Taky Skype VIR

[matastol]

Dobrý den.
Přižel mi na skype od známého nějaký soubor (tohle je tvůj nový obrázek na profilu) a nějaký soubor rar) když jsem ho rozbalil a následně klikl tak se seklo PC a Malwarebytes Anti - Malware našel tohle?
Poradí někdo co s tím? Při tom Norton Internet Security nezaznamenal nic!



Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2012-10-07 17:29:45
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 6 GB (31%) free of 19 GB
Total RAM: 1023 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:29:51, on 7.10.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\G-VGA.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Documents and Settings\Martin\Local Settings\Data aplikací\Seznam.cz\bin\postak.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
C:\Program Files\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\RSIT\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Martin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O1 - Hosts: ˙ţ1
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VGAUtil] C:\WINDOWS\system32\G-VGA.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Freebie Notes] "C:\Program Files\Power Soft\Freebie Notes\FreebieNotes.exe"
O4 - HKCU\..\Run: [Seznam Postak] "C:\Documents and Settings\Martin\Local Settings\Data aplikací\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Kodude] C:\Documents and Settings\Martin\Data aplikací\Kodude.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save Page As PDF ... - file://C:\Program Files\Nitro PDF\PDF Download\nitroweb.htm
O9 - Extra button: (no name) - {96538116-AB8C-4879-9F21-BD2BFE22A414} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Enable/Disable PDF Download for this site - {96538116-AB8C-4879-9F21-BD2BFE22A414} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {AD9E6088-E00B-42f9-9F0C-8480525D234E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PDF Download - Options - {AD9E6088-E00B-42f9-9F0C-8480525D234E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: PDF Download - {F1C0FD6C-A6A0-49a7-A932-71A56461867F} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 7385830031
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CEEFE929-741C-4323-B7FE-C17CA6DA3A01} (WebCamX Control) - http://88.146.134.61:5550/WebCamX.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 7907 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Defraggler Volume C Task.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\cmy38d6f.default

prefs.js - "browser.startup.homepage" - "chrome://speeddial/content/speeddial.xul"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, cs@dictionaries.addons.mozilla.org:1.0.2, drobbek@shabbi.cz:1.2.1, fastdial@telega.phpnet.us:3.4, foxmarks@kei.com:3.9.9, nelinka@shabbi.cz:1.3.4, noia2_option@kk.noia:3.76, {097d3191-e6fa-4728-9826-b533d755359d}:0.7.13, {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8, {53A03D43-5363-4669-8190-99061B2DEBA5}:1.4.4, {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.6, {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323, {AE37D527-6604-461c-8102-975CF8053A2F}:0.5.3.1, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}:2.7.2, jqs@sun.com:1.0, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.6, {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.12, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, activities@kaply.com:0.7.7, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76"

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"=C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35]
"Description"=
"Path"=C:\WINDOWS\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\cmy38d6f.default\extensions\
cs@dictionaries.addons.mozilla.org
foxmarks@kei.com
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{d4e0dc9c-c356-438e-afbe-dca439f4399d}

C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\cmy38d6f.default\searchplugins\
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll [2012-07-14 509408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\IPS\IPSBHO.DLL [2012-06-21 210400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-08-28 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-28 59376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-08-28 79856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll [2012-07-14 509408]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-04 172032]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-09-12 335872]
"VGAUtil"=C:\WINDOWS\system32\G-VGA.exe [2003-10-08 544768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Freebie Notes"=C:\Program Files\Power Soft\Freebie Notes\FreebieNotes.exe [2012-01-15 5450928]
"Seznam Postak"=C:\Documents and Settings\Martin\Local Settings\Data aplikací\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Kodude"=C:\Documents and Settings\Martin\Data aplikací\Kodude.exe []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
VIA RAID TOOL.lnk - C:\Program Files\VIA\RAID\raid_tool.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2003-09-12 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Instal-Samsung PC studio\Samsung\Samsung New PC Studio\npsasvr.exe"="D:\Instal-Samsung PC studio\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"D:\Instal-Samsung PC studio\Samsung\Samsung New PC Studio\npsvsvr.exe"="D:\Instal-Samsung PC studio\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"H:\uTorrent (portable)\uTorrentPortable\App\uTorrent\uTorrent.exe"="H:\uTorrent (portable)\uTorrentPortable\App\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"H:\PROGRAMY PORTABLE !!!\uTorrent\uTorrentPortable\App\uTorrent\uTorrent.exe"="H:\PROGRAMY PORTABLE !!!\uTorrent\uTorrentPortable\App\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe"="C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"c:\program files\relevantknowledge\rlvknlg.exe"="c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Documents and Settings\Martin\Data aplikací\2YourFace\Updater.exe"="C:\Documents and Settings\Martin\Data aplikací\2YourFace\Updater.exe:*:Enabled:Updater for 2YourFace"
"H:\PROGRAMY PORTABLE !!!\uTorrent\App\uTorrent\uTorrent.exe"="H:\PROGRAMY PORTABLE !!!\uTorrent\App\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Hudba-mp3-Film\uTorrent-Portable\uTorrent\App\uTorrent\uTorrent.exe"="D:\Hudba-mp3-Film\uTorrent-Portable\uTorrent\App\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2012-10-07 16:57:50 ----A---- C:\Documents and Settings\Martin\Data aplikací\1.exe
2012-10-07 16:55:19 ----A---- C:\Documents and Settings\Martin\Data aplikací\A4.exe
2012-10-03 14:12:16 ----D---- C:\Documents and Settings\Martin\Data aplikací\vlc
2012-10-03 14:11:32 ----D---- C:\Program Files\VideoLAN
2012-10-01 17:43:23 ----D---- C:\Documents and Settings\Martin\Data aplikací\BSplayer
2012-10-01 17:19:55 ----D---- C:\Program Files\VS Revo Group
2012-10-01 14:24:21 ----D---- C:\Program Files\ESET
2012-09-11 20:06:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$
2012-09-09 14:59:13 ----RA---- C:\WINDOWS\system32\drivers\SymIM.sys
2012-09-09 14:45:16 ----D---- C:\Program Files\Symantec
2012-09-09 14:45:16 ----D---- C:\Program Files\Common Files\Symantec Shared
2012-09-09 14:45:16 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2012-09-09 14:45:16 ----A---- C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2012-09-09 14:44:46 ----D---- C:\WINDOWS\system32\drivers\NIS
2012-09-09 14:44:43 ----D---- C:\Program Files\Norton Internet Security
2012-09-09 14:44:35 ----D---- C:\Program Files\NortonInstaller
2012-09-08 22:11:35 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2012-10-07 17:29:49 ----D---- C:\Program Files\trend micro
2012-10-07 17:29:36 ----D---- C:\WINDOWS\system32\drivers
2012-10-07 17:12:24 ----D---- C:\WINDOWS
2012-10-07 17:05:11 ----D---- C:\WINDOWS\Temp
2012-10-07 16:55:47 ----D---- C:\Documents and Settings\Martin\Data aplikací\Skype
2012-10-07 16:43:28 ----D---- C:\Documents and Settings\Martin\Data aplikací\AIMP3
2012-10-07 16:42:27 ----D---- C:\Documents and Settings\Martin\Data aplikací\Audacity
2012-10-07 08:58:00 ----SHD---- C:\System Volume Information
2012-10-06 20:07:31 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-10-04 20:14:34 ----RD---- C:\Program Files
2012-10-04 20:00:59 ----D---- C:\Documents and Settings\Martin\Data aplikací\Applian FLV and Media Player
2012-10-04 15:04:38 ----D---- C:\WINDOWS\system32
2012-10-03 20:41:51 ----D---- C:\Program Files\Opera
2012-10-03 19:50:03 ----D---- C:\WINDOWS\system32\Restore
2012-10-02 22:45:44 ----D---- C:\WINDOWS\system32\CatRoot2
2012-10-02 22:39:53 ----D---- C:\Program Files\Speccy
2012-10-01 18:06:15 ----D---- C:\WINDOWS\SoftwareDistribution
2012-10-01 16:58:50 ----HD---- C:\WINDOWS\inf
2012-10-01 16:41:36 ----D---- C:\Program Files\EasyPhotoUploader
2012-10-01 14:24:25 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-09-30 21:51:33 ----A---- C:\WINDOWS\cdplayer.ini
2012-09-29 20:01:44 ----D---- C:\Program Files\Winamp
2012-09-29 20:01:40 ----A---- C:\WINDOWS\winamp.ini
2012-09-29 19:47:39 ----D---- C:\Documents and Settings\Martin\Data aplikací\BSplayer PRO
2012-09-29 15:33:33 ----D---- C:\Program Files\AnvSoft
2012-09-29 10:56:39 ----D---- C:\WINDOWS\Minidump
2012-09-29 10:15:40 ----A---- C:\WINDOWS\wincmd.ini
2012-09-29 09:07:20 ----D---- C:\WINDOWS\Resources
2012-09-27 15:16:49 ----D---- C:\Program Files\CCleaner
2012-09-27 15:09:15 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-09-23 11:56:25 ----D---- C:\Documents and Settings\Martin\Data aplikací\esmska
2012-09-22 18:37:23 ----A---- C:\WINDOWS\NeroDigital.ini
2012-09-22 08:51:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-09-22 08:51:33 ----D---- C:\Program Files\Internet Explorer
2012-09-22 08:51:06 ----HD---- C:\WINDOWS\$hf_mig$
2012-09-15 13:08:21 ----SD---- C:\Documents and Settings\Martin\Data aplikací\Microsoft
2012-09-13 13:42:47 ----A---- C:\WINDOWS\cdrLabel.ini
2012-09-11 20:11:43 ----D---- C:\WINDOWS\Debug
2012-09-11 20:07:22 ----A---- C:\WINDOWS\system32\MRT.exe
2012-09-11 20:07:16 ----SHD---- C:\WINDOWS\Installer
2012-09-11 20:07:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-09-10 21:21:46 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-09-10 21:21:46 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-09-09 14:45:16 ----D---- C:\Program Files\Common Files
2012-09-09 14:44:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2012-09-09 14:44:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2012-09-09 08:13:07 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2012-02-11 166976]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-10 716272]
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\NIS\1308000.00E\SYMDS.SYS [2011-07-25 340088]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\NIS\1308000.00E\SYMEFA.SYS [2012-05-22 924320]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2002-12-26 26880]
R0 viasraid;viasraid; C:\WINDOWS\system32\drivers\viasraid.sys [2003-06-12 75904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120928.001\BHDrvx86.sys []
R1 ccSet_NIS;Norton Internet Security Settings Manager; C:\WINDOWS\system32\drivers\NIS\1308000.00E\ccSetx86.sys [2012-06-07 132768]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1308000.00E\SRTSPX.SYS [2012-07-06 32928]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NIS\1308000.00E\Ironx86.SYS [2012-04-18 149624]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1308000.00E\SYMTDI.SYS [2012-04-18 388216]
R2 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2003-09-30 22880]
R2 PfFilter;PfFilter; \??\C:\Program Files\IObit\Protected Folder\pffilter.sys []
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-14 404736]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-15 462684]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2003-09-12 611328]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121005.002\IDSxpx86.sys []
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121006.007\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121006.007\NAVEX15.SYS []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 rtl8139;Realtek RTL8139/810X Family PCI Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2001-08-23 25434]
R3 Safetica;Safetica Encryption Driver; C:\WINDOWS\system32\DRIVERS\safetica.sys [2010-08-03 268760]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1308000.00E\SRTSP.SYS [2012-07-06 574112]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2012-04-18 44024]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 networx;networx; C:\WINDOWS\system32\drivers\networx.sys []
S3 aye66rh3;aye66rh3; C:\WINDOWS\system32\drivers\aye66rh3.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\D:\Instal - MediaCoder\SysInfo.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 grmnusb;Garmin USB Driver; C:\WINDOWS\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 PROCEXP151;PROCEXP151; \??\C:\WINDOWS\system32\Drivers\PROCEXP151.SYS []
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2012-04-18 44024]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S4 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2003-09-12 376832]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-08-28 153584]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe [2012-06-16 138272]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [2012-07-25 681056]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-10-28 2156952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2003-09-12 114688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-26 250568]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-08 114144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [2012-07-25 1326176]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Rudy]

Zdravím!
To, co nalezl MBAM, smažte. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[matastol]

OK jdu na to.

[matastol]

Tak tady to je ?

ComboFix 12-10-04.02 - Martin 07.10.2012 17:50:33.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.489 [GMT 2:00]
Spuštěný z: c:\documents and settings\Martin\Plocha\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Martin\WINDOWS
c:\windows\system32\SET44.tmp
c:\windows\system32\SET4A.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-07 do 2012-10-07 )))))))))))))))))))))))))))))))
.
.
2012-10-03 12:12 . 2012-10-07 11:51 -------- d-----w- c:\documents and settings\Martin\Data aplikací\vlc
2012-10-03 12:11 . 2012-10-03 12:11 -------- d-----w- c:\program files\VideoLAN
2012-10-01 15:43 . 2012-10-01 15:55 -------- d-----w- c:\documents and settings\Martin\Data aplikací\BSplayer
2012-10-01 15:19 . 2012-10-01 15:19 -------- d-----w- c:\program files\VS Revo Group
2012-10-01 14:58 . 2012-10-01 14:58 -------- d-----w- c:\documents and settings\Martin\Local Settings\Data aplikací\VS Revo Group
2012-10-01 12:24 . 2012-10-01 12:24 -------- d-----w- c:\program files\ESET
2012-09-09 12:59 . 2012-04-18 02:13 44024 ----a-r- c:\windows\system32\drivers\SymIM.sys
2012-09-09 12:45 . 2012-09-09 13:04 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2012-09-09 12:45 . 2012-09-09 13:04 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-09-09 12:45 . 2012-09-09 13:04 -------- d-----w- c:\program files\Symantec
2012-09-09 12:45 . 2012-09-09 12:59 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-09-09 12:44 . 2012-10-02 17:52 -------- d-----w- c:\windows\system32\drivers\NIS
2012-09-09 12:44 . 2012-09-09 12:44 -------- d-----w- c:\program files\Norton Internet Security
2012-09-09 12:44 . 2012-09-09 12:44 -------- d-----w- c:\program files\NortonInstaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-07 15:04 . 2012-01-31 18:49 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-28 18:24 . 2012-06-25 17:55 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-28 18:24 . 2010-04-20 17:44 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-28 16:39 . 2012-06-25 17:55 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-08-28 15:18 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-08-26 12:37 . 2012-04-11 13:38 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-26 12:37 . 2011-05-16 14:34 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-08 20:11 . 2012-09-08 20:11 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Freebie Notes"="c:\program files\Power Soft\Freebie Notes\FreebieNotes.exe" [2012-01-15 5450928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-09-12 335872]
"VGAUtil"="c:\windows\system32\G-VGA.exe" [2003-10-08 544768]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
VIA RAID TOOL.lnk - c:\program files\VIA\RAID\raid_tool.exe [2010-4-9 561152]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Hudba-mp3-Film\\uTorrent-Portable\\uTorrent\\App\\uTorrent\\uTorrent.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.4.2010 8:19 716272]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1308000.00E\symds.sys [9.9.2012 15:03 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1308000.00E\symefa.sys [9.9.2012 15:03 924320]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [7.9.2006 21:41 75904]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120928.001\BHDrvx86.sys [1.10.2012 18:49 995488]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1308000.00E\ccsetx86.sys [9.9.2012 15:03 132768]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1308000.00E\ironx86.sys [9.9.2012 15:03 149624]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.8.0.14\ccsvchst.exe [9.9.2012 15:03 138272]
R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [6.10.2011 18:27 140848]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [25.7.2012 10:46 681056]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis;c:\program files\Acronis\DiskDirector\OSS\reinstall_svc.exe [28.10.2010 20:31 2156952]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [29.9.2012 7:54 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121005.002\IDSXpx86.sys [6.10.2012 9:17 373728]
R3 Safetica;Safetica Encryption Driver;c:\windows\system32\drivers\safetica.sys [3.8.2010 11:32 268760]
S1 networx;networx;c:\windows\system32\drivers\networx.sys --> c:\windows\system32\drivers\networx.sys [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [7.6.2012 19:12 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11.4.2012 15:38 250568]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [10.4.2010 12:03 36608]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [30.4.2012 20:42 114144]
S3 PROCEXP151;PROCEXP151;\??\c:\windows\system32\Drivers\PROCEXP151.SYS --> c:\windows\system32\Drivers\PROCEXP151.SYS [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [1.9.2010 10:30 15544]
S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [25.7.2012 10:46 1326176]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [10.4.2010 12:06 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [10.4.2010 12:06 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [10.4.2010 12:06 121856]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 12:37]
.
2012-10-07 c:\windows\Tasks\Defraggler Volume C Task.job
- c:\program files\Defraggler\df.exe [2012-06-06 13:14]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Save Page As PDF ... - file://c:\program files\Nitro PDF\PDF Download\nitroweb.htm
TCP: DhcpNameServer = 192.168.2.1
DPF: {CEEFE929-741C-4323-B7FE-C17CA6DA3A01} - hxxp://88.146.134.61:5550/WebCamX.cab
FF - ProfilePath - c:\documents and settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\cmy38d6f.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-07 17:56
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
Binary file raw_enum.dat matches
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(836)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2012-10-07 17:58:59
ComboFix-quarantined-files.txt 2012-10-07 15:58
.
Před spuštěním: 6 138 757 120
Po spuštění: 6 103 486 464
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - D1963B397EF3544D9EFC62A3AB8EF7EC

[matastol]

Tohle se objevilo v nabídce start, mám to smazat?

[Rudy]

Tu položku ve startu smažte. Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[matastol]

Tak tady je log:

ComboFix 12-10-04.02 - Martin 07.10.2012 18:59:09.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.501 [GMT 2:00]
Spuštěný z: c:\documents and settings\Martin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Martin\Plocha\CFScript.txt..txt
AV: Norton Internet Security *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-07 do 2012-10-07 )))))))))))))))))))))))))))))))
.
.
2012-10-03 12:12 . 2012-10-07 11:51 -------- d-----w- c:\documents and settings\Martin\Data aplikací\vlc
2012-10-03 12:11 . 2012-10-03 12:11 -------- d-----w- c:\program files\VideoLAN
2012-10-01 15:43 . 2012-10-01 15:55 -------- d-----w- c:\documents and settings\Martin\Data aplikací\BSplayer
2012-10-01 15:19 . 2012-10-01 15:19 -------- d-----w- c:\program files\VS Revo Group
2012-10-01 14:58 . 2012-10-01 14:58 -------- d-----w- c:\documents and settings\Martin\Local Settings\Data aplikací\VS Revo Group
2012-10-01 12:24 . 2012-10-01 12:24 -------- d-----w- c:\program files\ESET
2012-09-09 12:59 . 2012-04-18 02:13 44024 ----a-r- c:\windows\system32\drivers\SymIM.sys
2012-09-09 12:45 . 2012-09-09 13:04 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2012-09-09 12:45 . 2012-09-09 13:04 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-09-09 12:45 . 2012-09-09 13:04 -------- d-----w- c:\program files\Symantec
2012-09-09 12:45 . 2012-09-09 12:59 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-09-09 12:44 . 2012-10-02 17:52 -------- d-----w- c:\windows\system32\drivers\NIS
2012-09-09 12:44 . 2012-09-09 12:44 -------- d-----w- c:\program files\Norton Internet Security
2012-09-09 12:44 . 2012-09-09 12:44 -------- d-----w- c:\program files\NortonInstaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-07 15:04 . 2012-01-31 18:49 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-28 18:24 . 2012-06-25 17:55 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-28 18:24 . 2010-04-20 17:44 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-28 16:39 . 2012-06-25 17:55 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-08-28 15:18 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-08-26 12:37 . 2012-04-11 13:38 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-26 12:37 . 2011-05-16 14:34 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-08 20:11 . 2012-09-08 20:11 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Freebie Notes"="c:\program files\Power Soft\Freebie Notes\FreebieNotes.exe" [2012-01-15 5450928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 172032]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-09-12 335872]
"VGAUtil"="c:\windows\system32\G-VGA.exe" [2003-10-08 544768]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
VIA RAID TOOL.lnk - c:\program files\VIA\RAID\raid_tool.exe [2010-4-9 561152]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Hudba-mp3-Film\\uTorrent-Portable\\uTorrent\\App\\uTorrent\\uTorrent.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.4.2010 8:19 716272]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1308000.00E\symds.sys [9.9.2012 15:03 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1308000.00E\symefa.sys [9.9.2012 15:03 924320]
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [7.9.2006 21:41 75904]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120928.001\BHDrvx86.sys [1.10.2012 18:49 995488]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1308000.00E\ccsetx86.sys [9.9.2012 15:03 132768]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1308000.00E\ironx86.sys [9.9.2012 15:03 149624]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.8.0.14\ccsvchst.exe [9.9.2012 15:03 138272]
R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [6.10.2011 18:27 140848]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [25.7.2012 10:46 681056]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis;c:\program files\Acronis\DiskDirector\OSS\reinstall_svc.exe [28.10.2010 20:31 2156952]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [29.9.2012 7:54 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121005.002\IDSXpx86.sys [6.10.2012 9:17 373728]
R3 Safetica;Safetica Encryption Driver;c:\windows\system32\drivers\safetica.sys [3.8.2010 11:32 268760]
S1 networx;networx;c:\windows\system32\drivers\networx.sys --> c:\windows\system32\drivers\networx.sys [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [7.6.2012 19:12 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11.4.2012 15:38 250568]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [10.4.2010 12:03 36608]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [30.4.2012 20:42 114144]
S3 PROCEXP151;PROCEXP151;\??\c:\windows\system32\Drivers\PROCEXP151.SYS --> c:\windows\system32\Drivers\PROCEXP151.SYS [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [1.9.2010 10:30 15544]
S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [25.7.2012 10:46 1326176]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [10.4.2010 12:06 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [10.4.2010 12:06 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [10.4.2010 12:06 121856]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 12:37]
.
2012-10-07 c:\windows\Tasks\Defraggler Volume C Task.job
- c:\program files\Defraggler\df.exe [2012-06-06 13:14]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Save Page As PDF ... - file://c:\program files\Nitro PDF\PDF Download\nitroweb.htm
TCP: DhcpNameServer = 192.168.2.1
DPF: {CEEFE929-741C-4323-B7FE-C17CA6DA3A01} - hxxp://88.146.134.61:5550/WebCamX.cab
FF - ProfilePath - c:\documents and settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\cmy38d6f.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-07 19:08
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
Binary file raw_enum.dat matches
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(836)
c:\windows\system32\sxs.dll
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2988)
c:\program files\RocketDock\RocketDock.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-10-07 19:10:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-07 17:10
ComboFix2.txt 2012-10-07 15:59
.
Před spuštěním: 6 129 065 984
Po spuštění: 6 109 286 400
.
- - End Of File - - 92098549E6BB6137D0DEDB69BBEEE62C

[matastol]

Ještě jsem se chtěl zeptat pokud bude všechno OK, můžu skype bez problémů používat není nutné skype třeba přeinstalovat? Děkuji.

[Rudy]

Log již vypadá OK. U skype jen smažte cache.

[matastol]

- Ty cache mám smazat jak?
- OK, děkuji za spolupráci a za pomoc. Rád by jsem ComboFix odinstaloval ona ta ikona programu na ploše je vyzývavá PC používá i dcera nerad by jsem aby ze zvědavosti došlo k zpuštění ComboFixu. Můžu postupovat podle tohoto návodu?

Kód: Vybrat vše

http://forum.viry.cz/viewtopic.php?p=1151119#p1151119

Děkuji

[Rudy]

1. Nástroje>nastavení>soukromí. Smazat historii a cookies.
2. K vyčištění použijte T-Cleaner: http://www.uloz.to/xGq1Wbe/t-cleaner-exe .

[matastol]

OK, provedeno pro jistotu ještě kontrolní log po vyčištění z RSIT.
Za všechny Vaše rady a hlavně za Váš čas mooooc děkuji, měj Te se.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2012-10-07 19:53:02
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 6 GB (32%) free of 19 GB
Total RAM: 1023 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:53:08, on 7.10.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\G-VGA.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\RSIT\RSIT.exe
C:\Program Files\trend micro\Martin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [VGAUtil] C:\WINDOWS\system32\G-VGA.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Freebie Notes] "C:\Program Files\Power Soft\Freebie Notes\FreebieNotes.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save Page As PDF ... - file://C:\Program Files\Nitro PDF\PDF Download\nitroweb.htm
O9 - Extra button: (no name) - {96538116-AB8C-4879-9F21-BD2BFE22A414} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Enable/Disable PDF Download for this site - {96538116-AB8C-4879-9F21-BD2BFE22A414} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {AD9E6088-E00B-42f9-9F0C-8480525D234E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PDF Download - Options - {AD9E6088-E00B-42f9-9F0C-8480525D234E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: PDF Download - {F1C0FD6C-A6A0-49a7-A932-71A56461867F} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 7385830031
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CEEFE929-741C-4323-B7FE-C17CA6DA3A01} (WebCamX Control) - http://88.146.134.61:5550/WebCamX.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 7358 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Defraggler Volume C Task.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\cmy38d6f.default

prefs.js - "browser.startup.homepage" - "chrome://speeddial/content/speeddial.xul"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, cs@dictionaries.addons.mozilla.org:1.0.2, drobbek@shabbi.cz:1.2.1, fastdial@telega.phpnet.us:3.4, foxmarks@kei.com:3.9.9, nelinka@shabbi.cz:1.3.4, noia2_option@kk.noia:3.76, {097d3191-e6fa-4728-9826-b533d755359d}:0.7.13, {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8, {53A03D43-5363-4669-8190-99061B2DEBA5}:1.4.4, {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5.6, {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323, {AE37D527-6604-461c-8102-975CF8053A2F}:0.5.3.1, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}:2.7.2, jqs@sun.com:1.0, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.2, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.6, {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.12, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, activities@kaply.com:0.7.7, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76"

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"=C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.265 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35]
"Description"=
"Path"=C:\WINDOWS\system32\npdeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\cmy38d6f.default\extensions\
cs@dictionaries.addons.mozilla.org
foxmarks@kei.com
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{d4e0dc9c-c356-438e-afbe-dca439f4399d}

C:\Documents and Settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\cmy38d6f.default\searchplugins\
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll [2012-07-14 509408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\IPS\IPSBHO.DLL [2012-06-21 210400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-08-28 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-28 59376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-08-28 79856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll [2012-07-14 509408]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-04 172032]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-09-12 335872]
"VGAUtil"=C:\WINDOWS\system32\G-VGA.exe [2003-10-08 544768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Freebie Notes"=C:\Program Files\Power Soft\Freebie Notes\FreebieNotes.exe [2012-01-15 5450928]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
VIA RAID TOOL.lnk - C:\Program Files\VIA\RAID\raid_tool.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2003-09-12 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Hudba-mp3-Film\uTorrent-Portable\uTorrent\App\uTorrent\uTorrent.exe"="D:\Hudba-mp3-Film\uTorrent-Portable\uTorrent\App\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll

======List of files/folders created in the last 1 month======

2012-10-07 19:52:21 ----D---- C:\RSIT
2012-10-07 19:40:29 ----SHD---- C:\RECYCLER
2012-10-07 17:48:29 ----RASHD---- C:\cmdcons
2012-10-03 14:12:16 ----D---- C:\Documents and Settings\Martin\Data aplikací\vlc
2012-10-03 14:11:32 ----D---- C:\Program Files\VideoLAN
2012-10-01 17:43:23 ----D---- C:\Documents and Settings\Martin\Data aplikací\BSplayer
2012-10-01 17:19:55 ----D---- C:\Program Files\VS Revo Group
2012-10-01 14:24:21 ----D---- C:\Program Files\ESET
2012-09-11 20:06:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$
2012-09-09 14:59:13 ----RA---- C:\WINDOWS\system32\drivers\SymIM.sys
2012-09-09 14:45:16 ----D---- C:\Program Files\Symantec
2012-09-09 14:45:16 ----D---- C:\Program Files\Common Files\Symantec Shared
2012-09-09 14:45:16 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2012-09-09 14:45:16 ----A---- C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2012-09-09 14:44:46 ----D---- C:\WINDOWS\system32\drivers\NIS
2012-09-09 14:44:43 ----D---- C:\Program Files\Norton Internet Security
2012-09-09 14:44:35 ----D---- C:\Program Files\NortonInstaller
2012-09-08 22:11:35 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2012-10-07 19:53:08 ----D---- C:\Program Files\trend micro
2012-10-07 19:52:57 ----D---- C:\WINDOWS\Temp
2012-10-07 19:49:22 ----SHD---- C:\System Volume Information
2012-10-07 19:48:24 ----D---- C:\WINDOWS\SoftwareDistribution
2012-10-07 19:48:10 ----D---- C:\WINDOWS
2012-10-07 19:46:23 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-10-07 19:45:56 ----D---- C:\WINDOWS\Prefetch
2012-10-07 19:42:59 ----D---- C:\WINDOWS\system32\Restore
2012-10-07 19:34:53 ----D---- C:\Documents and Settings\Martin\Data aplikací\Skype
2012-10-07 19:10:43 ----D---- C:\WINDOWS\system32\drivers
2012-10-07 19:07:38 ----A---- C:\WINDOWS\system.ini
2012-10-07 19:07:13 ----D---- C:\WINDOWS\system32\drivers\etc
2012-10-07 19:02:22 ----D---- C:\WINDOWS\system32
2012-10-07 19:02:22 ----D---- C:\WINDOWS\AppPatch
2012-10-07 19:02:19 ----D---- C:\Program Files\Common Files
2012-10-07 17:49:24 ----D---- C:\WINDOWS\system32\CatRoot2
2012-10-07 17:48:33 ----RASH---- C:\boot.ini
2012-10-07 17:42:09 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$
2012-10-07 16:43:28 ----D---- C:\Documents and Settings\Martin\Data aplikací\AIMP3
2012-10-07 16:42:27 ----D---- C:\Documents and Settings\Martin\Data aplikací\Audacity
2012-10-04 20:14:34 ----RD---- C:\Program Files
2012-10-04 20:00:59 ----D---- C:\Documents and Settings\Martin\Data aplikací\Applian FLV and Media Player
2012-10-03 20:41:51 ----D---- C:\Program Files\Opera
2012-10-02 22:39:53 ----D---- C:\Program Files\Speccy
2012-10-01 16:58:50 ----HD---- C:\WINDOWS\inf
2012-10-01 16:41:36 ----D---- C:\Program Files\EasyPhotoUploader
2012-10-01 14:24:25 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-09-30 21:51:33 ----A---- C:\WINDOWS\cdplayer.ini
2012-09-29 20:01:44 ----D---- C:\Program Files\Winamp
2012-09-29 20:01:40 ----A---- C:\WINDOWS\winamp.ini
2012-09-29 19:47:39 ----D---- C:\Documents and Settings\Martin\Data aplikací\BSplayer PRO
2012-09-29 15:33:33 ----D---- C:\Program Files\AnvSoft
2012-09-29 10:56:39 ----D---- C:\WINDOWS\Minidump
2012-09-29 10:15:40 ----A---- C:\WINDOWS\wincmd.ini
2012-09-29 09:07:20 ----D---- C:\WINDOWS\Resources
2012-09-27 15:16:49 ----D---- C:\Program Files\CCleaner
2012-09-27 15:09:15 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-09-23 11:56:25 ----D---- C:\Documents and Settings\Martin\Data aplikací\esmska
2012-09-22 18:37:23 ----A---- C:\WINDOWS\NeroDigital.ini
2012-09-22 08:51:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-09-22 08:51:33 ----D---- C:\Program Files\Internet Explorer
2012-09-22 08:51:06 ----HD---- C:\WINDOWS\$hf_mig$
2012-09-15 13:08:21 ----SD---- C:\Documents and Settings\Martin\Data aplikací\Microsoft
2012-09-13 13:42:47 ----A---- C:\WINDOWS\cdrLabel.ini
2012-09-11 20:11:43 ----D---- C:\WINDOWS\Debug
2012-09-11 20:07:22 ----A---- C:\WINDOWS\system32\MRT.exe
2012-09-11 20:07:16 ----SHD---- C:\WINDOWS\Installer
2012-09-11 20:07:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-09-10 21:21:46 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-09-10 21:21:46 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-09-09 14:44:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2012-09-09 14:44:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2012-09-09 08:13:07 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2012-02-11 166976]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-10 716272]
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\NIS\1308000.00E\SYMDS.SYS [2011-07-25 340088]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\NIS\1308000.00E\SYMEFA.SYS [2012-05-22 924320]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2002-12-26 26880]
R0 viasraid;viasraid; C:\WINDOWS\system32\drivers\viasraid.sys [2003-06-12 75904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120928.001\BHDrvx86.sys []
R1 ccSet_NIS;Norton Internet Security Settings Manager; C:\WINDOWS\system32\drivers\NIS\1308000.00E\ccSetx86.sys [2012-06-07 132768]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1308000.00E\SRTSPX.SYS [2012-07-06 32928]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NIS\1308000.00E\Ironx86.SYS [2012-04-18 149624]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1308000.00E\SYMTDI.SYS [2012-04-18 388216]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2003-09-30 22880]
R2 PfFilter;PfFilter; \??\C:\Program Files\IObit\Protected Folder\pffilter.sys []
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-14 404736]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-15 462684]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2003-09-12 611328]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121005.002\IDSxpx86.sys []
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121006.007\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121006.007\NAVEX15.SYS []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 rtl8139;Realtek RTL8139/810X Family PCI Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2001-08-23 25434]
R3 Safetica;Safetica Encryption Driver; C:\WINDOWS\system32\DRIVERS\safetica.sys [2010-08-03 268760]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1308000.00E\SRTSP.SYS [2012-07-06 574112]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2012-04-18 44024]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 networx;networx; C:\WINDOWS\system32\drivers\networx.sys []
S3 amp0cex9;amp0cex9; C:\WINDOWS\system32\drivers\amp0cex9.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\D:\Instal - MediaCoder\SysInfo.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 grmnusb;Garmin USB Driver; C:\WINDOWS\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 PROCEXP151;PROCEXP151; \??\C:\WINDOWS\system32\Drivers\PROCEXP151.SYS []
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2012-04-18 44024]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2003-09-12 376832]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-08-28 153584]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe [2012-06-16 138272]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [2012-07-25 681056]
R2 Správce výběru OS;Aktivátor Správce výběru OS Acronis; C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe [2010-10-28 2156952]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2003-09-12 114688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-26 250568]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-08 114144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [2012-07-25 1326176]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Rudy]

Log již vypadá čistý. Nemáte zač a zamykám!