Prosím o kontrolu logu

[byczech]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Pavel2 at 2012-12-15 01:20:34
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 14 GB (12%) free of 120 GB
Total RAM: 3058 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:20:42, on 15.12.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\SUPERAntiSpyware\SASCORE.EXE
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
D:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
D:\Program Files\Java\jre7\bin\jqs.exe
D:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Common Files\Protexis\License Service\PSIService.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
D:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RunDLL32.exe
D:\PROGRAM FILES\WESTERN DIGITAL TECHNOLOGIES\SPINDOWN\EXSPINDN.EXE
D:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\RocketDock\RocketDock.exe
D:\Program Files\D-Link AirPlus\AirPlus.exe
D:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Documents and Settings\Pavel2\Data aplikací\Dropbox\bin\Dropbox.exe
D:\Program Files\Mozilla Thunderbird\thunderbird.exe
D:\WINDOWS\explorer.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Plocha\RSIT.exe
D:\Program Files\trend micro\Pavel2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WD Spindown Utility] "D:\PROGRAM FILES\WESTERN DIGITAL TECHNOLOGIES\SPINDOWN\EXSPINDN.EXE"
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "D:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-21-1935655697-746137067-682003330-1006\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - Startup: Dropbox.lnk = ?
O4 - Global Startup: D-Link AirPlus.lnk = ?
O4 - Global Startup: forteManager.lnk = ?
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - D:\Program Files\Xilisoft\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: Download with Xilisoft YouTube Video Converter - D:\Program Files\Xilisoft\YouTube Video Converter\upod_link.HTM
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Stáhnout Star Downloaderem - D:\PROGRA~1\STARDO~1\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - D:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 5932919739
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2842202984
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoodSync Server (GsServer) - Unknown owner - D:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - D:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - D:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MX-3 B-Cup XP (Mx-3 B-Cup Service) - n.v.t. MX-3 - D:\WINDOWS\system32\Mx-3 B-Cup Service.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: ProtexisLicensing - Unknown owner - D:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - D:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: TomTomHOMEService - TomTom - D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - D:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 11902 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\Adobe Flash Player Updater.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-746137067-682003330-1003Core1cc90164ada5b6a.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-746137067-682003330-1003UA.job
D:\WINDOWS\tasks\User_Feed_Synchronization-{50987921-B039-49AD-8EE9-68F23EE5EBDF}.job

=========Mozilla firefox=========

ProfilePath - D:\Documents and Settings\Pavel2\Data aplikací\Mozilla\Firefox\Profiles\w4z2juqw.default

prefs.js - "browser.startup.homepage" - "http://webmail.forpsi.com/index.html"
prefs.js - "extensions.enabledItems" - "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60, {AA052FD6-366A-4771-A591-0D8DC551585D}:1.1.20, {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.2.2, piclens@cooliris.com:1.12.2.44026, cs@dictionaries.addons.mozilla.org:1.0.2, {B6533577-46BD-4520-9FF8-F0513A30C2A3}:1.1, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1, {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10, {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2, {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03, {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05, {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, jqs@sun.com:1.0, {75CEEE46-9B64-46f8-94BF-54012DE155F0}:0.4.6, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, ramback@pavlov.net:1.0, ranky@ranky.cz:0.2, {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1, seo4firefox@seobook.com:3.4.2, {350d7dcc-3edb-11da-94f5-00e08161165f}:2.0.7, statusbuttons@clav.mozdev.org:3.0, {03B08592-E5B4-45ff-A0BE-C1D975458688}:1.0, {2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0}:1.2.5.1, {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5, {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.3, {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9, {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3, cache@status.org:0.7.9, {A4732521-77D9-447E-A557-B279AC923F06}:0.6.8, {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "chrome://browser-region/locale/region.properties"

"{20a82645-c095-46ed-80e3-08825760534b}"=D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.135 Plugin
"Path"=D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=D:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=D:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=D:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=D:\Program Files\Real Alternative\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=D:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=D:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=D:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=D:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll

D:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

D:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npCortona.xpt
nppl3260.xpt
nsJSRealPlayerPlugin.xpt

D:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npCortona.dll
npigl.dll
npigl.xpt
NPOFFICE.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
nprpjplug.dll
npstar.dll
npUpload.xpt
npyaxmpb.dll
np_gp.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

D:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

D:\Documents and Settings\Pavel2\Data aplikací\Mozilla\Firefox\Profiles\w4z2juqw.default\extensions\
cs@dictionaries.addons.mozilla.org
piclens@cooliris.com
ramback@pavlov.net
ranky@ranky.cz
statusbuttons@clav.mozdev.org
temp
{03B08592-E5B4-45ff-A0BE-C1D975458688}
{03B08592-E5B4-45ff-A0BE-C1D975458688}(2)
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}(2)
{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
{20a82645-c095-46ed-80e3-08825760534b}
{2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0}(2)
{350d7dcc-3edb-11da-94f5-00e08161165f}
{3cd27e92-1a30-11da-94c6-00e08161165f}
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
{7b13ec3e-999a-4b70-b9cb-2617b8323822}
{89506680-e3f4-484c-a2c0-ed711d481eda}(2)
{95f24680-9e31-11da-a746-0800200c9a66}
{a7c6cf7f-112c-4500-a7ea-39801a327e5f}(2)
{ada4b710-8346-4b82-8199-5de2b400a6ae}(2)
{B6533577-46BD-4520-9FF8-F0513A30C2A3}
{c45c406e-ab73-11d8-be73-000a95be3b12}
{dd69bf83-72cf-4207-bb6d-5c91376af17e}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
{e968fc70-8f95-4ab9-9e79-304de2a71ee1}

D:\Documents and Settings\Pavel2\Data aplikací\Mozilla\Firefox\Profiles\w4z2juqw.default\searchplugins\
bing.xml
filezcom.xml
torrent-finder.xml
userlogos.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\Java\jre7\bin\ssv.dll [2012-09-24 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-24 155384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2010-11-16 19722344]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2011-08-03 13892200]
"WD Spindown Utility"=D:\PROGRAM FILES\WESTERN DIGITAL TECHNOLOGIES\SPINDOWN\EXSPINDN.EXE [2004-08-09 278528]
"HP Software Update"=D:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"Adobe ARM"=D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"egui"=D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-10-23 5074384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-05-23 133104]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RocketDock"=D:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"TomTomHOME.exe"=D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2012-08-28 247768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
d:\program files\adobe\reader 9.0\reader\reader_sl.exe [2011-09-07 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
d:\program files\nvidia corporation\nview\nwiz.exe [2011-07-05 1632360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
d:\program files\rocketdock\rocketdock.exe [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RunMMD]
D:\Program Files\Mio\MMD2\RunMMD.exe [2010-05-17 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
D:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2012-05-31 445624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
d:\program files\tomtom home 2\tomtomhomerunner.exe [2012-08-28 247768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Spindown Utility]
d:\program files\western digital technologies\spindown\exspindn.exe [2004-08-09 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Pavel2^Nabídka Start^Programy^Po spuštění^Landi 11.lnk]
D:\PROGRA~1\LANDI1~1\Landi11.exe [2011-01-26 2691072]

D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
D-Link AirPlus.lnk - D:\Program Files\D-Link AirPlus\AirPlus.exe
forteManager.lnk - D:\Program Files\LG Soft India\forteManager\bin\Monitor.exe

D:\Documents and Settings\Pavel2\Nabídka Start\Programy\Po spuštění
Dropbox.lnk - D:\Documents and Settings\Pavel2\Data aplikací\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll [2010-06-22 202088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=D:\PROGRA~1\DVDREG~1\DVDShell.dll [2004-10-09 49152]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=383
"NoDrives"=0
"HonorAutoRunSetting"=1
"NoResolveTrack"=0
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoFind"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Documents and Settings\Pavel2\Data aplikací\Dropbox\bin\Dropbox.exe"="D:\Documents and Settings\Pavel2\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"D:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe"="D:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:Instalace zařízení HP"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Siber Systems\GoodSync\GoodSync.exe"="D:\Program Files\Siber Systems\GoodSync\GoodSync.exe:*:Enabled:GoodSync"
"D:\Program Files\Siber Systems\GoodSync\GsExplorer.exe"="D:\Program Files\Siber Systems\GoodSync\GsExplorer.exe:*:Enabled:GoodSync Explorer"
"D:\Program Files\Siber Systems\GoodSync\Gs-Server.exe"="D:\Program Files\Siber Systems\GoodSync\Gs-Server.exe:*:Enabled:GoodSync Server"
"D:\Documents and Settings\Pavel2\Local Settings\temp\7zS8F.tmp\SymNRT.exe"="D:\Documents and Settings\Pavel2\Local Settings\temp\7zS8F.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=D:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"MSVideo8"=VfWWDM32.dll
"vidc.yv12"=yv12vfw.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"VIDC.FMVC"=fmcodec.dll
"wave4"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-12-15 01:20:34 ----D---- D:\rsit
2012-12-12 20:19:12 ----HDC---- D:\WINDOWS\$NtUninstallKB2758857$
2012-12-12 20:19:05 ----HDC---- D:\WINDOWS\$NtUninstallKB2779030$
2012-12-12 20:19:00 ----HDC---- D:\WINDOWS\$NtUninstallKB2779562$
2012-12-12 20:18:11 ----HDC---- D:\WINDOWS\$NtUninstallKB2753842$
2012-12-12 20:18:05 ----HDC---- D:\WINDOWS\$NtUninstallKB2770660$
2012-11-20 17:57:40 ----D---- D:\Program Files\Mozilla Thunderbird

======List of files/folders modified in the last 1 month======

2012-12-15 01:20:34 ----D---- D:\Program Files\trend micro
2012-12-15 01:18:08 ----D---- D:\WINDOWS\Temp
2012-12-14 20:03:49 ----D---- D:\WINDOWS\system32
2012-12-14 19:18:33 ----D---- D:\Documents and Settings\Pavel2\Data aplikací\Dropbox
2012-12-14 19:17:03 ----D---- D:\WINDOWS\Prefetch
2012-12-14 19:16:21 ----A---- D:\WINDOWS\system32\log.txt
2012-12-13 19:04:46 ----D---- D:\WINDOWS
2012-12-13 00:13:15 ----D---- D:\WINDOWS\system32\CatRoot2
2012-12-12 20:19:59 ----SHD---- D:\WINDOWS\Installer
2012-12-12 20:19:59 ----D---- D:\Config.Msi
2012-12-12 20:19:16 ----HD---- D:\WINDOWS\inf
2012-12-12 20:19:14 ----RSHDC---- D:\WINDOWS\system32\dllcache
2012-12-12 20:19:08 ----A---- D:\WINDOWS\imsins.BAK
2012-12-12 20:17:44 ----D---- D:\Program Files\Internet Explorer
2012-12-12 20:17:18 ----HD---- D:\WINDOWS\$hf_mig$
2012-12-12 20:15:28 ----A---- D:\WINDOWS\system32\MRT.exe
2012-12-11 21:51:10 ----D---- D:\Documents and Settings\All Users\Data aplikací\Watermark Factory
2012-12-11 21:46:47 ----A---- D:\WINDOWS\system32\FlashPlayerApp.exe
2012-12-09 13:08:35 ----D---- D:\WINDOWS\system32\drivers
2012-12-08 20:05:09 ----D---- D:\WINDOWS\Cursors
2012-12-08 19:53:47 ----D---- D:\Program Files\Malwarebytes' Anti-Malware
2012-12-06 11:01:00 ----A---- D:\WINDOWS\NeroDigital.ini
2012-12-01 14:13:26 ----D---- D:\Documents and Settings\Pavel2\Data aplikací\MediaMonkey
2012-12-01 09:40:31 ----SD---- D:\WINDOWS\Tasks
2012-12-01 09:40:31 ----D---- D:\Program Files\Google
2012-11-22 23:29:05 ----D---- D:\Documents and Settings\Pavel2\Data aplikací\FileZilla
2012-11-20 17:57:59 ----D---- D:\Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mv61xx;mv61xx; D:\WINDOWS\system32\DRIVERS\mv61xx.sys [2010-10-06 156200]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; D:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; D:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-01-11 239368]
R1 cmdHlp;COMODO Internet Security Helper Driver; D:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-01-11 27576]
R1 eamon;eamon; D:\WINDOWS\system32\DRIVERS\eamon.sys [2012-10-08 159832]
R1 ehdrv;ehdrv; D:\WINDOWS\system32\DRIVERS\ehdrv.sys [2012-10-08 121216]
R1 epfwtdir;epfwtdir; D:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2012-10-08 104736]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ISODrive;ISO CD-ROM Device Driver; \??\D:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\D:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; D:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 npf;NetGroup Packet Filter Driver; D:\WINDOWS\system32\drivers\npf.sys [2011-08-21 35088]
R3 AIRPLUS;D-Link AirPlus Wireless Adapter; D:\WINDOWS\system32\DRIVERS\airplus.sys [2003-09-08 255360]
R3 asmthub3;ASMedia USB3 Hub Service; D:\WINDOWS\system32\DRIVERS\asmthub3.sys [2010-12-08 95720]
R3 asmtxhci;ASMEDIA XHCI Service; D:\WINDOWS\system32\DRIVERS\asmtxhci.sys [2010-12-08 292840]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-11-23 6203496]
R3 LGDDCDevice;LGDDCDevice; \??\D:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys []
R3 MEI;Intel(R) Management Engine Interface; D:\WINDOWS\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-08-03 12542592]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; D:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-09-09 234728]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 MpKsl122ec0d7;MpKsl122ec0d7; D:\WINDOWS\system32\drivers\MpKsl122ec0d7.sys []
S1 MpKsld00fdf5c;MpKsld00fdf5c; D:\WINDOWS\system32\drivers\MpKsld00fdf5c.sys []
S1 MpKsld63d81d0;MpKsld63d81d0; D:\WINDOWS\system32\drivers\MpKsld63d81d0.sys []
S1 SBRE;SBRE; D:\WINDOWS\system32\drivers\SBRE.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; D:\WINDOWS\system32\drivers\Ad-Watch Connect Filter.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
S3 Ambfilt;Ambfilt; D:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Arp1394;Protokol 1394 ARP Client; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EC168BDA;TVGo DVB-T02PRO; D:\WINDOWS\system32\DRIVERS\EC168BDA.sys [2007-05-18 67968]
S3 FlyPCI;FlyPCI; \??\D:\WINDOWS\system32\drivers\FlyPCI.sys []
S3 genmcmn;Scroll Mouse Driver; D:\WINDOWS\system32\DRIVERS\gmfiltr.sys []
S3 GVCplDrv;GVCplDrv; D:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 i81x;i81x; D:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-03 161020]
S3 LGII2CDevice;LGII2CDevice; \??\D:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys []
S3 Monfilt;Monfilt; D:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MPE;Filtr MPE BDA; D:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; D:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 pcouffin;VSO Software pcouffin; D:\WINDOWS\System32\Drivers\pcouffin.sys [2007-11-25 47360]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); D:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 w200bus;Sony Ericsson W200 driver (WDM); D:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; D:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; D:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM); D:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; D:\WINDOWS\system32\DRIVERS\w200obex.sys []
S3 wceusbsh;Windows CE USB Serial Host Driver; D:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2005-06-14 104576]
S3 WSTCODEC;Dálnopisný kodek světového standardu; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; D:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-10-18 116608]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; D:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ekrn;ESET Service; D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2012-10-23 1329304]
R2 GsServer;GoodSync Server; D:\Program Files\Siber Systems\GoodSync\Gs-Server.exe [2012-03-13 3332784]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre7\bin\jqs.exe [2012-09-24 161768]
R2 LMS;Intel(R) Management and Security Application Local Management Service; D:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NVSvc;NVIDIA Driver Helper Service; D:\WINDOWS\system32\nvsvc32.exe [2011-08-03 146024]
R2 nvUpdatusService;NVIDIA Update Service Daemon; D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
R2 ProtexisLicensing;ProtexisLicensing; D:\Program Files\Common Files\Protexis\License Service\PSIService.exe [2006-11-02 174656]
R2 TomTomHOMEService;TomTomHOMEService; D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
R2 UleadBurningHelper;Ulead Burning Helper; D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 UNS;Intel(R) Management and Security Application User Notification Service; D:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-19 136176]
S2 SkypeUpdate;Skype Updater; D:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 Adobe LM Service;Adobe LM Service; D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-24 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-11 250808]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-11-16 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; D:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 gupdatem;Služba Google Update (gupdatem); D:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-19 136176]
S3 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-10-03 194104]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Mx-3 B-Cup Service;MX-3 B-Cup XP; D:\WINDOWS\system32\Mx-3 B-Cup Service.exe [2011-01-04 124928]
S3 NMIndexingService;NMIndexingService; D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Sony PC Companion;Sony PC Companion; D:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 TfKbMon;TfKbMon; D:\WINDOWS\System32\Drivers\TfKbMon.sys [2008-11-17 12576]
S3 WinRM;Windows Remote Management (WS-Management); D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Mc_Murphy]

Zdravím.

Vydrž minutku, na logu se intenzivně pracuje.

[Mc_Murphy]

Stáhni AdwCleaner - http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulož jej nejlépe na Plochu.
• Ukonči všechny programy!!
• Spusť AdwCleaner.
• Pokud používáš operační systém Windows Vista či Windows 7, klikni na AdwCleaner pravým myšítkem a dej Run As Administrator či Spustit jako správce.
• Klikni na [Search].
• Proběhne scan a pak se objeví log, který bude případně uložen na systémovém disku jako AdwCleaner[R?].txt - ten mi sem vlož.

A v počítače vidím i Malwarebytes' Anti-Malware, takže pokud ho máš ještě nainstalovaný, proveď všechny aktualizace, pak spusť úplnou kontrolu všech jednotek v PC a výsledný log mi sem hoď.
Předem nic nemaž, MBAM mívá někdy falešné poplachy!

[byczech]

díky, zde le log:

# AdwCleaner v2.100 - Logfile created 12/15/2012 at 18:19:17
# Updated 09/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Pavel2 - PAVEL
# Boot Mode : Normal
# Running from : D:\Documents and Settings\Pavel2\Plocha\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : D:\Program Files\Mozilla Firefox\extensions\pdfforge@mybrowserbar.com
File Found : D:\Program Files\Mozilla Firefox\extensions\wtxpcom@mybrowserbar.com
Folder Found : D:\Documents and Settings\Pavel2\Data aplikací\OpenCandy
Folder Found : D:\Documents and Settings\Pavel2\Data aplikací\pdfforge
Folder Found : D:\Documents and Settings\Pavel2\Data aplikací\Search Settings
Folder Found : D:\Program Files\Application Updater
Folder Found : D:\Program Files\Common Files\spigot
Folder Found : D:\Program Files\Conduit
Folder Found : D:\Program Files\pdfforge Toolbar
Folder Found : D:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\AskToolbarInfo
Key Found : HKCU\Software\AppDataLow\Software\pdfforge
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\CToolbar
Key Found : HKCU\Software\Headlight
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Found : HKLM\Software\Application Updater
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\CToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : HKLM\Software\pdfforge
Key Found : HKLM\Software\Search Settings
Key Found : HKU\S-1-5-21-1935655697-746137067-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKU\S-1-5-21-1935655697-746137067-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [3287 octets] - [15/12/2012 18:19:17]

########## EOF - D:\AdwCleaner[R1].txt - [3347 octets] ##########

[Mc_Murphy]

OK. Ten MBAM máš taky nebo už je z počítače pryč?


Provedeme opravy.

• Spusť AdwCleaner znovu.
• Klikni na [Delete].
• PC provede opravu, restartuje se a vytvoří log C:\AdwCleaner [S1].txt - jeho obsah mi sem zase vlož.

[byczech]

už je pryč

[byczech]

# AdwCleaner v2.100 - Logfile created 12/15/2012 at 19:06:40
# Updated 09/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Pavel2 - PAVEL
# Boot Mode : Normal
# Running from : D:\Documents and Settings\Pavel2\Plocha\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : D:\Program Files\Mozilla Firefox\extensions\pdfforge@mybrowserbar.com
File Deleted : D:\Program Files\Mozilla Firefox\extensions\wtxpcom@mybrowserbar.com
Folder Deleted : D:\Documents and Settings\Pavel2\Data aplikací\OpenCandy
Folder Deleted : D:\Documents and Settings\Pavel2\Data aplikací\pdfforge
Folder Deleted : D:\Documents and Settings\Pavel2\Data aplikací\Search Settings
Folder Deleted : D:\Program Files\Application Updater
Folder Deleted : D:\Program Files\Common Files\spigot
Folder Deleted : D:\Program Files\Conduit
Folder Deleted : D:\Program Files\pdfforge Toolbar
Folder Deleted : D:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\CToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\pdfforge
Key Deleted : HKLM\Software\Search Settings
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [3416 octets] - [15/12/2012 18:19:17]
AdwCleaner[S1].txt - [3113 octets] - [15/12/2012 19:06:40]

########## EOF - D:\AdwCleaner[S1].txt - [3173 octets] ##########

[Mc_Murphy]

Moc se omlouvám za zpoždění, ale měl jsem doma dvě nepředpokládané návštěvy a zabralo mi to celý den.

OK, nevadí, tak MBAM vynecháme.


Nyní stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ulož jej nejlépe na Plochu.
• Ukonči všechny programy!
• Spusť RogueKiller.
• Počkej, než program dokončí Prescan.
• Potom klikni na tlačítko [Prohledat] a počkej, až prohlídka proběhne.
• Klikni na tlačítko [Zpráva] - otevře se log, ten mi sem vlož.
• Detailní postup včetně obrázků najdeš zde: http://forum.viry.cz/viewtopic.php?f=24&t=120452

[byczech]

to je v pohodě, doufám, že to byla aspoň příjemná návštěva
zde je log:
RogueKiller V8.4.0 [Dec 15 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Pavel2 [Práva správce]
Mód : Kontrola -- Datum : 12/17/2012 22:04:37

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤
-> C:\Documents and Settings\Default User\NTUSER.DAT
-> C:\Documents and Settings\LocalService\NTUSER.DAT
-> C:\Documents and Settings\NetworkService\NTUSER.DAT

¤¤¤ Soubor HOSTS: ¤¤¤
--> D:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Seagate ST3300622A SCSI Disk Device +++++
--- User ---
[MBR] 1e37cfcfb169a28499ba80255f87fca4
[BSP] ebc69e157133b047984293e1b1050e89 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 29996 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 61432560 | Size: 256161 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive1: WD Ext HDD 1021 USB Device +++++
--- User ---
[MBR] 1424c62435a6b23e124ccd4d89706bd3
[BSP] 16e545be7ae25b20c25758d59c75acd9 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953866 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1]_S_12172012_02d2204.txt >>
RKreport[1]_S_12172012_02d2204.txt

[Mc_Murphy]

Velice příjemná.


Takže provedeme opravy.

• Ukonči všechny programy!
• Spusť RogueKiller.
• Počkej, než program dokončí Prescan.
• Zvol možnost [Prohledat] a počkej, až prohlídka proběhne.
• V záložce Registry nech všechny nálezy označeny.
• Klikni na tlačítko [Smazat] a následně na [Zpráva] - otevře se log, ten mi sem vlož.
• Pak ještě klikni na tlačítko [Oprava Hosts] a potom opět na [Zpráva] - otevře se další log, který mi sem také vlož.

A pak mi prosím vygeneruj nový aktuální log ze RSITu, ať vidím, co se povedlo a co zatím ne.

[byczech]

zde je první log:

RogueKiller V8.4.0 [Dec 15 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Pavel2 [Práva správce]
Mód : Odebrat -- Datum : 12/18/2012 19:56:37

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤
-> C:\Documents and Settings\Default User\NTUSER.DAT
-> C:\Documents and Settings\LocalService\NTUSER.DAT
-> C:\Documents and Settings\NetworkService\NTUSER.DAT

¤¤¤ Soubor HOSTS: ¤¤¤
--> D:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Seagate ST3300622A SCSI Disk Device +++++
--- User ---
[MBR] 1e37cfcfb169a28499ba80255f87fca4
[BSP] ebc69e157133b047984293e1b1050e89 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 29996 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 61432560 | Size: 256161 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive1: WD Ext HDD 1021 USB Device +++++
--- User ---
[MBR] 1424c62435a6b23e124ccd4d89706bd3
[BSP] 16e545be7ae25b20c25758d59c75acd9 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953866 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[3]_D_12182012_02d1956.txt >>
RKreport[1]_S_12182012_02d1955.txt ; RKreport[2]_D_12182012_02d1956.txt ; RKreport[3]_D_12182012_02d1956.txt

[byczech]

a zde je druhý log

RogueKiller V8.4.0 [Dec 15 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Pavel2 [Práva správce]
Mód : Oprava HOSTS -- Datum : 12/18/2012 19:58:18

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤
-> C:\Documents and Settings\Default User\NTUSER.DAT
-> C:\Documents and Settings\LocalService\NTUSER.DAT
-> C:\Documents and Settings\NetworkService\NTUSER.DAT

¤¤¤ Soubor HOSTS: ¤¤¤
--> D:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[5]_H_12182012_02d1958.txt >>
RKreport[1]_S_12182012_02d1955.txt ; RKreport[2]_D_12182012_02d1956.txt ; RKreport[3]_D_12182012_02d1956.txt ; RKreport[4]_H_12182012_02d1958.txt ; RKreport[5]_H_12182012_02d1958.txt

[Mc_Murphy]

A pak mi prosím vygeneruj nový aktuální log ze RSITu, ať vidím, co se povedlo a co zatím ne.

Čti mi ty návody pozorně!

[byczech]

no jo sem to přehlídnul promiň

Logfile of random's system information tool 1.09 (written by random/random)
Run by Pavel2 at 2012-12-18 22:10:53
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 14 GB (12%) free of 120 GB
Total RAM: 3058 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:10:57, on 18.12.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\SUPERAntiSpyware\SASCORE.EXE
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
D:\Program Files\Java\jre7\bin\jqs.exe
D:\WINDOWS\RTHDCPL.EXE
D:\PROGRAM FILES\WESTERN DIGITAL TECHNOLOGIES\SPINDOWN\EXSPINDN.EXE
D:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
D:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Common Files\Protexis\License Service\PSIService.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
D:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
D:\Program Files\RocketDock\RocketDock.exe
D:\Program Files\D-Link AirPlus\AirPlus.exe
D:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
D:\Documents and Settings\Pavel2\Data aplikací\Dropbox\bin\Dropbox.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Program Files\Mozilla Thunderbird\thunderbird.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1168638.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Pavel2\Plocha\RSIT.exe
D:\Program Files\trend micro\Pavel2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WD Spindown Utility] "D:\PROGRAM FILES\WESTERN DIGITAL TECHNOLOGIES\SPINDOWN\EXSPINDN.EXE"
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RocketDock] "D:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-21-1935655697-746137067-682003330-1006\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - Startup: Dropbox.lnk = ?
O4 - Global Startup: D-Link AirPlus.lnk = ?
O4 - Global Startup: forteManager.lnk = ?
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - D:\Program Files\Xilisoft\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: Download with Xilisoft YouTube Video Converter - D:\Program Files\Xilisoft\YouTube Video Converter\upod_link.HTM
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Stáhnout Star Downloaderem - D:\PROGRA~1\STARDO~1\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - D:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 5932919739
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2842202984
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - D:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoodSync Server (GsServer) - Unknown owner - D:\Program Files\Siber Systems\GoodSync\Gs-Server.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - D:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - D:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MX-3 B-Cup XP (Mx-3 B-Cup Service) - n.v.t. MX-3 - D:\WINDOWS\system32\Mx-3 B-Cup Service.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: ProtexisLicensing - Unknown owner - D:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - D:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - D:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: TomTomHOMEService - TomTom - D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - D:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 12335 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\Adobe Flash Player Updater.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-746137067-682003330-1003Core1cc90164ada5b6a.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-746137067-682003330-1003UA.job
D:\WINDOWS\tasks\User_Feed_Synchronization-{50987921-B039-49AD-8EE9-68F23EE5EBDF}.job

=========Mozilla firefox=========

ProfilePath - D:\Documents and Settings\Pavel2\Data aplikací\Mozilla\Firefox\Profiles\w4z2juqw.default

prefs.js - "browser.startup.homepage" - "http://webmail.forpsi.com/index.html"
prefs.js - "extensions.enabledItems" - "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60, {AA052FD6-366A-4771-A591-0D8DC551585D}:1.1.20, {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.2.2, piclens@cooliris.com:1.12.2.44026, cs@dictionaries.addons.mozilla.org:1.0.2, {B6533577-46BD-4520-9FF8-F0513A30C2A3}:1.1, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1, {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10, {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2, {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03, {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}:6.0.05, {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, jqs@sun.com:1.0, {75CEEE46-9B64-46f8-94BF-54012DE155F0}:0.4.6, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, ramback@pavlov.net:1.0, ranky@ranky.cz:0.2, {EF522540-89F5-46b9-B6FE-1829E2B572C6}:5.0.1, seo4firefox@seobook.com:3.4.2, {350d7dcc-3edb-11da-94f5-00e08161165f}:2.0.7, statusbuttons@clav.mozdev.org:3.0, {03B08592-E5B4-45ff-A0BE-C1D975458688}:1.0, {2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0}:1.2.5.1, {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5, {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.3, {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9, {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3, cache@status.org:0.7.9, {A4732521-77D9-447E-A557-B279AC923F06}:0.6.8, {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "chrome://browser-region/locale/region.properties"

"{20a82645-c095-46ed-80e3-08825760534b}"=D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.135 Plugin
"Path"=D:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=D:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=D:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=D:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=D:\Program Files\Real Alternative\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=D:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=D:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=D:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=D:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll

D:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

D:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npCortona.xpt
nppl3260.xpt
nsJSRealPlayerPlugin.xpt

D:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npCortona.dll
npigl.dll
npigl.xpt
NPOFFICE.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
nprpjplug.dll
npstar.dll
npUpload.xpt
npyaxmpb.dll
np_gp.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

D:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

D:\Documents and Settings\Pavel2\Data aplikací\Mozilla\Firefox\Profiles\w4z2juqw.default\extensions\
cs@dictionaries.addons.mozilla.org
piclens@cooliris.com
ramback@pavlov.net
ranky@ranky.cz
statusbuttons@clav.mozdev.org
temp
{03B08592-E5B4-45ff-A0BE-C1D975458688}
{03B08592-E5B4-45ff-A0BE-C1D975458688}(2)
{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}(2)
{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
{20a82645-c095-46ed-80e3-08825760534b}
{2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0}(2)
{350d7dcc-3edb-11da-94f5-00e08161165f}
{3cd27e92-1a30-11da-94c6-00e08161165f}
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
{7b13ec3e-999a-4b70-b9cb-2617b8323822}
{89506680-e3f4-484c-a2c0-ed711d481eda}(2)
{95f24680-9e31-11da-a746-0800200c9a66}
{a7c6cf7f-112c-4500-a7ea-39801a327e5f}(2)
{ada4b710-8346-4b82-8199-5de2b400a6ae}(2)
{B6533577-46BD-4520-9FF8-F0513A30C2A3}
{c45c406e-ab73-11d8-be73-000a95be3b12}
{dd69bf83-72cf-4207-bb6d-5c91376af17e}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
{e968fc70-8f95-4ab9-9e79-304de2a71ee1}

D:\Documents and Settings\Pavel2\Data aplikací\Mozilla\Firefox\Profiles\w4z2juqw.default\searchplugins\
bing.xml
filezcom.xml
torrent-finder.xml
userlogos.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\Java\jre7\bin\ssv.dll [2012-09-24 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-24 155384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2010-11-16 19722344]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2011-08-03 13892200]
"WD Spindown Utility"=D:\PROGRAM FILES\WESTERN DIGITAL TECHNOLOGIES\SPINDOWN\EXSPINDN.EXE [2004-08-09 278528]
"HP Software Update"=D:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"Adobe ARM"=D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"egui"=D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-10-23 5074384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=D:\Documents and Settings\Pavel2\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-05-23 133104]
"RocketDock"=D:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"TomTomHOME.exe"=D:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2012-08-28 247768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
d:\program files\adobe\reader 9.0\reader\reader_sl.exe [2011-09-07 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
d:\program files\nvidia corporation\nview\nwiz.exe [2011-07-05 1632360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
d:\program files\rocketdock\rocketdock.exe [2007-09-02 495616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RunMMD]
D:\Program Files\Mio\MMD2\RunMMD.exe [2010-05-17 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
D:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [2012-05-31 445624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
d:\program files\tomtom home 2\tomtomhomerunner.exe [2012-08-28 247768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Spindown Utility]
d:\program files\western digital technologies\spindown\exspindn.exe [2004-08-09 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Pavel2^Nabídka Start^Programy^Po spuštění^Landi 11.lnk]
D:\PROGRA~1\LANDI1~1\Landi11.exe [2011-01-26 2691072]

D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
D-Link AirPlus.lnk - D:\Program Files\D-Link AirPlus\AirPlus.exe
forteManager.lnk - D:\Program Files\LG Soft India\forteManager\bin\Monitor.exe

D:\Documents and Settings\Pavel2\Nabídka Start\Programy\Po spuštění
Dropbox.lnk - D:\Documents and Settings\Pavel2\Data aplikací\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - D:\Program Files\Stardock\Fences\FencesMenu.dll [2010-06-22 202088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=D:\PROGRA~1\DVDREG~1\DVDShell.dll [2004-10-09 49152]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=383
"NoDrives"=0
"HonorAutoRunSetting"=1
"NoResolveTrack"=0
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoFind"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Documents and Settings\Pavel2\Data aplikací\Dropbox\bin\Dropbox.exe"="D:\Documents and Settings\Pavel2\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"D:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe"="D:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe:LocalSubNet:Enabled:Instalace zařízení HP"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Siber Systems\GoodSync\GoodSync.exe"="D:\Program Files\Siber Systems\GoodSync\GoodSync.exe:*:Enabled:GoodSync"
"D:\Program Files\Siber Systems\GoodSync\GsExplorer.exe"="D:\Program Files\Siber Systems\GoodSync\GsExplorer.exe:*:Enabled:GoodSync Explorer"
"D:\Program Files\Siber Systems\GoodSync\Gs-Server.exe"="D:\Program Files\Siber Systems\GoodSync\Gs-Server.exe:*:Enabled:GoodSync Server"
"D:\Documents and Settings\Pavel2\Local Settings\temp\7zS8F.tmp\SymNRT.exe"="D:\Documents and Settings\Pavel2\Local Settings\temp\7zS8F.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=D:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"MSVideo8"=VfWWDM32.dll
"vidc.yv12"=yv12vfw.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"VIDC.FMVC"=fmcodec.dll
"wave4"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-12-16 11:57:22 ----A---- D:\AdwCleaner[R3].txt
2012-12-15 22:00:20 ----A---- D:\AdwCleaner[R2].txt
2012-12-15 19:06:40 ----A---- D:\AdwCleaner[S1].txt
2012-12-15 18:19:17 ----A---- D:\AdwCleaner[R1].txt
2012-12-15 01:20:34 ----D---- D:\rsit
2012-12-12 20:19:12 ----HDC---- D:\WINDOWS\$NtUninstallKB2758857$
2012-12-12 20:19:05 ----HDC---- D:\WINDOWS\$NtUninstallKB2779030$
2012-12-12 20:19:00 ----HDC---- D:\WINDOWS\$NtUninstallKB2779562$
2012-12-12 20:18:11 ----HDC---- D:\WINDOWS\$NtUninstallKB2753842$
2012-12-12 20:18:05 ----HDC---- D:\WINDOWS\$NtUninstallKB2770660$
2012-11-20 17:57:40 ----D---- D:\Program Files\Mozilla Thunderbird

======List of files/folders modified in the last 1 month======

2012-12-18 22:10:54 ----D---- D:\Program Files\trend micro
2012-12-18 22:09:11 ----D---- D:\WINDOWS\Temp
2012-12-18 19:59:40 ----D---- D:\WINDOWS\system32\drivers
2012-12-18 19:45:05 ----D---- D:\Documents and Settings\Pavel2\Data aplikací\Dropbox
2012-12-18 19:43:45 ----A---- D:\WINDOWS\system32\log.txt
2012-12-16 22:21:07 ----D---- D:\WINDOWS\Prefetch
2012-12-15 19:06:40 ----SHD---- D:\WINDOWS\Installer
2012-12-15 19:06:40 ----D---- D:\Program Files\Common Files
2012-12-15 19:06:40 ----D---- D:\Program Files
2012-12-15 14:38:40 ----A---- D:\WINDOWS\NeroDigital.ini
2012-12-14 20:03:49 ----D---- D:\WINDOWS\system32
2012-12-13 19:04:46 ----D---- D:\WINDOWS
2012-12-13 00:13:15 ----D---- D:\WINDOWS\system32\CatRoot2
2012-12-12 20:19:59 ----D---- D:\Config.Msi
2012-12-12 20:19:16 ----HD---- D:\WINDOWS\inf
2012-12-12 20:19:14 ----RSHDC---- D:\WINDOWS\system32\dllcache
2012-12-12 20:19:08 ----A---- D:\WINDOWS\imsins.BAK
2012-12-12 20:17:44 ----D---- D:\Program Files\Internet Explorer
2012-12-12 20:17:18 ----HD---- D:\WINDOWS\$hf_mig$
2012-12-12 20:15:28 ----A---- D:\WINDOWS\system32\MRT.exe
2012-12-11 21:51:10 ----D---- D:\Documents and Settings\All Users\Data aplikací\Watermark Factory
2012-12-11 21:46:47 ----A---- D:\WINDOWS\system32\FlashPlayerApp.exe
2012-12-09 13:08:35 ----D---- D:\WINDOWS\Cursors
2012-12-08 19:53:47 ----D---- D:\Program Files\Malwarebytes' Anti-Malware
2012-12-01 14:13:26 ----D---- D:\Documents and Settings\Pavel2\Data aplikací\MediaMonkey
2012-12-01 09:40:31 ----SD---- D:\WINDOWS\Tasks
2012-12-01 09:40:31 ----D---- D:\Program Files\Google
2012-11-22 23:29:05 ----D---- D:\Documents and Settings\Pavel2\Data aplikací\FileZilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mv61xx;mv61xx; D:\WINDOWS\system32\DRIVERS\mv61xx.sys [2010-10-06 156200]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; D:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; D:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-01-11 239368]
R1 cmdHlp;COMODO Internet Security Helper Driver; D:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-01-11 27576]
R1 eamon;eamon; D:\WINDOWS\system32\DRIVERS\eamon.sys [2012-10-08 159832]
R1 ehdrv;ehdrv; D:\WINDOWS\system32\DRIVERS\ehdrv.sys [2012-10-08 121216]
R1 epfwtdir;epfwtdir; D:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2012-10-08 104736]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ISODrive;ISO CD-ROM Device Driver; \??\D:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\D:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; D:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 npf;NetGroup Packet Filter Driver; D:\WINDOWS\system32\drivers\npf.sys [2011-08-21 35088]
R3 AIRPLUS;D-Link AirPlus Wireless Adapter; D:\WINDOWS\system32\DRIVERS\airplus.sys [2003-09-08 255360]
R3 asmthub3;ASMedia USB3 Hub Service; D:\WINDOWS\system32\DRIVERS\asmthub3.sys [2010-12-08 95720]
R3 asmtxhci;ASMEDIA XHCI Service; D:\WINDOWS\system32\DRIVERS\asmtxhci.sys [2010-12-08 292840]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-11-23 6203496]
R3 LGDDCDevice;LGDDCDevice; \??\D:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys []
R3 MEI;Intel(R) Management Engine Interface; D:\WINDOWS\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-08-03 12542592]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; D:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-09-09 234728]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 MpKsl122ec0d7;MpKsl122ec0d7; D:\WINDOWS\system32\drivers\MpKsl122ec0d7.sys []
S1 MpKsld00fdf5c;MpKsld00fdf5c; D:\WINDOWS\system32\drivers\MpKsld00fdf5c.sys []
S1 MpKsld63d81d0;MpKsld63d81d0; D:\WINDOWS\system32\drivers\MpKsld63d81d0.sys []
S1 SBRE;SBRE; D:\WINDOWS\system32\drivers\SBRE.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; D:\WINDOWS\system32\drivers\Ad-Watch Connect Filter.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
S3 Ambfilt;Ambfilt; D:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Arp1394;Protokol 1394 ARP Client; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EC168BDA;TVGo DVB-T02PRO; D:\WINDOWS\system32\DRIVERS\EC168BDA.sys [2007-05-18 67968]
S3 FlyPCI;FlyPCI; \??\D:\WINDOWS\system32\drivers\FlyPCI.sys []
S3 genmcmn;Scroll Mouse Driver; D:\WINDOWS\system32\DRIVERS\gmfiltr.sys []
S3 GVCplDrv;GVCplDrv; D:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 i81x;i81x; D:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-03 161020]
S3 LGII2CDevice;LGII2CDevice; \??\D:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys []
S3 Monfilt;Monfilt; D:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MPE;Filtr MPE BDA; D:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; D:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 pcouffin;VSO Software pcouffin; D:\WINDOWS\System32\Drivers\pcouffin.sys [2007-11-25 47360]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); D:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 w200bus;Sony Ericsson W200 driver (WDM); D:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; D:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; D:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM); D:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; D:\WINDOWS\system32\DRIVERS\w200obex.sys []
S3 wceusbsh;Windows CE USB Serial Host Driver; D:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2005-06-14 104576]
S3 WSTCODEC;Dálnopisný kodek světového standardu; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; D:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-10-18 116608]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; D:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ekrn;ESET Service; D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2012-10-23 1329304]
R2 GsServer;GoodSync Server; D:\Program Files\Siber Systems\GoodSync\Gs-Server.exe [2012-03-13 3332784]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre7\bin\jqs.exe [2012-09-24 161768]
R2 LMS;Intel(R) Management and Security Application Local Management Service; D:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NVSvc;NVIDIA Driver Helper Service; D:\WINDOWS\system32\nvsvc32.exe [2011-08-03 146024]
R2 nvUpdatusService;NVIDIA Update Service Daemon; D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
R2 ProtexisLicensing;ProtexisLicensing; D:\Program Files\Common Files\Protexis\License Service\PSIService.exe [2006-11-02 174656]
R2 TomTomHOMEService;TomTomHOMEService; D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2012-08-28 92632]
R2 UleadBurningHelper;Ulead Burning Helper; D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 UNS;Intel(R) Management and Security Application User Notification Service; D:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-19 136176]
S2 SkypeUpdate;Skype Updater; D:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 Adobe LM Service;Adobe LM Service; D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-11-24 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-11 250808]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-11-16 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; D:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 gupdatem;Služba Google Update (gupdatem); D:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-19 136176]
S3 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-10-03 194104]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Mx-3 B-Cup Service;MX-3 B-Cup XP; D:\WINDOWS\system32\Mx-3 B-Cup Service.exe [2011-01-04 124928]
S3 NMIndexingService;NMIndexingService; D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Sony PC Companion;Sony PC Companion; D:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 TfKbMon;TfKbMon; D:\WINDOWS\System32\Drivers\TfKbMon.sys [2008-11-17 12576]
S3 WinRM;Windows Remote Management (WS-Management); D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Mc_Murphy]

Fixni v HJT níže uvedené položky.

• Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
• Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
• Položky, které v seznamu nenajdeš, prostě přeskoč.
• HJT najdeš zde: D:\Program Files\trend micro\Pavel2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local


Dále stáhni utilitu OTM z jednoho z těchto odkazů:

• http://oldtimer.geekstogo.com/OTM.exe
• http://oldtimer.geekstogo.com/OTM.com
• http://oldtimer.geekstogo.com/OTM.scr

Ulož ji na Plochu a dvojklikem spusť.

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script (pouze zelená písmenka v bílém poli, včetně té dvojtečky před Commands!):

Kód: Vybrat vše

:Commands
[ClearAllRestorePoints]
[ResetHosts]
[Purity]
[EmptyTemp]
[EmptyFlash]

:Services
!SASCORE
Adobe LM Service
gupdate
gupdatem
gusvc
JavaQuickStarterService
NMIndexingService
SkypeUpdate
SASDIFSV
SASKUTIL
MpKsl122ec0d7
MpKsld00fdf5c
MpKsld63d81d0
SBRE
AdobeFlashPlayerUpdateSvc
Nero BackItUp Scheduler 3

:Files
D:\Program Files\Malwarebytes' Anti-Malware
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
D:\WINDOWS\tasks\Adobe Flash Player Updater.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-746137067-682003330-1003Core1cc90164ada5b6a.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-746137067-682003330-1003UA.job
D:\WINDOWS\tasks\User_Feed_Synchronization-{50987921-B039-49AD-8EE9-68F23EE5EBDF}.job
D:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
D:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml
D:\Documents and Settings\Pavel2\Data aplikací\Mozilla\Firefox\Profiles\w4z2juqw.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}
D:\Documents and Settings\Pavel2\Data aplikací\Mozilla\Firefox\Profiles\w4z2juqw.default\extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688}(2)
D:\Documents and Settings\Pavel2\Data aplikací\Mozilla\Firefox\Profiles\w4z2juqw.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
D:\Documents and Settings\Pavel2\Data aplikací\Mozilla\Firefox\Profiles\w4z2juqw.default\searchplugins\bing.xml
D:\Documents and Settings\Pavel2\Data aplikací\Mozilla\Firefox\Profiles\w4z2juqw.default\searchplugins\filezcom.xml
D:\Documents and Settings\Pavel2\Data aplikací\Mozilla\Firefox\Profiles\w4z2juqw.default\searchplugins\torrent-finder.xml
D:\WINDOWS\system32\drivers\MpKsl122ec0d7.sys
D:\WINDOWS\system32\drivers\MpKsld00fdf5c.sys
D:\WINDOWS\system32\drivers\MpKsld63d81d0.sys
D:\WINDOWS\system32\drivers\SBRE.sys

:Reg
[HKEY_USERS\S-1-5-21-1935655697-746137067-682003330-1006\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=-
"HP Software Update"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"RocketDock"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RunMMD]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Spindown Utility]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^Pavel2^Nabídka Start^Programy^Po spuštění^Landi 11.lnk]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=-

Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\