers\etc
2012-05-06 00:44:07 ----D---- C:\Program Files\Zrychleni Pocitace
2012-05-06 00:40:54 ----D---- C:\WINDOWS\system32\config
2012-05-05 01:22:37 ----D---- C:\Program Files\Trend Micro
2012-05-05 00:48:27 ----D---- C:\WINDOWS\system32\drivers
2012-05-05 00:48:26 ----AD---- C:\Qoobox
2012-05-05 00:47:39 ----SHD---- C:\WINDOWS\Installer
2012-05-05 00:47:39 ----D---- C:\Config.Msi
2012-05-02 17:09:33 ----D---- C:\WINDOWS\system32\wbem
2012-05-02 17:09:27 ----D---- C:\WINDOWS\Registration
2012-05-01 22:52:18 ----D---- C:\Program Files\Winamp
2012-05-01 22:48:51 ----D---- C:\Program Files\CCleaner
2012-05-01 21:03:34 ----RSD---- C:\WINDOWS\Fonts
2012-05-01 20:07:32 ----D---- C:\UCTO2011
2012-05-01 19:27:16 ----HD---- C:\WINDOWS\inf
2012-05-01 15:04:03 ----A---- C:\WINDOWS\system32\tiskarny.txt
2012-05-01 12:57:02 ----D---- C:\Program Files\iTV
2012-05-01 10:11:07 ----D---- C:\KLIMŠA moje CD s programy
2012-05-01 06:58:51 ----D---- C:\WINDOWS\system32\CatRoot
2012-05-01 06:57:17 ----D---- C:\Program Files\Movie Maker
2012-04-30 21:03:27 ----SH---- C:\boot.ini
2012-04-30 21:03:27 ----A---- C:\WINDOWS\win.ini
2012-04-30 19:31:34 ----D---- C:\WINDOWS\Prefetch
2012-04-30 18:06:24 ----D---- C:\rsit
2012-04-30 18:04:09 ----D---- C:\WINDOWS\Help
2012-04-30 18:01:12 ----D---- C:\WINDOWS\system32\NtmsData
2012-04-30 09:21:48 ----D---- C:\Program Files\BarCodeXP
2012-04-30 06:28:48 ----D---- C:\Program Files\internet explorer
2012-04-29 20:55:26 ----D---- C:\Documents and Settings\JF\Data aplikací\vlc
2012-04-29 19:57:06 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-04-29 19:44:50 ----D---- C:\Program Files\Zoner
2012-04-29 19:25:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-04-29 10:52:21 ----D---- C:\PROGRAMY
2012-04-29 10:52:16 ----D---- C:\Documents and Settings\JF\Data aplikací\PhotoMontageGuide
2012-04-29 10:05:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\MAGIX
2012-04-29 09:03:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avanquest
2012-04-29 09:03:16 ----HD---- C:\Program Files\InstallShield Installation Information
2012-04-29 08:43:40 ----D---- C:\Program Files\MOJOSOFT
2012-04-29 08:34:55 ----D---- C:\Program Files\Ashampoo
2012-04-29 08:28:42 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2012-04-29 08:05:10 ----RSD---- C:\WINDOWS\assembly
2012-04-29 08:04:06 ----D---- C:\WINDOWS\SHELLNEW
2012-04-29 07:20:25 ----D---- C:\Program Files\A-PDF Scan Optimizer
2012-04-29 07:16:01 ----D---- C:\Program Files\VDownloader
2012-04-29 07:15:59 ----D---- C:\ProgramData
2012-04-29 07:14:55 ----D---- C:\Program Files\RipTiger
2012-04-29 07:13:33 ----D---- C:\Program Files\DsNET Corp
2012-04-29 07:09:54 ----D---- C:\Documents and Settings\JF\Data aplikací\mojosoft
2012-04-29 07:09:22 ----D---- C:\Program Files\NirSoft
2012-04-29 07:07:40 ----D---- C:\Program Files\MyHeritage
2012-04-29 07:04:54 ----D---- C:\Program Files\Labels
2012-04-29 07:04:38 ----D---- C:\Program Files\Kalendar
2012-04-29 06:28:55 ----D---- C:\FOTO
2012-04-29 00:39:52 ----AD---- C:\Documents and Settings\All Users\Data aplikací\Temp
2012-04-29 00:36:20 ----D---- C:\Downloads
2012-04-29 00:07:53 ----D---- C:\WINDOWS\system32
2012-04-29 00:07:53 ----D---- C:\WINDOWS\AppPatch
2012-04-29 00:07:51 ----D---- C:\Program Files\Common Files
2012-04-29 00:03:12 ----D---- C:\WINDOWS\system32\CatRoot2
2012-04-29 00:03:03 ----D---- C:\WINDOWS\ERDNT
2012-04-28 23:47:19 ----D---- C:\Download STARSI
2012-04-28 23:43:13 ----D---- C:\WINDOWS\Debug
2012-04-28 23:33:29 ----RD---- C:\Program Files
2012-04-28 23:26:36 ----D---- C:\VYMAZAT ProgramData
2012-04-28 23:20:34 ----A---- C:\WINDOWS\WININIT.INI
2012-04-28 22:42:23 ----SD---- C:\WINDOWS\Tasks
2012-04-28 22:42:19 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-04-28 22:28:16 ----D---- C:\Program Files\Adobe
2012-04-28 12:46:24 ----D---- C:\Program Files\Microsoft Security Client
2012-04-27 00:35:32 ----D---- C:\Revize
2012-04-24 06:38:58 ----D---- C:\Program Files\WinRAR
2012-04-22 11:41:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-04-20 21:17:05 ----D---- C:\Program Files\Google
2012-04-18 15:43:46 ----D---- C:\Spotrebice
2012-04-18 06:43:20 ----D---- C:\Program Files\Rozvodné sítě
2012-04-16 19:41:36 ----D---- C:\Documents and Settings\JF\Data aplikací\Zoner
2012-04-16 08:02:22 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-04-15 08:17:12 ----D---- C:\Program Files\TuneUp Utilities 2012
2012-04-14 18:13:24 ----D---- C:\Program Files\Mozilla Firefox
2012-04-14 15:35:40 ----D---- C:\WINDOWS\pss
2012-04-12 06:51:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2012-04-11 17:29:00 ----D---- C:\WINDOWS\Microsoft.NET
2012-04-11 17:27:44 ----HD---- C:\WINDOWS\$hf_mig$
2012-04-11 17:27:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-04-11 17:26:22 ----D---- C:\WINDOWS\WinSxS
2012-04-11 17:15:08 ----A---- C:\WINDOWS\system32\MRT.exe
2012-04-07 09:49:26 ----D---- C:\Temp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-08-25 36528]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-04-20 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2009-08-04 11296]
R1 AsUpIO;AsUpIO; C:\WINDOWS\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-04-08 18024]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-04-08 15208]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-04-08 60800]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-23 12032]
R2 BT848;Bt878, WDM Video Capture; C:\WINDOWS\system32\drivers\BT848.sys [2001-05-28 204728]
R2 BTTUNER;BtTuner, WDM TvTuner; C:\WINDOWS\system32\drivers\BTTUNER.sys [2001-09-12 8312]
R2 BTXBAR;BtXBar, WDM Crossbar; C:\WINDOWS\system32\drivers\BTXBAR.sys [2000-03-13 12600]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-07-16 35088]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-07-31 4411392]
R3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\System32\DRIVERS\Dot4.sys [2008-04-14 206976]
R3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\System32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-09-23 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2009-06-25 3734976]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-07-28 143360]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys []
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2011-03-29 2799728]
S3 a6j3wtsk;a6j3wtsk; C:\WINDOWS\system32\drivers\a6j3wtsk.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-12-08 30312]
S3 catchme;catchme; \??\C:\ComboFix1\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\WINDOWS\system32\DRIVERS\clwvd.sys []
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys []
S3 MFE_RR;MFE_RR; \??\C:\DOCUME~1\JF\LOCALS~1\Temp\mfe_rr.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-08-17 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 rkhdrv40;Rootkit Unhooker Driver; C:\WINDOWS\system32\drivers\rkhdrv40.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 XHASP;XHASP; \??\c:\windows\system32\drivers\XHASP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-07-31 602112]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-03-05 235752]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-07-22 173424]
R2 FileOpenManagerSvc;FileOpenManagerSvc; C:\Documents and Settings\All Users\Data aplikací\FileOpen\Services\FileOpenManagerSvc32.exe [2011-04-18 211840]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-04-16 153376]
R2 KaraokeService;VIA Karaoke digital mixer Service; C:\WINDOWS\system32\KaraokeSer.exe [2011-03-29 88688]
R2 PCSUService;PC Speed Up Service; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2011-12-06 267488]
R2 Printer Control;Printer Control; C:\WINDOWS\system32\PrintCtrl.exe [2009-10-28 65536]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-10-14 1479488]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-05 136176]
S2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
S2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe []
S2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-02-07 1185704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 253088]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-10-28 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GSService;GSService; C:\WINDOWS\system32\GSService.exe [2012-01-23 249856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-05 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by at 2012-05-05 01:22:37
WIN_XP Service Pack 3
System drive C: has 16 GB (4%) free of 410 GB
Total RAM: 3327 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:22:38, on 5.5.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Zrychleni Pocitace\PCSUService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
C:\Documents and Settings\All Users\Data aplikací\FileOpen\Services\FileOpenManagerSvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\KaraokeSer.exe
C:\WINDOWS\system32\PrintCtrl.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Downloads\RSIT(1).exe
C:\Program Files\trend micro\.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (file missing)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: FileOpenManagerSvc - FileOpen Systems Inc. - C:\Documents and Settings\All Users\Data aplikací\FileOpen\Services\FileOpenManagerSvc32.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GSService - Unknown owner - C:\WINDOWS\system32\GSService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: VIA Karaoke digital mixer Service (KaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\KaraokeSer.exe
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSUService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - C:\WINDOWS\system32\PrintCtrl.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Unknown owner - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (file missing)
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
--
End of file - 9986 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Auslogics BoostSpeed Integrator Start On JF Logon.job
C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1606980848-2049760794-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1606980848-2049760794-725345543-1004.job
C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-19 414416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-16 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29 3844768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MI1933~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-16 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-04-16 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [2010-03-05 411864]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2012-02-07 3865504]
"Spybot-S&D Cleaning"=C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [2012-02-07 2972056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutorunRemover.exe]
C:\Program Files\AutorunRemover\AutorunRemover.exe [2009-10-21 1360896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]
C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [2010-03-05 411864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
C:\Program Files\EgisTec IPS\PmmUpdate.exe [2011-06-22 418672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-06-22 202608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
C:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 931200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MWLTSR]
C:\Program Files\EgisTec MyWinLocker\MWLTSR.exe [2011-07-22 126320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2011-11-01 1053056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe [2011-12-06 187616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2012-02-07 3865504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-10-19 273528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
C:\Program Files\Trojan Remover\Trjscan.exe [2011-04-30 1239312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\20DEB9~1.181\SSSCHE~1.EXE []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-07-31 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avas_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avss_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpavdrw_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpmgma_service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\RipTiger\RipTiger.exe"="C:\Program Files\RipTiger\RipTiger.exe:*:Enabled:RipTiger"
"C:\Program Files\RipTiger\HTTPDownloaderApp.exe"="C:\Program Files\RipTiger\HTTPDownloaderApp.exe:*:Enabled:RipTiger HTTP Downloader"
"C:\Program Files\RipTiger\RTMPDownloaderApp.exe"="C:\Program Files\RipTiger\RTMPDownloaderApp.exe:*:Enabled:RipTiger RTMP Downloader"
"C:\Program Files\RipTiger\VideoDownloadApp_RTMP.exe"="C:\Program Files\RipTiger\VideoDownloadApp_RTMP.exe:*:Enabled:RipTiger RTMP Download Agent"
"C:\Program Files\RipTiger\MMSDownloaderApp.exe"="C:\Program Files\RipTiger\MMSDownloaderApp.exe:*:Enabled:RipTiger MMS/RTSP Downloader"
"C:\Downloads\MlcCamServer\MlcCamServer.exe"="C:\Downloads\MlcCamServer\MlcCamServer.exe:*:Enabled:MlcCamClient"
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"msacm.l3codec"=l3codecp.acm
======List of files/folders created in the last 1 month======
2012-05-06 00:41:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-05-05 00:48:25 ----A---- C:\ComboFix.txt
2012-05-02 17:08:03 ----D---- C:\Documents and Settings\JF\Data aplikací\PlotSoft LLC
2012-05-01 22:51:56 ----D---- C:\RECYCLER
2012-05-01 19:29:19 ----D---- C:\Program Files\IGC
2012-05-01 15:35:22 ----D---- C:\Program Files\PlotSoft
2012-04-30 23:57:06 ----D---- C:\Program Files\stinger
2012-04-30 21:45:04 ----D---- C:\WINDOWS\temp
2012-04-30 20:54:16 ----D---- C:\Documents and Settings\JF\Data aplikací\FolderSync
2012-04-30 20:54:15 ----D---- C:\Documents and Settings\JF\Data aplikací\OutlookSync
2012-04-30 20:53:57 ----D---- C:\Documents and Settings\JF\Data aplikací\ASUS
2012-04-30 19:31:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-04-30 19:31:07 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2012-04-30 17:39:45 ----D---- C:\WINDOWS\RegisteredPackages
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\ztvunrar36.dll
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\ztvunace26.dll
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\ztvcabinet.dll
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\UNRAR3.dll
2012-04-30 06:26:14 ----A---- C:\WINDOWS\system32\unacev2.dll
2012-04-30 06:26:05 ----D---- C:\Program Files\Trojan Remover
2012-04-30 06:26:05 ----D---- C:\Documents and Settings\JF\Data aplikací\Simply Super Software
2012-04-30 06:26:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2012-04-29 00:02:32 ----A---- C:\WINDOWS\zip.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\SWXCACLS.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\SWSC.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\SWREG.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\sed.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\PEV.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\NIRCMD.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\MBR.exe
2012-04-29 00:02:32 ----A---- C:\WINDOWS\grep.exe
2012-04-29 00:02:28 ----D---- C:\ComboFix
2012-04-28 22:42:17 ----A---- C:\WINDOWS\system32\sdnclean.exe
2012-04-22 09:25:06 ----D---- C:\Documents and Settings\JF\Data aplikací\Auslogics
2012-04-22 09:23:35 ----D---- C:\Program Files\Auslogics
2012-04-20 20:48:28 ----D---- C:\Program Files\DAEMON Tools Toolbar
2012-04-20 20:48:20 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
2012-04-20 20:48:07 ----D---- C:\Program Files\DAEMON Tools Lite
2012-04-20 20:47:40 ----D---- C:\Documents and Settings\JF\Data aplikací\DAEMON Tools Lite
2012-04-20 20:47:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2012-04-16 08:04:45 ----D---- C:\Program Files\Common Files\Java
2012-04-16 08:02:36 ----A---- C:\WINDOWS\system32\javaws.exe
2012-04-16 08:02:36 ----A---- C:\WINDOWS\system32\javaw.exe
2012-04-16 08:02:36 ----A---- C:\WINDOWS\system32\java.exe
2012-04-16 08:02:18 ----D---- C:\Program Files\Java
2012-04-08 15:55:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\EgisTec
2012-04-08 15:53:45 ----A---- C:\WINDOWS\system32\drivers\mwlPSDVDisk.sys
2012-04-08 15:53:45 ----A---- C:\WINDOWS\system32\drivers\mwlPSDNserv.sys
2012-04-08 15:53:45 ----A---- C:\WINDOWS\system32\drivers\mwlPSDFilter.sys
2012-04-08 15:53:11 ----D---- C:\Program Files\EgisTec MyWinLocker
2012-04-08 15:53:11 ----D---- C:\Program Files\EgisTec IPS
2012-04-08 15:53:11 ----D---- C:\Program Files\Common Files\EgisTec
2012-04-08 15:53:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\EgisTec IPS
2012-04-07 19:28:18 ----D---- C:\Program Files\Portrait Professional Studio 9
2012-04-07 17:03:06 ----D---- C:\Program Files\Total Video Converter
2012-04-06 17:40:35 ----D---- C:\Program Files\AutorunRemover
2012-04-06 17:33:36 ----D---- C:\Program Files\YTD
======List of files/folders modified in the last 1 month======
2012-05-06 00:45:03 ----D---- C:\WINDOWS
2012-05-06 00:45:03 ----A---- C:\WINDOWS\system.ini
2012-05-06 00:44:48 ----D---- C:\WINDOWS\system32\drivers\etc
2012-05-06 00:44:07 ----D---- C:\Program Files\Zrychleni Pocitace
2012-05-06 00:40:54 ----D---- C:\WINDOWS\system32\config
2012-05-05 01:22:37 ----D---- C:\Program Files\Trend Micro
2012-05-05 00:48:27 ----D---- C:\WINDOWS\system32\drivers
2012-05-05 00:48:26 ----AD---- C:\Qoobox
2012-05-05 00:47:39 ----SHD---- C:\WINDOWS\Installer
2012-05-05 00:47:39 ----D---- C:\Config.Msi
2012-05-02 17:09:33 ----D---- C:\WINDOWS\system32\wbem
2012-05-02 17:09:27 ----D---- C:\WINDOWS\Registration
2012-05-01 22:52:18 ----D---- C:\Program Files\Winamp
2012-05-01 22:48:51 ----D---- C:\Program Files\CCleaner
2012-05-01 21:03:34 ----RSD---- C:\WINDOWS\Fonts
2012-05-01 20:07:32 ----D---- C:\UCTO2011
2012-05-01 19:27:16 ----HD---- C:\WINDOWS\inf
2012-05-01 15:04:03 ----A---- C:\WINDOWS\system32\tiskarny.txt
2012-05-01 12:57:02 ----D---- C:\Program Files\iTV
2012-05-01 10:11:07 ----D---- C:\KLIMŠA moje CD s programy
2012-05-01 06:58:51 ----D---- C:\WINDOWS\system32\CatRoot
2012-05-01 06:57:17 ----D---- C:\Program Files\Movie Maker
2012-04-30 21:03:27 ----SH---- C:\boot.ini
2012-04-30 21:03:27 ----A---- C:\WINDOWS\win.ini
2012-04-30 19:31:34 ----D---- C:\WINDOWS\Prefetch
2012-04-30 18:06:24 ----D---- C:\rsit
2012-04-30 18:04:09 ----D---- C:\WINDOWS\Help
2012-04-30 18:01:12 ----D---- C:\WINDOWS\system32\NtmsData
2012-04-30 09:21:48 ----D---- C:\Program Files\BarCodeXP
2012-04-30 06:28:48 ----D---- C:\Program Files\internet explorer
2012-04-29 20:55:26 ----D---- C:\Documents and Settings\JF\Data aplikací\vlc
2012-04-29 19:57:06 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-04-29 19:44:50 ----D---- C:\Program Files\Zoner
2012-04-29 19:25:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-04-29 10:52:21 ----D---- C:\PROGRAMY
2012-04-29 10:52:16 ----D---- C:\Documents and Settings\JF\Data aplikací\PhotoMontageGuide
2012-04-29 10:05:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\MAGIX
2012-04-29 09:03:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avanquest
2012-04-29 09:03:16 ----HD---- C:\Program Files\InstallShield Installation Information
2012-04-29 08:43:40 ----D---- C:\Program Files\MOJOSOFT
2012-04-29 08:34:55 ----D---- C:\Program Files\Ashampoo
2012-04-29 08:28:42 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2012-04-29 08:05:10 ----RSD---- C:\WINDOWS\assembly
2012-04-29 08:04:06 ----D---- C:\WINDOWS\SHELLNEW
2012-04-29 07:20:25 ----D---- C:\Program Files\A-PDF Scan Optimizer
2012-04-29 07:16:01 ----D---- C:\Program Files\VDownloader
2012-04-29 07:15:59 ----D---- C:\ProgramData
2012-04-29 07:14:55 ----D---- C:\Program Files\RipTiger
2012-04-29 07:13:33 ----D---- C:\Program Files\DsNET Corp
2012-04-29 07:09:54 ----D---- C:\Documents and Settings\JF\Data aplikací\mojosoft
2012-04-29 07:09:22 ----D---- C:\Program Files\NirSoft
2012-04-29 07:07:40 ----D---- C:\Program Files\MyHeritage
2012-04-29 07:04:54 ----D---- C:\Program Files\Labels
2012-04-29 07:04:38 ----D---- C:\Program Files\Kalendar
2012-04-29 06:28:55 ----D---- C:\FOTO
2012-04-29 00:39:52 ----AD---- C:\Documents and Settings\All Users\Data aplikací\Temp
2012-04-29 00:36:20 ----D---- C:\Downloads
2012-04-29 00:07:53 ----D---- C:\WINDOWS\system32
2012-04-29 00:07:53 ----D---- C:\WINDOWS\AppPatch
2012-04-29 00:07:51 ----D---- C:\Program Files\Common Files
2012-04-29 00:03:12 ----D---- C:\WINDOWS\system32\CatRoot2
2012-04-29 00:03:03 ----D---- C:\WINDOWS\ERDNT
2012-04-28 23:47:19 ----D---- C:\Download STARSI
2012-04-28 23:43:13 ----D---- C:\WINDOWS\Debug
2012-04-28 23:33:29 ----RD---- C:\Program Files
2012-04-28 23:26:36 ----D---- C:\VYMAZAT ProgramData
2012-04-28 23:20:34 ----A---- C:\WINDOWS\WININIT.INI
2012-04-28 22:42:23 ----SD---- C:\WINDOWS\Tasks
2012-04-28 22:42:19 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-04-28 22:28:16 ----D---- C:\Program Files\Adobe
2012-04-28 12:46:24 ----D---- C:\Program Files\Microsoft Security Client
2012-04-27 00:35:32 ----D---- C:\Revize
2012-04-24 06:38:58 ----D---- C:\Program Files\WinRAR
2012-04-22 11:41:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-04-20 21:17:05 ----D---- C:\Program Files\Google
2012-04-18 15:43:46 ----D---- C:\Spotrebice
2012-04-18 06:43:20 ----D---- C:\Program Files\Rozvodné sítě
2012-04-16 19:41:36 ----D---- C:\Documents and Settings\JF\Data aplikací\Zoner
2012-04-16 08:02:22 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-04-15 08:17:12 ----D---- C:\Program Files\TuneUp Utilities 2012
2012-04-14 18:13:24 ----D---- C:\Program Files\Mozilla Firefox
2012-04-14 15:35:40 ----D---- C:\WINDOWS\pss
2012-04-12 06:51:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2012-04-11 17:29:00 ----D---- C:\WINDOWS\Microsoft.NET
2012-04-11 17:27:44 ----HD---- C:\WINDOWS\$hf_mig$
2012-04-11 17:27:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-04-11 17:26:22 ----D---- C:\WINDOWS\WinSxS
2012-04-11 17:15:08 ----A---- C:\WINDOWS\system32\MRT.exe
2012-04-07 09:49:26 ----D---- C:\Temp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-03-20 171064]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-08-25 36528]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-04-20 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2009-08-04 11296]
R1 AsUpIO;AsUpIO; C:\WINDOWS\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-04-08 18024]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-04-08 15208]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-04-08 60800]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-23 12032]
R2 BT848;Bt878, WDM Video Capture; C:\WINDOWS\system32\drivers\BT848.sys [2001-05-28 204728]
R2 BTTUNER;BtTuner, WDM TvTuner; C:\WINDOWS\system32\drivers\BTTUNER.sys [2001-09-12 8312]
R2 BTXBAR;BtXBar, WDM Crossbar; C:\WINDOWS\system32\drivers\BTXBAR.sys [2000-03-13 12600]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-07-16 35088]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-07-31 4411392]
R3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\System32\DRIVERS\Dot4.sys [2008-04-14 206976]
R3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\System32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-09-23 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2009-06-25 3734976]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-07-28 143360]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys []
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2011-03-29 2799728]
S3 a6j3wtsk;a6j3wtsk; C:\WINDOWS\system32\drivers\a6j3wtsk.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-12-08 30312]
S3 catchme;catchme; \??\C:\ComboFix1\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\WINDOWS\system32\DRIVERS\clwvd.sys []
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\K!TV\Plugins\S_Bt8x8\DSDrv4.sys []
S3 MFE_RR;MFE_RR; \??\C:\DOCUME~1\JF\LOCALS~1\Temp\mfe_rr.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-08-17 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 rkhdrv40;Rootkit Unhooker Driver; C:\WINDOWS\system32\drivers\rkhdrv40.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 XHASP;XHASP; \??\c:\windows\system32\drivers\XHASP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-12-28 96896]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-07-31 602112]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [2010-03-05 235752]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-07-22 173424]
R2 FileOpenManagerSvc;FileOpenManagerSvc; C:\Documents and Settings\All Users\Data aplikací\FileOpen\Services\FileOpenManagerSvc32.exe [2011-04-18 211840]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-04-16 153376]
R2 KaraokeService;VIA Karaoke digital mixer Service; C:\WINDOWS\system32\KaraokeSer.exe [2011-03-29 88688]
R2 PCSUService;PC Speed Up Service; C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2011-12-06 267488]
R2 Printer Control;Printer Control; C:\WINDOWS\system32\PrintCtrl.exe [2009-10-28 65536]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-10-14 1479488]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-05 136176]
S2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 11552]
S2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe []
S2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-02-07 1185704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 253088]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-10-28 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GSService;GSService; C:\WINDOWS\system32\GSService.exe [2012-01-23 249856]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-05 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu (asi wormBlaster? )
Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:
Dále odinstalujte Spybot (je to minulost a dnes prakticky není účinný) a nahraďte ho některým antivirem: http://forum.viry.cz/viewforum.php?f=29 .
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.KillAll::
Folder::
c:\program files\Trojan Remover
c:\program files\DAEMON Tools Toolbar
c:\program files\facemoods.com
c:\program files\SweetIM
C:\Program Files\Skype\Toolbars
Collect::
c:\docume~1\JF\LOCALS~1\Temp\mfe_rr.sys
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Driver::
MFE_RR
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SweetIM"=-
"facemoods"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Dále odinstalujte Spybot (je to minulost a dnes prakticky není účinný) a nahraďte ho některým antivirem: http://forum.viry.cz/viewforum.php?f=29 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu (asi wormBlaster? )
Pořád stejný celkově.
Udělal jsem vše, dle pokynů (v nouzovém režimu,jinak to nejde), nakonec to chtělo připojení na internet a poslat něco na analýzu. Bohužel,to nejde, protože mi to jde pouze v nouzovém režimu (než se načtou Windousiy,je uvodní obrazovka, tak se to restartuje,dolní lišta s časem není vidět).
ComboFix 12-05-05.06 - Administrator . 05. 2012 15:21:19.6.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3327.2916 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\Administrator\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
file zipped: c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
file zipped: c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\program files\DAEMON Tools Toolbar\DTToolbar.dll
c:\program files\DAEMON Tools Toolbar\Resources\about.ico
c:\program files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
c:\program files\DAEMON Tools Toolbar\Resources\accept.ico
c:\program files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.png
c:\program files\DAEMON Tools Toolbar\Resources\astro.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_download.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_home.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_lite.ico
c:\program files\DAEMON Tools Toolbar\Resources\astroburn_site.ico
c:\program files\DAEMON Tools Toolbar\Resources\astroLite_16.ico
c:\program files\DAEMON Tools Toolbar\Resources\az.ico
c:\program files\DAEMON Tools Toolbar\Resources\b1.bmp
c:\program files\DAEMON Tools Toolbar\Resources\b1.png
c:\program files\DAEMON Tools Toolbar\Resources\burn_files.ico
c:\program files\DAEMON Tools Toolbar\Resources\burn_image.ico
c:\program files\DAEMON Tools Toolbar\Resources\burn_imgs.ico
c:\program files\DAEMON Tools Toolbar\Resources\BurnImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\cond000.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond001.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond003.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond004.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond005.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond006.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond007.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond008.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond009.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond010.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond011.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond019.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond020.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond021.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond022.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond023.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond024.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond025.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond026.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond037.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond038.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond039.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond040.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond041.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond046.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond048.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond050.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond051.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond052.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond053.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond054.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond055.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond056.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond057.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond058.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond059.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond060.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond061.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond062.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond063.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond064.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond065.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond066.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond067.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond068.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond069.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond075.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond076.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond077.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond078.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond079.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond080.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond084.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond085.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond086.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond087.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond088.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond089.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond090.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond091.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond092.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond093.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond094.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond095.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond108.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond109.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond110.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond111.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond112.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond113.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond120.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond121.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond122.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond126.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond127.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond128.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond129.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond130.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond131.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond132.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond133.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond134.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond135.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond136.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond137.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond138.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond140.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond141.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond142.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond143.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond148.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond149.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond152.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond154.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond155.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond156.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond157.gif
c:\program files\DAEMON Tools Toolbar\Resources\Config.ico
c:\program files\DAEMON Tools Toolbar\Resources\d.ico
c:\program files\DAEMON Tools Toolbar\Resources\d2.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon_search_site.ico
c:\program files\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
c:\program files\DAEMON Tools Toolbar\Resources\download.ico
c:\program files\DAEMON Tools Toolbar\Resources\ds.ico
c:\program files\DAEMON Tools Toolbar\Resources\dsearch.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt-home.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_about.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_download.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_faq.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_line.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_lite.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_manual.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_pro.ico
c:\program files\DAEMON Tools Toolbar\Resources\DTPro.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt16.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt32.ico
c:\program files\DAEMON Tools Toolbar\Resources\Dwnl.ico
c:\program files\DAEMON Tools Toolbar\Resources\emulation.ico
c:\program files\DAEMON Tools Toolbar\Resources\favicon.ico
c:\program files\DAEMON Tools Toolbar\Resources\features.ico
c:\program files\DAEMON Tools Toolbar\Resources\feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixCristals.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixDownload.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixPlayOnline.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixTop.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameS.ico
c:\program files\DAEMON Tools Toolbar\Resources\games_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\games_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\gct16.ico
c:\program files\DAEMON Tools Toolbar\Resources\gd.ico
c:\program files\DAEMON Tools Toolbar\Resources\genre.xml
c:\program files\DAEMON Tools Toolbar\Resources\globe.ico
c:\program files\DAEMON Tools Toolbar\Resources\GrabImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\hb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\hb.ico
c:\program files\DAEMON Tools Toolbar\Resources\help.ico
c:\program files\DAEMON Tools Toolbar\Resources\hide.ico
c:\program files\DAEMON Tools Toolbar\Resources\home.ico
c:\program files\DAEMON Tools Toolbar\Resources\image_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\image_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageS.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\ip.ico
c:\program files\DAEMON Tools Toolbar\Resources\lang.xml
c:\program files\DAEMON Tools Toolbar\Resources\lingvo.ico
c:\program files\DAEMON Tools Toolbar\Resources\m.ico
c:\program files\DAEMON Tools Toolbar\Resources\mail.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuTr.ico
c:\program files\DAEMON Tools Toolbar\Resources\mount.ico
c:\program files\DAEMON Tools Toolbar\Resources\mount_n_drive.ico
c:\program files\DAEMON Tools Toolbar\Resources\next.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\noW.gif
c:\program files\DAEMON Tools Toolbar\Resources\op.ico
c:\program files\DAEMON Tools Toolbar\Resources\play.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play.ico
c:\program files\DAEMON Tools Toolbar\Resources\play_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\pragma.ico
c:\program files\DAEMON Tools Toolbar\Resources\prev.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prod.ico
c:\program files\DAEMON Tools Toolbar\Resources\Radio.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioE.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioG.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioN.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioW.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rbcheck.ico
c:\program files\DAEMON Tools Toolbar\Resources\rbtxt.ico
c:\program files\DAEMON Tools Toolbar\Resources\refresh.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Rss.ico
c:\program files\DAEMON Tools Toolbar\Resources\Rss1.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA1.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssClose.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rssOpen.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssRefresh.ico
c:\program files\DAEMON Tools Toolbar\Resources\s2.ico
c:\program files\DAEMON Tools Toolbar\Resources\show.ico
c:\program files\DAEMON Tools Toolbar\Resources\size.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_lr.ico
c:\program files\DAEMON Tools Toolbar\Resources\size_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_rl.ico
c:\program files\DAEMON Tools Toolbar\Resources\skins.ico
c:\program files\DAEMON Tools Toolbar\Resources\spt.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\style.ico
c:\program files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
c:\program files\DAEMON Tools Toolbar\Resources\time.ico
c:\program files\DAEMON Tools Toolbar\Resources\timer.ico
c:\program files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
c:\program files\DAEMON Tools Toolbar\Resources\toolbar.xml
c:\program files\DAEMON Tools Toolbar\Resources\trans.ico
c:\program files\DAEMON Tools Toolbar\Resources\Trash.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\u.ico
c:\program files\DAEMON Tools Toolbar\Resources\unmount-all.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol_back.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
c:\program files\DAEMON Tools Toolbar\Resources\web_resources.ico
c:\program files\DAEMON Tools Toolbar\Resources\web_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\web_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\WebS.ico
c:\program files\DAEMON Tools Toolbar\Resources\WebSa.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi0.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi1.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi10.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi11.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi12.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi13.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi14.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi2.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi3.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi4.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi5.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi6.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi7.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi8.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi9.ico
c:\program files\DAEMON Tools Toolbar\uninst.exe
C:\Program Files\Skype\Toolbars
C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe
C:\Program Files\Skype\Toolbars\Internet Explorer\uninstall.ico
C:\Program Files\Skype\Toolbars\Shared\SkypeBrowserOptions.dll
C:\Program Files\Skype\Toolbars\Shared\SkypePnr.dll
C:\Program Files\Skype\Toolbars\SkypeToolbars.msi
c:\program files\Trojan Remover
c:\program files\Trojan Remover\rmt.dta
c:\program files\Trojan Remover\Rmvtrjan.exe
c:\program files\Trojan Remover\Sschk.exe
c:\program files\Trojan Remover\trjhelp.chm
c:\program files\Trojan Remover\Trjscan.exe
c:\program files\Trojan Remover\Trshlex.dll
c:\program files\Trojan Remover\trunins.exe
c:\program files\Trojan Remover\trupd.exe
c:\program files\Trojan Remover\trupd.tru
c:\program files\Trojan Remover\unins000.dat
c:\program files\Trojan Remover\unins000.exe
c:\program files\Trojan Remover\unins000.msg
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MFE_RR
-------\Service_MFE_RR
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-06 do 2012-05-06 )))))))))))))))))))))))))))))))
2012-05-06 10:04:30 . 2012-05-06 10:04:30 -------- d-----w- C:\Documents and Settings\Administrator\Data aplikací\SUPERAntiSpyware.com
2012-05-05 08:02:07 . 2012-05-05 08:02:12 -------- d-----w- C:\Program Files\1ClickDownload
2012-05-05 07:43:58 . 2012-05-05 07:43:58 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2012-05-05 07:43:25 . 2012-05-05 07:56:12 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-05-04 04:36:05 . 2012-05-04 04:36:05 -------- d-----w- C:\Documents and Settings\Administrator\Data aplikací\Simply Super Software
2012-05-03 13:01:44 . 2012-05-03 13:02:08 -------- d-----w- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Adobe
2012-05-02 15:13:26 . 2012-04-13 07:36:43 6734704 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{74533BF8-F3D2-4BA8-B9F4-1CDFE886C323}\mpengine.dll
2012-05-02 15:09:27 . 2012-05-02 15:09:27 -------- d-----w- C:\WINDOWS\system32\wbem\Repository
2012-05-02 04:10:25 . 2012-05-02 04:10:25 29904 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{74533BF8-F3D2-4BA8-B9F4-1CDFE886C323}\MpKsl3081fc0d.sys
2012-05-01 17:29:19 . 2012-05-01 17:29:19 -------- d-----w- C:\Program Files\IGC
2012-05-01 13:35:22 . 2012-05-01 13:35:22 -------- d-----w- C:\Program Files\PlotSoft
2012-04-30 21:57:06 . 2012-04-30 14:36:09 -------- d-----w- C:\Program Files\stinger
2012-04-30 17:31:19 . 2012-04-28 21:16:59 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-04-30 17:31:07 . 2012-05-05 22:40:54 -------- d-----w- C:\Program Files\Spybot - Search & Destroy 2
2012-04-30 04:26:14 . 2006-06-19 10:01:38 69632 ----a-w- C:\WINDOWS\system32\ztvcabinet.dll
2012-04-30 04:26:14 . 2006-05-25 12:52:46 162304 ----a-w- C:\WINDOWS\system32\ztvunrar36.dll
2012-04-30 04:26:14 . 2005-08-25 22:50:00 77312 ----a-w- C:\WINDOWS\system32\ztvunace26.dll
2012-04-30 04:26:14 . 2003-02-02 17:06:02 153088 ----a-w- C:\WINDOWS\system32\UNRAR3.dll
2012-04-30 04:26:14 . 2002-03-05 22:00:00 75264 ----a-w- C:\WINDOWS\system32\unacev2.dll
2012-04-30 04:26:05 . 2012-04-30 04:26:05 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2012-04-29 05:21:43 . 2012-04-13 07:36:43 6734704 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-04-28 21:29:19 . 2012-04-28 21:29:19 -------- d-----w- C:\Documents and Settings\NetworkService\Plocha
2012-04-28 20:42:17 . 2009-01-25 10:14:20 15224 ----a-w- C:\WINDOWS\system32\sdnclean.exe
2012-04-22 07:23:35 . 2012-04-22 07:23:35 -------- d-----w- C:\Program Files\Auslogics
2012-04-20 18:48:20 . 2012-04-20 18:48:21 691696 ----a-w- C:\WINDOWS\system32\drivers\sptd.sys
2012-04-20 18:48:07 . 2012-04-20 18:48:34 -------- d-----w- C:\Program Files\DAEMON Tools Lite
2012-04-20 18:47:37 . 2012-04-20 18:48:05 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2012-04-16 06:04:45 . 2012-04-16 06:04:45 -------- d-----w- C:\Program Files\Common Files\Java
2012-04-16 06:02:36 . 2012-04-16 06:02:23 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2012-04-16 06:02:18 . 2012-04-16 06:02:18 -------- d-----w- C:\Program Files\Java
2012-04-14 16:11:46 . 2012-04-14 16:11:46 592824 ----a-w- C:\Program Files\Mozilla Firefox\gkmedias.dll
2012-04-14 16:11:46 . 2012-04-14 16:11:46 44472 ----a-w- C:\Program Files\Mozilla Firefox\mozglue.dll
2012-04-14 16:11:45 . 2012-04-14 16:11:45 626688 ----a-w- C:\Program Files\Mozilla Firefox\msvcr80.dll
2012-04-14 16:11:45 . 2012-04-14 16:11:45 548864 ----a-w- C:\Program Files\Mozilla Firefox\msvcp80.dll
2012-04-14 16:11:45 . 2012-04-14 16:11:45 479232 ----a-w- C:\Program Files\Mozilla Firefox\msvcm80.dll
2012-04-08 13:55:05 . 2012-04-08 13:55:05 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\EgisTec
2012-04-08 13:53:45 . 2012-04-08 13:53:45 60800 ----a-w- C:\WINDOWS\system32\drivers\mwlPSDVDisk.sys
2012-04-08 13:53:45 . 2012-04-08 13:53:45 18024 ----a-w- C:\WINDOWS\system32\drivers\mwlPSDFilter.sys
2012-04-08 13:53:45 . 2012-04-08 13:53:45 15208 ----a-w- C:\WINDOWS\system32\drivers\mwlPSDNserv.sys
2012-04-08 13:53:11 . 2012-04-08 15:00:14 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\EgisTec IPS
2012-04-08 13:53:11 . 2012-04-08 13:53:54 -------- d-----w- C:\Program Files\EgisTec MyWinLocker
2012-04-08 13:53:11 . 2012-04-08 13:53:16 -------- d-----w- C:\Program Files\EgisTec IPS
2012-04-08 13:53:11 . 2012-04-08 13:53:11 -------- d-----w- C:\Program Files\Common Files\EgisTec
2012-04-07 17:28:18 . 2012-04-07 17:30:10 -------- d-----w- C:\Program Files\Portrait Professional Studio 9
2012-04-07 15:03:06 . 2012-04-29 19:07:23 -------- d-----w- C:\Program Files\Total Video Converter
2012-04-06 15:40:35 . 2012-04-06 16:06:03 -------- d-----w- C:\Program Files\AutorunRemover
2012-04-06 15:33:36 . 2012-04-06 15:34:03 -------- d-----w- C:\Program Files\YTD
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2012-04-30 14:03:28 . 2010-04-01 09:21:01 14664 ----a-w- C:\WINDOWS\stinger.sys
2012-04-29 17:57:06 . 2012-03-30 04:33:02 418464 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-04-29 17:57:05 . 2011-10-19 07:59:10 70304 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2012-04-16 06:02:22 . 2011-10-20 18:08:38 472808 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2012-03-22 19:12:12 . 2012-03-22 19:12:12 4435968 ----a-w- C:\WINDOWS\system32\GPhotos.scr
2012-03-20 18:44:12 . 2011-04-18 11:18:50 171064 ----a-w- C:\WINDOWS\system32\drivers\MpFilter.sys
2012-03-01 10:59:57 . 2011-10-18 22:26:21 916992 ----a-w- C:\WINDOWS\system32\wininet.dll
2012-03-01 10:59:57 . 2011-10-18 22:26:01 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll
2012-03-01 10:59:57 . 2011-10-18 22:26:00 1469440 ----a-w- C:\WINDOWS\system32\inetcpl.cpl
2012-02-29 14:10:19 . 2011-10-18 22:26:21 177664 ----a-w- C:\WINDOWS\system32\wintrust.dll
2012-02-29 14:10:19 . 2011-10-18 22:25:59 148480 ----a-w- C:\WINDOWS\system32\imagehlp.dll
2012-02-29 12:17:53 . 2011-10-18 22:56:19 385024 ----a-w- C:\WINDOWS\system32\html.iec
2012-02-14 10:09:44 . 2012-02-14 10:09:44 1070352 ----a-w- C:\WINDOWS\system32\MSCOMCTL.OCX
2010-02-10 03:18:42 . 2012-01-27 19:53:01 2131336 ----a-w- C:\Program Files\Common Files\AskToolbarInstaller.exe
2012-04-14 16:11:47 . 2011-10-19 07:36:32 97208 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll
((((((((((((((((((((((((((((( SnapShot_2012-04-30_19.38.46 )))))))))))))))))))))))))))))))))))))))))
+ 2012-05-06 13:41:56 . 2012-05-06 13:41:56 16384 C:\WINDOWS\temp\Perflib_Perfdata_78c.dat
+ 2012-05-06 13:39:14 . 2012-05-06 13:39:14 16384 C:\WINDOWS\temp\Perflib_Perfdata_768.dat
+ 2012-05-06 13:36:20 . 2012-05-06 13:36:20 16384 C:\WINDOWS\temp\Perflib_Perfdata_62c.dat
+ 2012-05-06 13:41:57 . 2012-05-06 13:41:57 16384 C:\WINDOWS\temp\Perflib_Perfdata_2ac.dat
+ 2012-05-06 13:39:15 . 2012-05-06 13:39:15 16384 C:\WINDOWS\temp\Perflib_Perfdata_28c.dat
+ 2012-05-06 13:36:30 . 2012-05-06 13:36:30 16384 C:\WINDOWS\temp\Perflib_Perfdata_1c8.dat
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCU"="C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe" [2010-03-05 08:15:04 411864]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 06:52:18 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2008-04-14 06:52:36 78848]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 17:13:36 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21:41 548352 ----a-w- C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SDWinLogon]
SDWinLogon.dll [BU]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\E:\0autocheck autochk *\0\0sdnclean.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
backup=C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37:53 843712 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutorunRemover.exe]
2009-10-21 21:08:12 1360896 ----a-w- C:\Program Files\AutorunRemover\AutorunRemover.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]
2010-03-05 08:15:04 411864 ----a-w- C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 06:52:18 15360 ----a-w- C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
2011-06-22 14:37:48 418672 ----a-w- C:\Program Files\EgisTec IPS\PmmUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
2011-06-22 14:37:32 202608 ----a-w- C:\Program Files\EgisTec IPS\EgisUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36:46 30040 ----a-w- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2012-03-26 15:08:12 931200 ----a-w- C:\Program Files\Microsoft Security Client\msseces.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MWLTSR]
2011-07-22 11:45:34 126320 ----a-w- C:\Program Files\EgisTec MyWinLocker\MWLTSR.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2011-11-01 14:40:04 1053056 ----a-w- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
2011-12-06 12:27:02 187616 ----a-w- C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
2012-02-07 15:19:44 3865504 ----a-w- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 12:02:04 254696 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-10-19 16:09:12 273528 ----a-w- C:\Program Files\Real\RealPlayer\Update\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51:26 17408 ----a-w- C:\Program Files\Unlocker\UnlockerAssistant.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Acrobat Speed Launcher"="C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"BCU"="C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
"TkBellExe"="C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"vspdfprsrv.exe"=C:\Program Files\Avanquest\Expert PDF 7 Professional\vspdfprsrv.exe --background
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
"Bonus.SSR.FR11"="C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\RipTiger\\RipTiger.exe"=
"C:\\Program Files\\RipTiger\\HTTPDownloaderApp.exe"=
"C:\\Program Files\\RipTiger\\RTMPDownloaderApp.exe"=
"C:\\Program Files\\RipTiger\\VideoDownloadApp_RTMP.exe"=
"C:\\Program Files\\RipTiger\\MMSDownloaderApp.exe"=
"C:\\Downloads\\MlcCamServer\\MlcCamServer.exe"=
"C:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=
"C:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"C:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [20. 4. 2012 20:48:20 691696]
S1 AsUpIO;AsUpIO;C:\WINDOWS\system32\drivers\AsUpIO.sys [19. 10. 2011 15:26:31 11448]
S1 mwlPSDFilter;mwlPSDFilter;C:\WINDOWS\system32\drivers\mwlPSDFilter.sys [8. 4. 2012 15:53:45 18024]
S1 mwlPSDNServ;mwlPSDNServ;C:\WINDOWS\system32\drivers\mwlPSDNserv.sys [8. 4. 2012 15:53:45 15208]
S1 mwlPSDVDisk;mwlPSDVDisk;C:\WINDOWS\system32\drivers\mwlPSDVDisk.sys [8. 4. 2012 15:53:45 60800]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv.sys [17. 2. 2010 20:25:48 12872]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [10. 5. 2010 20:41:30 67656]
S2 AsSysCtrlService;ASUS System Control Service;C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [19. 10. 2011 8:34:43 96896]
S2 BCUService;Browser Configuration Utility Service;C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [5. 3. 2010 10:15:12 235752]
S2 BT848;Bt878, WDM Video Capture;C:\WINDOWS\system32\drivers\bt848.sys [19. 10. 2011 12:12:21 204728]
S2 BTTUNER;BtTuner, WDM TvTuner;C:\WINDOWS\system32\drivers\Bttuner.sys [19. 10. 2011 12:12:21 8312]
S2 BTXBAR;BtXBar, WDM Crossbar;C:\WINDOWS\system32\drivers\Btxbar.sys [19. 10. 2011 12:12:21 12600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18. 3. 2010 13:16:28 130384]
S2 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [22. 7. 2011 13:46:28 173424]
S2 FileOpenManagerSvc;FileOpenManagerSvc;C:\Documents and Settings\All Users\Data aplikací\FileOpen\Services\FileOpenManagerSvc32.exe [18. 4. 2011 20:25:32 211840]
S2 gupdate;Služba Google Update (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [5. 1. 2012 14:58:10 136176]
S2 KaraokeService;VIA Karaoke digital mixer Service;C:\WINDOWS\system32\KaraokeSer.exe [20. 10. 2011 9:14:40 88688]
S2 npf;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [16. 7. 2010 2:45:44 35088]
S2 PCSUService;PC Speed Up Service;C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2. 2. 2012 13:38:48 267488]
S2 Printer Control;Printer Control;C:\WINDOWS\system32\PrintCtrl.exe [20. 10. 2011 10:33:56 65536]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe --> C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [?]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [28. 4. 2012 22:42:17 1185704]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [14. 10. 2011 17:37:12 1479488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30. 3. 2012 6:33:02 253088]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\WINDOWS\system32\drivers\ssadadb.sys [19. 2. 2012 0:02:18 30312]
S3 CFcatchme;CFcatchme;\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\CFcatchme.sys --> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\CFcatchme.sys [?]
S3 clwvd;CyberLink WebCam Virtual Driver;C:\WINDOWS\system32\DRIVERS\clwvd.sys --> C:\WINDOWS\system32\DRIVERS\clwvd.sys [?]
S3 GSService;GSService;C:\WINDOWS\system32\GSService.exe [17. 11. 2011 19:11:41 249856]
S3 gupdatem;Služba Google Update (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [5. 1. 2012 14:58:10 136176]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [15. 11. 2011 1:08:41 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [15. 11. 2011 1:08:42 8576]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9. 1. 2010 22:37:50 4640000]
S3 Revoflt;Revoflt;C:\WINDOWS\system32\drivers\revoflt.sys [19. 10. 2011 16:58:15 27064]
S3 rkhdrv40;Rootkit Unhooker Driver; [x]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\WINDOWS\system32\drivers\ssadbus.sys [19. 2. 2012 0:02:17 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\WINDOWS\system32\drivers\ssadmdfl.sys [19. 2. 2012 0:02:18 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\WINDOWS\system32\drivers\ssadmdm.sys [19. 2. 2012 0:02:18 136808]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [13. 10. 2011 18:33:58 10064]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\WINDOWS\system32\drivers\viahduaa.sys [13. 1. 2011 17:34:06 2799728]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18. 3. 2010 13:16:28 753504]
S3 XHASP;XHASP;C:\WINDOWS\system32\drivers\XHASP.sys [15. 1. 2012 22:26:22 259584]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - BTTUNER
*NewlyCreated* - BTXBAR
Obsah adresáře 'Naplánované úlohy'
2012-05-03 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 04:33:02 . 2012-04-29 17:57:06]
2012-05-06 C:\WINDOWS\Tasks\Auslogics BoostSpeed Integrator Start On JF Logon.job
- C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe [2012-04-22 07:23:35 . 2012-02-22 13:02:36]
2012-05-06 C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2012-04-28 20:42:17 . 2012-02-07 15:19:52]
2012-05-06 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-05 12:58:10 . 2012-01-05 12:58:04]
2012-05-05 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-05 12:58:10 . 2012-01-05 12:58:04]
2012-05-06 C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03:40 . 2012-03-26 15:03:40]
2012-05-06 C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1606980848-2049760794-725345543-1004.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-09-27 11:40:28 . 2011-09-27 11:40:28]
2012-04-27 C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1606980848-2049760794-725345543-1004.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-09-27 11:40:28 . 2011-09-27 11:40:28]
2012-04-28 C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2012-04-28 20:42:17 . 2012-02-07 15:19:04]
2012-04-28 C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
- C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2012-04-28 20:42:16 . 2012-02-07 15:19:30]
------- Doplňkový sken -------
uStart Page = hxxp://www.seznam.cz
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\uninst.exe
AddRemove-Trojan Remover_is1 - C:\Program Files\Trojan Remover\unins000.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-06 15:47:55
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(244)
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
C:\WINDOWS\system32\Ati2evxx.dll
------------------------ Jiné spuštené procesy ------------------------
C:\Program Files\Microsoft Security Client\MsMpEng.exe
**************************************************************************
Celkový čas: 2012-05-06 15:54:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-06 13:54:08
ComboFix2.txt 2012-05-04 22:48:25
ComboFix3.txt 2012-04-30 19:45:03
ComboFix4.txt 2010-04-01 09:21:03
ComboFix5.txt 2012-05-06 13:18:01
Před spuštěním: Volných bajtů: 15 938 080 768
Po spuštění: Volných bajtů: 15 960 944 640
- - End Of File - - FE545ED092437BA61DACCB5F8C9CC366
Udělal jsem vše, dle pokynů (v nouzovém režimu,jinak to nejde), nakonec to chtělo připojení na internet a poslat něco na analýzu. Bohužel,to nejde, protože mi to jde pouze v nouzovém režimu (než se načtou Windousiy,je uvodní obrazovka, tak se to restartuje,dolní lišta s časem není vidět).
ComboFix 12-05-05.06 - Administrator . 05. 2012 15:21:19.6.2 - x86 MINIMAL
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3327.2916 [GMT 2:00]
Spuštěný z: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: C:\Documents and Settings\Administrator\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
file zipped: c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
file zipped: c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\program files\DAEMON Tools Toolbar\DTToolbar.dll
c:\program files\DAEMON Tools Toolbar\Resources\about.ico
c:\program files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
c:\program files\DAEMON Tools Toolbar\Resources\accept.ico
c:\program files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.png
c:\program files\DAEMON Tools Toolbar\Resources\astro.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_download.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_home.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_lite.ico
c:\program files\DAEMON Tools Toolbar\Resources\astroburn_site.ico
c:\program files\DAEMON Tools Toolbar\Resources\astroLite_16.ico
c:\program files\DAEMON Tools Toolbar\Resources\az.ico
c:\program files\DAEMON Tools Toolbar\Resources\b1.bmp
c:\program files\DAEMON Tools Toolbar\Resources\b1.png
c:\program files\DAEMON Tools Toolbar\Resources\burn_files.ico
c:\program files\DAEMON Tools Toolbar\Resources\burn_image.ico
c:\program files\DAEMON Tools Toolbar\Resources\burn_imgs.ico
c:\program files\DAEMON Tools Toolbar\Resources\BurnImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\cond000.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond001.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond003.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond004.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond005.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond006.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond007.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond008.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond009.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond010.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond011.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond019.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond020.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond021.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond022.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond023.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond024.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond025.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond026.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond037.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond038.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond039.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond040.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond041.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond046.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond048.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond050.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond051.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond052.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond053.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond054.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond055.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond056.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond057.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond058.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond059.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond060.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond061.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond062.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond063.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond064.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond065.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond066.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond067.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond068.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond069.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond075.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond076.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond077.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond078.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond079.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond080.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond084.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond085.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond086.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond087.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond088.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond089.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond090.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond091.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond092.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond093.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond094.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond095.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond108.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond109.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond110.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond111.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond112.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond113.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond120.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond121.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond122.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond126.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond127.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond128.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond129.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond130.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond131.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond132.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond133.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond134.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond135.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond136.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond137.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond138.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond140.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond141.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond142.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond143.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond148.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond149.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond152.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond154.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond155.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond156.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond157.gif
c:\program files\DAEMON Tools Toolbar\Resources\Config.ico
c:\program files\DAEMON Tools Toolbar\Resources\d.ico
c:\program files\DAEMON Tools Toolbar\Resources\d2.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon_search_site.ico
c:\program files\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
c:\program files\DAEMON Tools Toolbar\Resources\download.ico
c:\program files\DAEMON Tools Toolbar\Resources\ds.ico
c:\program files\DAEMON Tools Toolbar\Resources\dsearch.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt-home.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_about.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_download.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_faq.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_line.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_lite.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_manual.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_pro.ico
c:\program files\DAEMON Tools Toolbar\Resources\DTPro.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt16.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt32.ico
c:\program files\DAEMON Tools Toolbar\Resources\Dwnl.ico
c:\program files\DAEMON Tools Toolbar\Resources\emulation.ico
c:\program files\DAEMON Tools Toolbar\Resources\favicon.ico
c:\program files\DAEMON Tools Toolbar\Resources\features.ico
c:\program files\DAEMON Tools Toolbar\Resources\feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixCristals.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixDownload.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixPlayOnline.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixTop.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameS.ico
c:\program files\DAEMON Tools Toolbar\Resources\games_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\games_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\gct16.ico
c:\program files\DAEMON Tools Toolbar\Resources\gd.ico
c:\program files\DAEMON Tools Toolbar\Resources\genre.xml
c:\program files\DAEMON Tools Toolbar\Resources\globe.ico
c:\program files\DAEMON Tools Toolbar\Resources\GrabImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\hb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\hb.ico
c:\program files\DAEMON Tools Toolbar\Resources\help.ico
c:\program files\DAEMON Tools Toolbar\Resources\hide.ico
c:\program files\DAEMON Tools Toolbar\Resources\home.ico
c:\program files\DAEMON Tools Toolbar\Resources\image_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\image_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageS.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\ip.ico
c:\program files\DAEMON Tools Toolbar\Resources\lang.xml
c:\program files\DAEMON Tools Toolbar\Resources\lingvo.ico
c:\program files\DAEMON Tools Toolbar\Resources\m.ico
c:\program files\DAEMON Tools Toolbar\Resources\mail.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuTr.ico
c:\program files\DAEMON Tools Toolbar\Resources\mount.ico
c:\program files\DAEMON Tools Toolbar\Resources\mount_n_drive.ico
c:\program files\DAEMON Tools Toolbar\Resources\next.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\noW.gif
c:\program files\DAEMON Tools Toolbar\Resources\op.ico
c:\program files\DAEMON Tools Toolbar\Resources\play.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play.ico
c:\program files\DAEMON Tools Toolbar\Resources\play_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\pragma.ico
c:\program files\DAEMON Tools Toolbar\Resources\prev.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prod.ico
c:\program files\DAEMON Tools Toolbar\Resources\Radio.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioE.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioG.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioN.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioW.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rbcheck.ico
c:\program files\DAEMON Tools Toolbar\Resources\rbtxt.ico
c:\program files\DAEMON Tools Toolbar\Resources\refresh.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Rss.ico
c:\program files\DAEMON Tools Toolbar\Resources\Rss1.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA1.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssClose.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rssOpen.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssRefresh.ico
c:\program files\DAEMON Tools Toolbar\Resources\s2.ico
c:\program files\DAEMON Tools Toolbar\Resources\show.ico
c:\program files\DAEMON Tools Toolbar\Resources\size.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_lr.ico
c:\program files\DAEMON Tools Toolbar\Resources\size_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_rl.ico
c:\program files\DAEMON Tools Toolbar\Resources\skins.ico
c:\program files\DAEMON Tools Toolbar\Resources\spt.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\style.ico
c:\program files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
c:\program files\DAEMON Tools Toolbar\Resources\time.ico
c:\program files\DAEMON Tools Toolbar\Resources\timer.ico
c:\program files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
c:\program files\DAEMON Tools Toolbar\Resources\toolbar.xml
c:\program files\DAEMON Tools Toolbar\Resources\trans.ico
c:\program files\DAEMON Tools Toolbar\Resources\Trash.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\u.ico
c:\program files\DAEMON Tools Toolbar\Resources\unmount-all.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol_back.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
c:\program files\DAEMON Tools Toolbar\Resources\web_resources.ico
c:\program files\DAEMON Tools Toolbar\Resources\web_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\web_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\WebS.ico
c:\program files\DAEMON Tools Toolbar\Resources\WebSa.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi0.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi1.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi10.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi11.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi12.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi13.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi14.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi2.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi3.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi4.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi5.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi6.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi7.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi8.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi9.ico
c:\program files\DAEMON Tools Toolbar\uninst.exe
C:\Program Files\Skype\Toolbars
C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe
C:\Program Files\Skype\Toolbars\Internet Explorer\uninstall.ico
C:\Program Files\Skype\Toolbars\Shared\SkypeBrowserOptions.dll
C:\Program Files\Skype\Toolbars\Shared\SkypePnr.dll
C:\Program Files\Skype\Toolbars\SkypeToolbars.msi
c:\program files\Trojan Remover
c:\program files\Trojan Remover\rmt.dta
c:\program files\Trojan Remover\Rmvtrjan.exe
c:\program files\Trojan Remover\Sschk.exe
c:\program files\Trojan Remover\trjhelp.chm
c:\program files\Trojan Remover\Trjscan.exe
c:\program files\Trojan Remover\Trshlex.dll
c:\program files\Trojan Remover\trunins.exe
c:\program files\Trojan Remover\trupd.exe
c:\program files\Trojan Remover\trupd.tru
c:\program files\Trojan Remover\unins000.dat
c:\program files\Trojan Remover\unins000.exe
c:\program files\Trojan Remover\unins000.msg
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MFE_RR
-------\Service_MFE_RR
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-06 do 2012-05-06 )))))))))))))))))))))))))))))))
2012-05-06 10:04:30 . 2012-05-06 10:04:30 -------- d-----w- C:\Documents and Settings\Administrator\Data aplikací\SUPERAntiSpyware.com
2012-05-05 08:02:07 . 2012-05-05 08:02:12 -------- d-----w- C:\Program Files\1ClickDownload
2012-05-05 07:43:58 . 2012-05-05 07:43:58 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2012-05-05 07:43:25 . 2012-05-05 07:56:12 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-05-04 04:36:05 . 2012-05-04 04:36:05 -------- d-----w- C:\Documents and Settings\Administrator\Data aplikací\Simply Super Software
2012-05-03 13:01:44 . 2012-05-03 13:02:08 -------- d-----w- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Adobe
2012-05-02 15:13:26 . 2012-04-13 07:36:43 6734704 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{74533BF8-F3D2-4BA8-B9F4-1CDFE886C323}\mpengine.dll
2012-05-02 15:09:27 . 2012-05-02 15:09:27 -------- d-----w- C:\WINDOWS\system32\wbem\Repository
2012-05-02 04:10:25 . 2012-05-02 04:10:25 29904 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{74533BF8-F3D2-4BA8-B9F4-1CDFE886C323}\MpKsl3081fc0d.sys
2012-05-01 17:29:19 . 2012-05-01 17:29:19 -------- d-----w- C:\Program Files\IGC
2012-05-01 13:35:22 . 2012-05-01 13:35:22 -------- d-----w- C:\Program Files\PlotSoft
2012-04-30 21:57:06 . 2012-04-30 14:36:09 -------- d-----w- C:\Program Files\stinger
2012-04-30 17:31:19 . 2012-04-28 21:16:59 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-04-30 17:31:07 . 2012-05-05 22:40:54 -------- d-----w- C:\Program Files\Spybot - Search & Destroy 2
2012-04-30 04:26:14 . 2006-06-19 10:01:38 69632 ----a-w- C:\WINDOWS\system32\ztvcabinet.dll
2012-04-30 04:26:14 . 2006-05-25 12:52:46 162304 ----a-w- C:\WINDOWS\system32\ztvunrar36.dll
2012-04-30 04:26:14 . 2005-08-25 22:50:00 77312 ----a-w- C:\WINDOWS\system32\ztvunace26.dll
2012-04-30 04:26:14 . 2003-02-02 17:06:02 153088 ----a-w- C:\WINDOWS\system32\UNRAR3.dll
2012-04-30 04:26:14 . 2002-03-05 22:00:00 75264 ----a-w- C:\WINDOWS\system32\unacev2.dll
2012-04-30 04:26:05 . 2012-04-30 04:26:05 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2012-04-29 05:21:43 . 2012-04-13 07:36:43 6734704 ----a-w- C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-04-28 21:29:19 . 2012-04-28 21:29:19 -------- d-----w- C:\Documents and Settings\NetworkService\Plocha
2012-04-28 20:42:17 . 2009-01-25 10:14:20 15224 ----a-w- C:\WINDOWS\system32\sdnclean.exe
2012-04-22 07:23:35 . 2012-04-22 07:23:35 -------- d-----w- C:\Program Files\Auslogics
2012-04-20 18:48:20 . 2012-04-20 18:48:21 691696 ----a-w- C:\WINDOWS\system32\drivers\sptd.sys
2012-04-20 18:48:07 . 2012-04-20 18:48:34 -------- d-----w- C:\Program Files\DAEMON Tools Lite
2012-04-20 18:47:37 . 2012-04-20 18:48:05 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2012-04-16 06:04:45 . 2012-04-16 06:04:45 -------- d-----w- C:\Program Files\Common Files\Java
2012-04-16 06:02:36 . 2012-04-16 06:02:23 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2012-04-16 06:02:18 . 2012-04-16 06:02:18 -------- d-----w- C:\Program Files\Java
2012-04-14 16:11:46 . 2012-04-14 16:11:46 592824 ----a-w- C:\Program Files\Mozilla Firefox\gkmedias.dll
2012-04-14 16:11:46 . 2012-04-14 16:11:46 44472 ----a-w- C:\Program Files\Mozilla Firefox\mozglue.dll
2012-04-14 16:11:45 . 2012-04-14 16:11:45 626688 ----a-w- C:\Program Files\Mozilla Firefox\msvcr80.dll
2012-04-14 16:11:45 . 2012-04-14 16:11:45 548864 ----a-w- C:\Program Files\Mozilla Firefox\msvcp80.dll
2012-04-14 16:11:45 . 2012-04-14 16:11:45 479232 ----a-w- C:\Program Files\Mozilla Firefox\msvcm80.dll
2012-04-08 13:55:05 . 2012-04-08 13:55:05 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\EgisTec
2012-04-08 13:53:45 . 2012-04-08 13:53:45 60800 ----a-w- C:\WINDOWS\system32\drivers\mwlPSDVDisk.sys
2012-04-08 13:53:45 . 2012-04-08 13:53:45 18024 ----a-w- C:\WINDOWS\system32\drivers\mwlPSDFilter.sys
2012-04-08 13:53:45 . 2012-04-08 13:53:45 15208 ----a-w- C:\WINDOWS\system32\drivers\mwlPSDNserv.sys
2012-04-08 13:53:11 . 2012-04-08 15:00:14 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\EgisTec IPS
2012-04-08 13:53:11 . 2012-04-08 13:53:54 -------- d-----w- C:\Program Files\EgisTec MyWinLocker
2012-04-08 13:53:11 . 2012-04-08 13:53:16 -------- d-----w- C:\Program Files\EgisTec IPS
2012-04-08 13:53:11 . 2012-04-08 13:53:11 -------- d-----w- C:\Program Files\Common Files\EgisTec
2012-04-07 17:28:18 . 2012-04-07 17:30:10 -------- d-----w- C:\Program Files\Portrait Professional Studio 9
2012-04-07 15:03:06 . 2012-04-29 19:07:23 -------- d-----w- C:\Program Files\Total Video Converter
2012-04-06 15:40:35 . 2012-04-06 16:06:03 -------- d-----w- C:\Program Files\AutorunRemover
2012-04-06 15:33:36 . 2012-04-06 15:34:03 -------- d-----w- C:\Program Files\YTD
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
2012-04-30 14:03:28 . 2010-04-01 09:21:01 14664 ----a-w- C:\WINDOWS\stinger.sys
2012-04-29 17:57:06 . 2012-03-30 04:33:02 418464 ----a-w- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-04-29 17:57:05 . 2011-10-19 07:59:10 70304 ----a-w- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2012-04-16 06:02:22 . 2011-10-20 18:08:38 472808 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2012-03-22 19:12:12 . 2012-03-22 19:12:12 4435968 ----a-w- C:\WINDOWS\system32\GPhotos.scr
2012-03-20 18:44:12 . 2011-04-18 11:18:50 171064 ----a-w- C:\WINDOWS\system32\drivers\MpFilter.sys
2012-03-01 10:59:57 . 2011-10-18 22:26:21 916992 ----a-w- C:\WINDOWS\system32\wininet.dll
2012-03-01 10:59:57 . 2011-10-18 22:26:01 43520 ----a-w- C:\WINDOWS\system32\licmgr10.dll
2012-03-01 10:59:57 . 2011-10-18 22:26:00 1469440 ----a-w- C:\WINDOWS\system32\inetcpl.cpl
2012-02-29 14:10:19 . 2011-10-18 22:26:21 177664 ----a-w- C:\WINDOWS\system32\wintrust.dll
2012-02-29 14:10:19 . 2011-10-18 22:25:59 148480 ----a-w- C:\WINDOWS\system32\imagehlp.dll
2012-02-29 12:17:53 . 2011-10-18 22:56:19 385024 ----a-w- C:\WINDOWS\system32\html.iec
2012-02-14 10:09:44 . 2012-02-14 10:09:44 1070352 ----a-w- C:\WINDOWS\system32\MSCOMCTL.OCX
2010-02-10 03:18:42 . 2012-01-27 19:53:01 2131336 ----a-w- C:\Program Files\Common Files\AskToolbarInstaller.exe
2012-04-14 16:11:47 . 2011-10-19 07:36:32 97208 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll
((((((((((((((((((((((((((((( SnapShot_2012-04-30_19.38.46 )))))))))))))))))))))))))))))))))))))))))
+ 2012-05-06 13:41:56 . 2012-05-06 13:41:56 16384 C:\WINDOWS\temp\Perflib_Perfdata_78c.dat
+ 2012-05-06 13:39:14 . 2012-05-06 13:39:14 16384 C:\WINDOWS\temp\Perflib_Perfdata_768.dat
+ 2012-05-06 13:36:20 . 2012-05-06 13:36:20 16384 C:\WINDOWS\temp\Perflib_Perfdata_62c.dat
+ 2012-05-06 13:41:57 . 2012-05-06 13:41:57 16384 C:\WINDOWS\temp\Perflib_Perfdata_2ac.dat
+ 2012-05-06 13:39:15 . 2012-05-06 13:39:15 16384 C:\WINDOWS\temp\Perflib_Perfdata_28c.dat
+ 2012-05-06 13:36:30 . 2012-05-06 13:36:30 16384 C:\WINDOWS\temp\Perflib_Perfdata_1c8.dat
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCU"="C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe" [2010-03-05 08:15:04 411864]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 06:52:18 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2008-04-14 06:52:36 78848]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 17:13:36 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21:41 548352 ----a-w- C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SDWinLogon]
SDWinLogon.dll [BU]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\E:\0autocheck autochk *\0\0sdnclean.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
backup=C:\WINDOWS\pss\McAfee Security Scan Plus.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37:53 843712 ----a-w- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutorunRemover.exe]
2009-10-21 21:08:12 1360896 ----a-w- C:\Program Files\AutorunRemover\AutorunRemover.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]
2010-03-05 08:15:04 411864 ----a-w- C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 06:52:18 15360 ----a-w- C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
2011-06-22 14:37:48 418672 ----a-w- C:\Program Files\EgisTec IPS\PmmUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
2011-06-22 14:37:32 202608 ----a-w- C:\Program Files\EgisTec IPS\EgisUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36:46 30040 ----a-w- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2012-03-26 15:08:12 931200 ----a-w- C:\Program Files\Microsoft Security Client\msseces.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MWLTSR]
2011-07-22 11:45:34 126320 ----a-w- C:\Program Files\EgisTec MyWinLocker\MWLTSR.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2011-11-01 14:40:04 1053056 ----a-w- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
2011-12-06 12:27:02 187616 ----a-w- C:\Program Files\Zrychleni Pocitace\PCSUNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
2012-02-07 15:19:44 3865504 ----a-w- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 12:02:04 254696 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2011-10-19 16:09:12 273528 ----a-w- C:\Program Files\Real\RealPlayer\Update\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2010-07-04 19:51:26 17408 ----a-w- C:\Program Files\Unlocker\UnlockerAssistant.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Acrobat Speed Launcher"="C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"BCU"="C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe"
"TkBellExe"="C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"vspdfprsrv.exe"=C:\Program Files\Avanquest\Expert PDF 7 Professional\vspdfprsrv.exe --background
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
"Bonus.SSR.FR11"="C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"C:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\RipTiger\\RipTiger.exe"=
"C:\\Program Files\\RipTiger\\HTTPDownloaderApp.exe"=
"C:\\Program Files\\RipTiger\\RTMPDownloaderApp.exe"=
"C:\\Program Files\\RipTiger\\VideoDownloadApp_RTMP.exe"=
"C:\\Program Files\\RipTiger\\MMSDownloaderApp.exe"=
"C:\\Downloads\\MlcCamServer\\MlcCamServer.exe"=
"C:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=
"C:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"C:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [20. 4. 2012 20:48:20 691696]
S1 AsUpIO;AsUpIO;C:\WINDOWS\system32\drivers\AsUpIO.sys [19. 10. 2011 15:26:31 11448]
S1 mwlPSDFilter;mwlPSDFilter;C:\WINDOWS\system32\drivers\mwlPSDFilter.sys [8. 4. 2012 15:53:45 18024]
S1 mwlPSDNServ;mwlPSDNServ;C:\WINDOWS\system32\drivers\mwlPSDNserv.sys [8. 4. 2012 15:53:45 15208]
S1 mwlPSDVDisk;mwlPSDVDisk;C:\WINDOWS\system32\drivers\mwlPSDVDisk.sys [8. 4. 2012 15:53:45 60800]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv.sys [17. 2. 2010 20:25:48 12872]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [10. 5. 2010 20:41:30 67656]
S2 AsSysCtrlService;ASUS System Control Service;C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [19. 10. 2011 8:34:43 96896]
S2 BCUService;Browser Configuration Utility Service;C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [5. 3. 2010 10:15:12 235752]
S2 BT848;Bt878, WDM Video Capture;C:\WINDOWS\system32\drivers\bt848.sys [19. 10. 2011 12:12:21 204728]
S2 BTTUNER;BtTuner, WDM TvTuner;C:\WINDOWS\system32\drivers\Bttuner.sys [19. 10. 2011 12:12:21 8312]
S2 BTXBAR;BtXBar, WDM Crossbar;C:\WINDOWS\system32\drivers\Btxbar.sys [19. 10. 2011 12:12:21 12600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18. 3. 2010 13:16:28 130384]
S2 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [22. 7. 2011 13:46:28 173424]
S2 FileOpenManagerSvc;FileOpenManagerSvc;C:\Documents and Settings\All Users\Data aplikací\FileOpen\Services\FileOpenManagerSvc32.exe [18. 4. 2011 20:25:32 211840]
S2 gupdate;Služba Google Update (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [5. 1. 2012 14:58:10 136176]
S2 KaraokeService;VIA Karaoke digital mixer Service;C:\WINDOWS\system32\KaraokeSer.exe [20. 10. 2011 9:14:40 88688]
S2 npf;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [16. 7. 2010 2:45:44 35088]
S2 PCSUService;PC Speed Up Service;C:\Program Files\Zrychleni Pocitace\PCSUService.exe [2. 2. 2012 13:38:48 267488]
S2 Printer Control;Printer Control;C:\WINDOWS\system32\PrintCtrl.exe [20. 10. 2011 10:33:56 65536]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe --> C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [?]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [28. 4. 2012 22:42:17 1185704]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [14. 10. 2011 17:37:12 1479488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [30. 3. 2012 6:33:02 253088]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\WINDOWS\system32\drivers\ssadadb.sys [19. 2. 2012 0:02:18 30312]
S3 CFcatchme;CFcatchme;\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\CFcatchme.sys --> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\CFcatchme.sys [?]
S3 clwvd;CyberLink WebCam Virtual Driver;C:\WINDOWS\system32\DRIVERS\clwvd.sys --> C:\WINDOWS\system32\DRIVERS\clwvd.sys [?]
S3 GSService;GSService;C:\WINDOWS\system32\GSService.exe [17. 11. 2011 19:11:41 249856]
S3 gupdatem;Služba Google Update (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [5. 1. 2012 14:58:10 136176]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;C:\WINDOWS\system32\drivers\nmwcdnsu.sys [15. 11. 2011 1:08:41 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic;C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [15. 11. 2011 1:08:42 8576]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9. 1. 2010 22:37:50 4640000]
S3 Revoflt;Revoflt;C:\WINDOWS\system32\drivers\revoflt.sys [19. 10. 2011 16:58:15 27064]
S3 rkhdrv40;Rootkit Unhooker Driver; [x]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\WINDOWS\system32\drivers\ssadbus.sys [19. 2. 2012 0:02:17 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\WINDOWS\system32\drivers\ssadmdfl.sys [19. 2. 2012 0:02:18 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\WINDOWS\system32\drivers\ssadmdm.sys [19. 2. 2012 0:02:18 136808]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [13. 10. 2011 18:33:58 10064]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\WINDOWS\system32\drivers\viahduaa.sys [13. 1. 2011 17:34:06 2799728]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18. 3. 2010 13:16:28 753504]
S3 XHASP;XHASP;C:\WINDOWS\system32\drivers\XHASP.sys [15. 1. 2012 22:26:22 259584]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - BTTUNER
*NewlyCreated* - BTXBAR
Obsah adresáře 'Naplánované úlohy'
2012-05-03 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 04:33:02 . 2012-04-29 17:57:06]
2012-05-06 C:\WINDOWS\Tasks\Auslogics BoostSpeed Integrator Start On JF Logon.job
- C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe [2012-04-22 07:23:35 . 2012-02-22 13:02:36]
2012-05-06 C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2012-04-28 20:42:17 . 2012-02-07 15:19:52]
2012-05-06 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-05 12:58:10 . 2012-01-05 12:58:04]
2012-05-05 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-05 12:58:10 . 2012-01-05 12:58:04]
2012-05-06 C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03:40 . 2012-03-26 15:03:40]
2012-05-06 C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1606980848-2049760794-725345543-1004.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-09-27 11:40:28 . 2011-09-27 11:40:28]
2012-04-27 C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1606980848-2049760794-725345543-1004.job
- C:\Program Files\Real\RealUpgrade\realupgrade.exe [2011-09-27 11:40:28 . 2011-09-27 11:40:28]
2012-04-28 C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2012-04-28 20:42:17 . 2012-02-07 15:19:04]
2012-04-28 C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
- C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2012-04-28 20:42:16 . 2012-02-07 15:19:30]
------- Doplňkový sken -------
uStart Page = hxxp://www.seznam.cz
IE: Add to Google Photos Screensa&ver - C:\WINDOWS\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
DPF: DirectAnimation Java Classes - file://C:\WINDOWS\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\uninst.exe
AddRemove-Trojan Remover_is1 - C:\Program Files\Trojan Remover\unins000.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-06 15:47:55
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(244)
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
C:\WINDOWS\system32\Ati2evxx.dll
------------------------ Jiné spuštené procesy ------------------------
C:\Program Files\Microsoft Security Client\MsMpEng.exe
**************************************************************************
Celkový čas: 2012-05-06 15:54:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-06 13:54:08
ComboFix2.txt 2012-05-04 22:48:25
ComboFix3.txt 2012-04-30 19:45:03
ComboFix4.txt 2010-04-01 09:21:03
ComboFix5.txt 2012-05-06 13:18:01
Před spuštěním: Volných bajtů: 15 938 080 768
Po spuštění: Volných bajtů: 15 960 944 640
- - End Of File - - FE545ED092437BA61DACCB5F8C9CC366
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu (asi wormBlaster? )
Vše smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu (asi wormBlaster? )
Pořád stejný (psal jsem minule),hláška = za 59 vteřin restart a odpočítávání do restartu, nouzák funguje
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu (asi wormBlaster? )
Máte všechny systémové aktualizace?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu (asi wormBlaster? )
Měl bych mít,mám mnastavený hlášky a pak vždy spouštím instalaci.
Re: Prosím o kontrolu (asi wormBlaster? )
Teď navíc,jak se objeví obrazovka Vítejte, objeví mimo toho Vypnutí ještě požadavek na Přihlášení Windousu, asi se z toho po.... 
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu (asi wormBlaster? )
Udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 a dejte log. Sken lze provést v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu (asi wormBlaster? )
Po menší pauze (byl jsem mimo bydliště) .. Spustil jsem toho Kašperskýho, za celou noc to udělalo 2% z disku 500 mega,ukazovalo t ona 7dní ještě,tak sem to vzdal a domluvil se,že to uděláme na jiným PC v normál režimu (disk přemístíme), doufám,že to snad tak půjde.,pak se ozvu,O.K. ?
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu (asi wormBlaster? )
OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu (asi wormBlaster? )
VYŘEŠENO !
Kamarád,zaměstnáním "ajťák" neda dopustit na NOD32, našel toho dost,ale restarty pokračovaly dál
Nakonec jsem doma instalačním CD udělal opravu XPéček, normálně se spustily, pak jsem instaloval Kašperskýho KIS 2012, přes noc to projelo disk,našlo to Trojany Win32.VBKrypt, dále Dropper, Hoax.FlashApp a spoustu další menší havěti...
Prostě Kašperský je fakt supr antivir! Asi si ho koupím, zatím mám 3 měs. licenci.
Díky za pomoc, přej uhezký den
Jarda
Kamarád,zaměstnáním "ajťák" neda dopustit na NOD32, našel toho dost,ale restarty pokračovaly dál
Nakonec jsem doma instalačním CD udělal opravu XPéček, normálně se spustily, pak jsem instaloval Kašperskýho KIS 2012, přes noc to projelo disk,našlo to Trojany Win32.VBKrypt, dále Dropper, Hoax.FlashApp a spoustu další menší havěti...
Prostě Kašperský je fakt supr antivir! Asi si ho koupím, zatím mám 3 měs. licenci.
Díky za pomoc, přej uhezký den
Jarda
Přispějete na provoz fóra?