zpomalené PC, spam, internetový prohlížeč hází chyby

[pidalka]

Dobrý den, kamarád potřebuje odvirovat PC, doteď používal IE, ten vyhazuje chyby a mraky spamu, taky se nedaří přes něj připojit na internet, nainstalovala jsem firefox, pc je zpomalené... Posílám log z RSIT, prosím, mrkněte na to... Předem moc děkuji


Logfile of random's system information tool 1.06 (written by random/random)
Run by lucinka at 2010-02-03 16:35:28
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 74 GB (51%) free of 144 GB
Total RAM: 2046 MB (50% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\HPCeeScheduleForlucinka.job
C:\Windows\tasks\Norton Internet Security - Prověřit tento počítač - lucinka.job
C:\Windows\tasks\User_Feed_Synchronization-{D0774B5A-4964-43B1-BDE3-6D89D13484CB}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class - C:\Program Files\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll [2009-07-09 196608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll [2007-08-25 316784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2009-02-03 116088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}]
System Search Dispatcher - C:\Program Files\System Search Dispatcher\1.3.0.840\ssd.dll [2009-07-13 299288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Show Norton Toolbar - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll [2007-08-25 316784]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-07-17 691656]
{5617ECA9-488D-4BA2-8562-9710B9AB78D2} - JuicyAccess Toolbar - C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\stb0.dll [2009-07-20 1138968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-09-30 181544]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-19 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-09-04 554320]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-08-16 218408]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"ccApp"=c:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-10-17 51048]
"HP Health Check Scheduler"=[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe []
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-09-13 480560]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-08 311296]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-07-12 132496]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-04 13556256]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-04 92704]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2008-10-19 243072]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-11-16 172792]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{583ef27c-8982-11dd-a61f-001e37e4cc72}]
shell\AutoRun\command - F:\setup.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-02-03 16:28:41 ----D---- C:\Program Files\trend micro
2010-02-03 16:28:26 ----D---- C:\rsit
2010-02-03 15:45:18 ----D---- C:\Program Files\Mozilla Firefox
2010-01-29 17:38:23 ----A---- C:\Windows\system32\jscript.dll
2010-01-29 12:44:25 ----A---- C:\Windows\system32\occache.dll
2010-01-29 12:44:24 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-29 12:44:24 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-29 12:44:24 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-29 12:44:24 ----A---- C:\Windows\system32\iepeers.dll
2010-01-29 12:44:23 ----A---- C:\Windows\system32\ieui.dll
2010-01-29 12:44:22 ----A---- C:\Windows\system32\iesetup.dll
2010-01-29 12:44:22 ----A---- C:\Windows\system32\iernonce.dll
2010-01-29 12:44:21 ----A---- C:\Windows\system32\wininet.dll
2010-01-29 12:44:21 ----A---- C:\Windows\system32\msfeedssync.exe
2010-01-29 12:44:21 ----A---- C:\Windows\system32\ie4uinit.exe
2010-01-29 12:44:20 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-29 12:44:20 ----A---- C:\Windows\system32\iesysprep.dll
2010-01-29 12:44:20 ----A---- C:\Windows\system32\iertutil.dll
2010-01-29 12:44:20 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-29 12:44:19 ----A---- C:\Windows\system32\urlmon.dll
2010-01-29 12:44:16 ----A---- C:\Windows\system32\mshtml.dll
2010-01-29 12:44:16 ----A---- C:\Windows\system32\ieframe.dll
2010-01-29 12:41:23 ----A---- C:\Windows\system32\mshtmler.dll
2010-01-29 12:41:23 ----A---- C:\Windows\system32\mshtmled.dll
2010-01-29 12:41:23 ----A---- C:\Windows\system32\icardie.dll
2010-01-29 12:41:23 ----A---- C:\Windows\system32\admparse.dll
2010-01-29 12:41:22 ----A---- C:\Windows\system32\msls31.dll
2010-01-29 12:41:21 ----A---- C:\Windows\system32\corpol.dll
2010-01-29 12:41:19 ----A---- C:\Windows\system32\ieakeng.dll
2010-01-29 12:41:18 ----A---- C:\Windows\system32\imgutil.dll
2010-01-29 12:41:18 ----A---- C:\Windows\system32\dxtrans.dll
2010-01-29 12:41:18 ----A---- C:\Windows\system32\dxtmsft.dll
2010-01-29 12:41:17 ----A---- C:\Windows\system32\licmgr10.dll
2010-01-29 12:41:17 ----A---- C:\Windows\system32\inseng.dll
2010-01-29 12:41:16 ----A---- C:\Windows\system32\webcheck.dll
2010-01-29 12:41:16 ----A---- C:\Windows\system32\msrating.dll
2010-01-29 12:41:16 ----A---- C:\Windows\system32\ieaksie.dll
2010-01-29 12:41:15 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-01-29 12:41:15 ----A---- C:\Windows\system32\wextract.exe
2010-01-29 12:41:15 ----A---- C:\Windows\system32\mstime.dll
2010-01-29 12:41:15 ----A---- C:\Windows\system32\ieakui.dll
2010-01-29 12:41:14 ----A---- C:\Windows\system32\pngfilt.dll
2010-01-29 12:41:14 ----A---- C:\Windows\system32\advpack.dll
2010-01-29 12:41:13 ----A---- C:\Windows\system32\vbscript.dll
2010-01-29 12:41:13 ----A---- C:\Windows\system32\ieapfltr.dll
2010-01-29 12:41:12 ----A---- C:\Windows\system32\url.dll
2010-01-29 12:41:10 ----A---- C:\Windows\system32\mshta.exe
2010-01-29 12:41:10 ----A---- C:\Windows\system32\iexpress.exe
2010-01-29 12:41:09 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-01-29 12:41:09 ----A---- C:\Windows\system32\SetDepNx.exe
2010-01-29 12:41:09 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-01-29 12:41:09 ----A---- C:\Windows\system32\PDMSetup.exe
2010-01-14 19:42:53 ----A---- C:\Windows\system32\t2embed.dll
2010-01-14 19:42:53 ----A---- C:\Windows\system32\fontsub.dll

======List of files/folders modified in the last 1 months======

2010-02-03 16:35:42 ----D---- C:\Windows\Temp
2010-02-03 16:35:22 ----D---- C:\Windows\Prefetch
2010-02-03 16:28:41 ----RD---- C:\Program Files
2010-02-03 16:00:56 ----D---- C:\Windows\System32
2010-02-03 16:00:56 ----D---- C:\Windows\inf
2010-02-03 16:00:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-03 15:50:58 ----D---- C:\Users\lucinka\AppData\Roaming\ICQ
2010-02-03 15:46:05 ----D---- C:\Users\lucinka\AppData\Roaming\Mozilla
2010-02-03 14:27:39 ----SHD---- C:\System Volume Information
2010-01-31 14:34:20 ----D---- C:\Windows\rescache
2010-01-30 08:39:24 ----D---- C:\Windows\winsxs
2010-01-29 17:35:20 ----D---- C:\Windows\system32\catroot2
2010-01-29 17:35:20 ----D---- C:\Windows\system32\catroot
2010-01-29 13:01:46 ----D---- C:\Windows\system32\migration
2010-01-29 13:01:46 ----D---- C:\Program Files\Internet Explorer
2010-01-29 13:01:45 ----D---- C:\Windows\system32\cs-CZ
2010-01-29 13:01:43 ----D---- C:\Windows\system32\en-US
2010-01-29 13:01:43 ----D---- C:\Windows\PolicyDefinitions
2010-01-29 12:38:49 ----D---- C:\Windows
2010-01-19 19:41:13 ----D---- C:\Program Files\Windows Mail
2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-05 19:22:53 ----D---- C:\Program Files\ICQ6.5
2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-01-30 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090310.005\IDSvix86.sys [2009-01-02 270384]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2008-09-05 447024]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-02-19 24112]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2009-02-19 184496]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R2 CO_Mon;CO_Mon; \??\C:\Windows\system32\drivers\CO_Mon.sys [2007-08-08 36056]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-12-06 761856]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-09-10 19456]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-09-10 29184]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-09-18 80424]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-09-18 80936]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-09-18 16168]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-01-30 102448]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-01-25 25280]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20100130.008\NAVENG.SYS [2010-01-30 84912]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20100130.008\NAVEX15.SYS [2010-01-30 1323568]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-07 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-04 7606688]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-19 49664]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2009-02-19 13616]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-02-03 124464]
R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2009-02-19 96560]
R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 41008]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2009-02-19 22320]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 awxtxo8c;awxtxo8c; C:\Windows\system32\drivers\awxtxo8c.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-09-10 220160]
S3 COH_Mon;COH_Mon; \??\C:\Windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-09-09 176640]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 Automatic LiveUpdate Scheduler;Plánovač automatické aktualizace LiveUpdate; c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2007-08-31 243064]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ccEvtMgr;Symantec Event Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 ccSetMgr;Symantec Settings Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 LiveUpdate Notice;LiveUpdate Notice; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-04 203296]
R2 PnkBstrA;PunkBuster; C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe [2007-08-15 63040]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-09-30 271760]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-09-30 112016]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2009-02-03 1251720]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 comHost;COM Host; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-08-22 55640]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-03-03 33176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 LiveUpdate;LiveUpdate; c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2007-08-23 3192184]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

[motji]

Hezké odpoledne

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe


- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem


Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[pidalka]

tak log z combofix:

ComboFix 10-02-02.08 - lucinka 03.02.2010 17:02:47.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.420.1029.18.2046.1344 [GMT 1:00]
Spuštěný z: c:\users\lucinka\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090530-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Norton Internet Security *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: avast! antivirus 4.8.1335 [VPS 090530-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Norton Internet Security *enabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2996013047-1375082172-3561251790-500
c:\$recycle.bin\S-1-5-21-477923535-1514029760-1681397141-500
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.4.0.4340\adwpx.exe
c:\program files\Internet Saving Optimizer\3.4.0.4340\Data\config.md
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.4.0.4340\NPCommon.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.dat
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
c:\windows\system32\KBL.LOG

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-03 do 2010-02-03 )))))))))))))))))))))))))))))))
.

2010-02-03 16:23 . 2010-02-03 16:26 -------- d-----w- c:\users\lucinka\AppData\Local\temp
2010-02-03 16:23 . 2010-02-03 16:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-03 15:28 . 2010-02-03 15:28 -------- d-----w- c:\program files\trend micro
2010-02-03 15:28 . 2010-02-03 15:29 -------- d-----w- C:\rsit
2010-02-03 14:45 . 2010-02-03 14:45 -------- d-----w- c:\users\lucinka\AppData\Local\Mozilla
2010-01-31 14:21 . 2010-01-30 00:00 1647984 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100130.008\NAVEX32A.DLL
2010-01-31 14:21 . 2010-01-30 00:00 84912 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100130.008\NAVENG.SYS
2010-01-31 14:21 . 2010-01-30 00:00 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100130.008\EECTRL.SYS
2010-01-31 14:21 . 2010-01-30 00:00 2747440 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100130.008\CCERASER.DLL
2010-01-31 14:21 . 2010-01-30 00:00 259440 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100130.008\ECMSVR32.DLL
2010-01-31 14:21 . 2010-01-30 00:00 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100130.008\NAVENG32.DLL
2010-01-31 14:21 . 2010-01-30 00:00 1323568 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100130.008\NAVEX15.SYS
2010-01-31 14:21 . 2010-01-30 00:00 102448 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20100130.008\ERASER.SYS
2010-01-29 11:41 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll
2010-01-14 18:42 . 2009-10-19 14:27 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-14 18:42 . 2009-10-19 14:24 72704 ----a-w- c:\windows\system32\fontsub.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-03 16:07 . 2008-02-26 01:24 598838 ----a-w- c:\windows\system32\perfh005.dat
2010-02-03 16:07 . 2008-02-26 01:24 115014 ----a-w- c:\windows\system32\perfc005.dat
2010-02-03 15:57 . 2008-04-17 16:41 2484 ----a-w- c:\windows\bthservsdp.dat
2010-02-03 14:52 . 2009-02-06 07:11 28029 ----a-w- c:\programdata\nvModes.dat
2010-02-03 14:50 . 2008-09-10 19:26 -------- d-----w- c:\users\lucinka\AppData\Roaming\ICQ
2010-01-19 18:41 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-14 10:12 . 2009-10-03 18:36 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-05 18:22 . 2009-07-14 14:55 -------- d-----w- c:\program files\ICQ6.5
2010-01-02 06:38 . 2010-01-29 11:44 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-29 11:44 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-29 11:44 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-29 11:44 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-19 12:15 . 2009-12-19 12:15 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-11-09 13:22 . 2009-12-13 21:04 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 13:20 . 2009-12-13 21:04 31232 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 11:04 . 2009-12-13 21:04 411136 ----a-w- c:\windows\system32\drivers\http.sys
2009-11-07 13:33 . 2009-11-07 13:33 1961720 ----a-w- c:\users\lucinka\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2008-02-26 01:52 . 2008-02-26 01:41 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}]
2009-07-13 12:29 299288 ----a-w- c:\program files\System Search Dispatcher\1.3.0.840\ssd.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-19 2153472]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2008-10-19 243072]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-09-30 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-16 218408]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-04 92704]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [1.4.2009 10:04 114768]
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090310.005\IDSvix86.sys [11.3.2009 20:32 270384]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [1.4.2009 10:04 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [1.4.2009 10:03 51792]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [10.9.2008 20:27 222968]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [3.2.2009 16:14 149352]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [31.1.2010 15:21 102448]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [19.2.2009 11:31 41008]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [23.9.2008 16:13 717296]
S3 COH_Mon;COH_Mon;c:\windows\System32\drivers\COH_Mon.sys [29.5.2007 20:55 23888]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-01-26 c:\windows\Tasks\HPCeeScheduleForlucinka.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-02-25 10:58]

2010-02-01 c:\windows\Tasks\Norton Internet Security - Prověřit tento počítač - lucinka.job
- c:\program files\Norton Internet Security\Aplikace Norton AntiVirus\Navw32.exe [2007-08-27 00:19]

2010-02-03 c:\windows\Tasks\User_Feed_Synchronization-{D0774B5A-4964-43B1-BDE3-6D89D13484CB}.job
- c:\windows\system32\msfeedssync.exe [2010-01-29 04:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=cs_cz&c=81&bd=Pavilion&pf=laptop
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: {621D6D99-255D-4BBC-BCC3-B478B3D543D2} = 213.226.224.12,194.213.224.1
FF - ProfilePath - c:\users\lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\99sq4urz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-03 17:26
Windows 6.0.6001 Service Pack 1 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-02-03 17:33:24
ComboFix-quarantined-files.txt 2010-02-03 16:33

Před spuštěním: Volných bajtů: 77 318 320 128
Po spuštění: Volných bajtů: 77 641 170 944

- - End Of File - - 8E214A8BC28AA87C66D6752E13FB8566


a log z mbam:

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3510
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18882

3.2.2010 22:44:45
mbam-log-2010-02-03 (22-44-34).txt

Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 314739
Uplynulý čas: 2 hour(s), 17 minute(s), 38 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 71
Infikované hodnoty registru: 3
Infikované datové položky registru: 0
Infikované adresáře: 75
Infikované soubory: 158

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{5297e905-1dfb-4a9c-9871-a4f95fd58945} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{95b92d92-8b7d-4a19-a3f1-43113b4dbcaf} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Installer\Features\e5a579d1621164f44a32148791436ae3 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Installer\Products\e5a579d1621164f44a32148791436ae3 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Installer\UpgradeCodes\b0f0eb6ec578ec54f90b6fcd03d7dd95 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\b0f0eb6ec578ec54f90b6fcd03d7dd95 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02705fd89352ce24bab275ac5589e38c (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\06b0d94320dd05a4e9db282f94c0da38 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1109202cdba16ca419000caf22dc3cf9 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18013dbed0b359542a12fafbe579cb03 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19c4600189189494f8da9315e398ea48 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1cef2348a925d32489049bc015a2fbda (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1e259ce5965475e4ab3a1200c49ccf35 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22f45360de7c90b439a645289cf9b2dd (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2452f2cd3177189479b39659a8ae88fc (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2677411f68e73a14b94ea51766ac0760 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2cc4fa804bfd0a041b857d16afecdb18 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\354306b5fc152ed4995417b24a4297c3 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4978f13e5121802419cea3ad9ee8451e (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5134055961694d94ab0f6d6b58b60cca (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5f0155814f886004495da93f7b7f6c7f (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5f15b616e5327c148a68625cb0b90c98 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6b1d2633a813ea645a5b4b57d73edeac (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6c07fc781abbbeb41a95822938168847 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\746d1df045c9e4c49b480d77d5d41737 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7bd319c63e0f4fe4b8da3232a14c4aad (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8a5f96a30e6bb874693cb43a636903fd (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8c6ff01e712e0b04b8aba6074b0f4656 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8db5173d5b5d0f04fb5132b9383dcbe3 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90cf330d92424144186ed821bc6fd291 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\913971928d8605c40879db575b7a7c4b (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\92430752a00fa6748b9782e647d1d2a8 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98a12ed2f6ef15746866d10403464f8a (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\991b13f7bf5972e40ac7059929ecfba0 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9dc359691a7a8af49a18461e15b4af0a (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\a3f615493ae24294e9e2a8091c557d40 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\b5bd0354b4cc2e34786929405276f8b2 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\b7e05f91ec77f73439fab74946182c65 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\baa4e39c82b6ff54da2ff843bd7f68d2 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\bb5f2c7ed86329349bf6c4c455476cef (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\bd9619b7eef775948a4ee131b16fccd8 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\c33adbfa7b15a9947a8bc54299b85da5 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\c762a014430216b44a4d962ce9bdff7b (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\c7a9b7138e9a75b439ec09153ceacc40 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\d2c0c17a2e0bc2849b0d2a0edf5743b2 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\d2f71258b0760d94f92cc1bc754b71bf (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\f28578ee4f61e5e4aa992ae68c1bedd3 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\f4808d2fd10ccef49bc57b6c533cd553 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\f572404d07a14014093fb02b74bcba69 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\fa280f294852ebb4c800e7986ea0af04 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\fd46ff488efb9cb42ad7d5c8b3bc7c8c (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\fdfb031c7df8e634dbe3d73820d80adc (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\e5a579d1621164f44a32148791436ae3 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1d975a5e-1126-4f46-a423-41781934a63e} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Casino King (Adware.Casino) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Casino King (Adware.Casino) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Casino King (Adware.Casino) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\JuicyAccess Toolbar (Adware.DoubleD) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> No action taken.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> No action taken.

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9} (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\15D3A7BB (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\15D3A7BB\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\24618E3F (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\24618E3F\611F5CA (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\29A73ACD (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\29A73ACD\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\2A3DCDAF (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\2A3DCDAF\611F5CA (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\36F1A852 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\36F1A852\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\3FA86A06 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\3FA86A06\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\4DAC9037 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\4DAC9037\611F5CA (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\4F73E13A (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\4F73E13A\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\50EF6DF6 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\50EF6DF6\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\51B9750F (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\51B9750F\611F5CA (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\6216A4BD (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\6216A4BD\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\62404B3E (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\62404B3E\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\628759C1 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\628759C1\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\69E6D3E5 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\69E6D3E5\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\879169BE (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\879169BE\611F5CA (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\9B242A8C (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\9B242A8C\611F5CA (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\A26F7F7 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\A26F7F7\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\A53562F1 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\A53562F1\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\B3AC8875 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\B3AC8875\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\B75FA91E (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\B75FA91E\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\BED3DEFB (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\BED3DEFB\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\C3C6C2CD (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\C3C6C2CD\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\C41B8701 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\C41B8701\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\C90EEF64 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\C90EEF64\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\CC8FDF08 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\CC8FDF08\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\CE8732D (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\CE8732D\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\D5797E3B (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\D5797E3B\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\EB91CE86 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\EB91CE86\3E688669 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\F0A80E14 (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\F0A80E14\5702F56C (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mIDEFunc.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mIDEWriteReg.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mMSI.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920 (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Cache (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Skins (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.0.840 (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.0.840\Data (Adware.DoubleD) -> No action taken.

Infikované soubory:
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\stb0.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.0.840\ssd.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\AIMActiveXDLL.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\AxGifAnimator.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\HookAPINT.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\MyDll.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\OEActiveXDLL.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Riched20Smiley.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\stbAol.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\stbappHelper.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\stbasst.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\stbdl.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\stbIE.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\stbMsn.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\stbOL.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\stbOLEX.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\stbYahoo8.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\stbYahoo9.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\15D3A7BB\3E688669\stbappHelper.exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\29A73ACD\3E688669\stb0.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\36F1A852\3E688669\MyDll.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\3FA86A06\3E688669\HookAPINT.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\4F73E13A\3E688669\stbapp.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\50EF6DF6\3E688669\Riched20Smiley.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\6216A4BD\3E688669\stbYahoo8.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\628759C1\3E688669\stbOLEX.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\69E6D3E5\3E688669\stbapp.exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\A26F7F7\3E688669\stbOL.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\A53562F1\3E688669\AIMActiveXDLL.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\B3AC8875\3E688669\stbMsn.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\B75FA91E\3E688669\stbsvc.exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\BED3DEFB\3E688669\stbasst.exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\C3C6C2CD\3E688669\stbIE.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\C41B8701\3E688669\stbAol.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\C90EEF64\3E688669\AxGifAnimator.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\CC8FDF08\3E688669\OEActiveXDLL.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\CE8732D\3E688669\ProductInfo.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\D5797E3B\3E688669\stbYahoo9.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\EB91CE86\3E688669\stbdl.exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\ProductInfo.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\SSD.exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\stbpx.exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\stbreaim.exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\stbrewlm.exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\stbrunwlm.exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\stbsh.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\stbterm.exe (Adware.DoubleD) -> No action taken.
C:\Users\lucinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\DoubleD\JuicyAccess Toolbar\4.1.4.20920\bin\stbup.exe (Adware.DoubleD) -> No action taken.
C:\Users\lucinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\productinfo.dll (Adware.DoubleD) -> No action taken.
C:\Users\lucinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\Setup.exe (Adware.DoubleD) -> No action taken.
C:\Users\lucinka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\stbup.exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\instance.dat (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\mia.lib (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\Setup.dat (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\Setup.exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\Setup.msi (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\Setup.par (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\Setup.res (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\{1D975A5E-1126-4F46-A423-41781934A63E} (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\{5EA804FD-5E7A-4405-A638-CAFBD22489D9} (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\24618E3F\611F5CA\Microsoft.VC80.MFC.manifest (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\2A3DCDAF\611F5CA\SkinCrafterDll.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\4DAC9037\611F5CA\gdiplus.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\62404B3E\3E688669\FFToolbar.xml (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\879169BE\611F5CA\mfc80.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\F0A80E14\5702F56C\home.juicyaccess.com.url (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\mFileBagEXE.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\AdwareSetup.exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\cfcpxlog.mx (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\FFToolbar.xpi (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\libiconv2.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\libintl3.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\MsiZap.Exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\msvcp60.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\pixel.mx (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\ProductInfo.mx (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\setup.exe (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\sqlite3.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\tbcore.mx (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mFileBagIDE.dll\bag\tre4.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mIDEFunc.dll\mEXEFunc.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mIDEWriteReg.dll\mEXEWriteReg.dll (Adware.DoubleD) -> No action taken.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\OFFLINE\mMSI.dll\mMSIExec.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\gdiplus.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\mfc80.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Microsoft.VC80.MFC.manifest (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\SkinCrafterDll.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Cache\01c9eb2893468d1fba80553d2b75bd30.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Cache\867b44b1158783875052f103c3a2f11a.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Cache\bc83ac54dd36e7479704363c8fbd7e43.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Cache\c14631dd1d688aa0ae8e9c9dd396c653.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Cache\default1.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Cache\loading.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Cache\loading.gif (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\Module_DailyVideo.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\Module_Game.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\Module_Logo.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\Module_Option.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\Module_Search.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\Module_Wallpaper.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\Module_Web.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\pixel.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\ProductInfo.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\profile.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\SearchEngineList.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\tbcore.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\ToolbarLayout.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\UpdateCentre.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\UpdateCentreBk.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\About.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\Component_ComboBox.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\Module_Game.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\Module_Logo.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\Module_Option.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\Module_Search.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\Module_Smiley.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\Module_Web.mg (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnDefault.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnDisplay.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnGlitters.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnOption.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnSmiley.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnTellFd.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnWink.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnWink.png (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Skins\myskin1.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Skins\myskin2.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Skins\myskin3.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Skins\myskin4.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Skins\TellafriendSkin.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\JuicyAccess Toolbar\4.1.4.20920\Skins\ToastSkin.skf (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.0.840\unins000.dat (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.0.840\unins000.exe (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.0.840\Data\eacore.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.0.840\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.0.840\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
C:\Users\lucinka\Favorites\home.juicyaccess.com.url (Adware.DoubleD) -> No action taken.

[motji]

Vše smažte co mbam našel.

Pak poprosím o nový log ze Rsitu.
Máte dva antiviry - Avast a Norton, jeden odinstalujte.
Jak to vypadá s počítačem?

[pidalka]

počítač vypadá mnohem líp žádný spat a i IE běhalo dobře.
Takže ještě nový log z RSIT:


Logfile of random's system information tool 1.06 (written by random/random)
Run by lucinka at 2010-02-04 10:45:49
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 75 GB (52%) free of 144 GB
Total RAM: 2046 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:46:23, on 4.2.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\lucinka\Desktop\RSIT.exe
C:\Program Files\trend micro\lucinka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345} - https://www-secure.symantec.com/techsup ... gctlcm.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{621D6D99-255D-4BBC-BCC3-B478B3D543D2}: NameServer = 213.226.224.12,194.213.224.1
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9304 bytes

======Scheduled tasks folder======

C:\Windows\tasks\HPCeeScheduleForlucinka.job
C:\Windows\tasks\User_Feed_Synchronization-{D0774B5A-4964-43B1-BDE3-6D89D13484CB}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-07-17 691656]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-09-30 181544]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-19 202032]
"OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-09-04 554320]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-08-16 218408]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-09-13 480560]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-08 311296]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-07-12 132496]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-04 13556256]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-04 92704]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2008-10-19 243072]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-11-16 172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-02-03 23:59:50 ----SHD---- C:\Config.Msi
2010-02-03 17:55:23 ----D---- C:\Users\lucinka\AppData\Roaming\Malwarebytes
2010-02-03 17:55:14 ----D---- C:\ProgramData\Malwarebytes
2010-02-03 17:55:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-03 17:33:36 ----SHD---- C:\$RECYCLE.BIN
2010-02-03 17:33:25 ----A---- C:\ComboFix.txt
2010-02-03 17:00:10 ----A---- C:\Windows\NIRCMD.exe
2010-02-03 17:00:10 ----A---- C:\Windows\MBR.exe
2010-02-03 17:00:09 ----A---- C:\Windows\PEV.exe
2010-02-03 17:00:08 ----A---- C:\Windows\zip.exe
2010-02-03 17:00:08 ----A---- C:\Windows\SWREG.exe
2010-02-03 17:00:08 ----A---- C:\Windows\sed.exe
2010-02-03 17:00:08 ----A---- C:\Windows\grep.exe
2010-02-03 17:00:07 ----A---- C:\Windows\SWSC.exe
2010-02-03 16:59:14 ----D---- C:\Windows\ERDNT
2010-02-03 16:56:45 ----D---- C:\ComboFix
2010-02-03 16:53:38 ----D---- C:\Qoobox
2010-02-03 16:53:08 ----A---- C:\Windows\SWXCACLS.exe
2010-02-03 16:28:41 ----D---- C:\Program Files\trend micro
2010-02-03 16:28:26 ----D---- C:\rsit
2010-02-03 15:45:18 ----D---- C:\Program Files\Mozilla Firefox
2010-01-29 17:38:23 ----A---- C:\Windows\system32\jscript.dll
2010-01-29 12:44:25 ----A---- C:\Windows\system32\occache.dll
2010-01-29 12:44:24 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-29 12:44:24 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-29 12:44:24 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-29 12:44:24 ----A---- C:\Windows\system32\iepeers.dll
2010-01-29 12:44:23 ----A---- C:\Windows\system32\ieui.dll
2010-01-29 12:44:22 ----A---- C:\Windows\system32\iesetup.dll
2010-01-29 12:44:22 ----A---- C:\Windows\system32\iernonce.dll
2010-01-29 12:44:21 ----A---- C:\Windows\system32\wininet.dll
2010-01-29 12:44:21 ----A---- C:\Windows\system32\msfeedssync.exe
2010-01-29 12:44:21 ----A---- C:\Windows\system32\ie4uinit.exe
2010-01-29 12:44:20 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-29 12:44:20 ----A---- C:\Windows\system32\iesysprep.dll
2010-01-29 12:44:20 ----A---- C:\Windows\system32\iertutil.dll
2010-01-29 12:44:20 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-29 12:44:19 ----A---- C:\Windows\system32\urlmon.dll
2010-01-29 12:44:16 ----A---- C:\Windows\system32\mshtml.dll
2010-01-29 12:44:16 ----A---- C:\Windows\system32\ieframe.dll
2010-01-29 12:41:23 ----A---- C:\Windows\system32\mshtmler.dll
2010-01-29 12:41:23 ----A---- C:\Windows\system32\mshtmled.dll
2010-01-29 12:41:23 ----A---- C:\Windows\system32\icardie.dll
2010-01-29 12:41:23 ----A---- C:\Windows\system32\admparse.dll
2010-01-29 12:41:22 ----A---- C:\Windows\system32\msls31.dll
2010-01-29 12:41:21 ----A---- C:\Windows\system32\corpol.dll
2010-01-29 12:41:19 ----A---- C:\Windows\system32\ieakeng.dll
2010-01-29 12:41:18 ----A---- C:\Windows\system32\imgutil.dll
2010-01-29 12:41:18 ----A---- C:\Windows\system32\dxtrans.dll
2010-01-29 12:41:18 ----A---- C:\Windows\system32\dxtmsft.dll
2010-01-29 12:41:17 ----A---- C:\Windows\system32\licmgr10.dll
2010-01-29 12:41:17 ----A---- C:\Windows\system32\inseng.dll
2010-01-29 12:41:16 ----A---- C:\Windows\system32\webcheck.dll
2010-01-29 12:41:16 ----A---- C:\Windows\system32\msrating.dll
2010-01-29 12:41:16 ----A---- C:\Windows\system32\ieaksie.dll
2010-01-29 12:41:15 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-01-29 12:41:15 ----A---- C:\Windows\system32\wextract.exe
2010-01-29 12:41:15 ----A---- C:\Windows\system32\mstime.dll
2010-01-29 12:41:15 ----A---- C:\Windows\system32\ieakui.dll
2010-01-29 12:41:14 ----A---- C:\Windows\system32\pngfilt.dll
2010-01-29 12:41:14 ----A---- C:\Windows\system32\advpack.dll
2010-01-29 12:41:13 ----A---- C:\Windows\system32\vbscript.dll
2010-01-29 12:41:13 ----A---- C:\Windows\system32\ieapfltr.dll
2010-01-29 12:41:12 ----A---- C:\Windows\system32\url.dll
2010-01-29 12:41:10 ----A---- C:\Windows\system32\mshta.exe
2010-01-29 12:41:10 ----A---- C:\Windows\system32\iexpress.exe
2010-01-29 12:41:09 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-01-29 12:41:09 ----A---- C:\Windows\system32\SetDepNx.exe
2010-01-29 12:41:09 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-01-29 12:41:09 ----A---- C:\Windows\system32\PDMSetup.exe
2010-01-14 19:42:53 ----A---- C:\Windows\system32\t2embed.dll
2010-01-14 19:42:53 ----A---- C:\Windows\system32\fontsub.dll

======List of files/folders modified in the last 1 months======

2010-02-04 10:46:02 ----D---- C:\Windows\Prefetch
2010-02-04 10:45:54 ----D---- C:\Windows\Temp
2010-02-04 00:38:41 ----RD---- C:\Program Files
2010-02-04 00:38:41 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-02-04 00:37:42 ----D---- C:\Windows
2010-02-04 00:10:41 ----SHD---- C:\Windows\Installer
2010-02-04 00:10:07 ----D---- C:\Windows\system32\drivers
2010-02-04 00:09:56 ----D---- C:\ProgramData\Symantec
2010-02-04 00:09:22 ----D---- C:\Windows\system32\catroot
2010-02-04 00:09:22 ----D---- C:\Windows\inf
2010-02-04 00:08:30 ----D---- C:\Program Files\Common Files
2010-02-04 00:04:32 ----RSD---- C:\Windows\assembly
2010-02-04 00:01:19 ----D---- C:\Windows\Tasks
2010-02-03 23:46:38 ----D---- C:\Windows\System32
2010-02-03 23:46:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-03 23:38:35 ----D---- C:\Windows\Options
2010-02-03 23:38:17 ----D---- C:\ProgramData
2010-02-03 17:26:13 ----A---- C:\Windows\system.ini
2010-02-03 17:12:34 ----D---- C:\Windows\AppPatch
2010-02-03 15:50:58 ----D---- C:\Users\lucinka\AppData\Roaming\ICQ
2010-02-03 15:46:05 ----D---- C:\Users\lucinka\AppData\Roaming\Mozilla
2010-02-03 14:27:39 ----SHD---- C:\System Volume Information
2010-01-31 14:34:20 ----D---- C:\Windows\rescache
2010-01-30 08:39:24 ----D---- C:\Windows\winsxs
2010-01-29 17:35:20 ----D---- C:\Windows\system32\catroot2
2010-01-29 13:01:46 ----D---- C:\Windows\system32\migration
2010-01-29 13:01:46 ----D---- C:\Program Files\Internet Explorer
2010-01-29 13:01:45 ----D---- C:\Windows\system32\cs-CZ
2010-01-29 13:01:43 ----D---- C:\Windows\system32\en-US
2010-01-29 13:01:43 ----D---- C:\Windows\PolicyDefinitions
2010-01-19 19:41:13 ----D---- C:\Program Files\Windows Mail
2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-05 19:22:53 ----D---- C:\Program Files\ICQ6.5
2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-12-06 761856]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-09-10 19456]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-09-10 29184]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-09-18 80424]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-09-18 80936]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-09-18 16168]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-01-25 25280]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-07 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-04 7606688]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-19 49664]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 aqxcf1to;aqxcf1to; C:\Windows\system32\drivers\aqxcf1to.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-09-10 220160]
S3 catchme;catchme; \??\C:\Users\lucinka\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-09-09 176640]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-04 203296]
R2 PnkBstrA;PunkBuster; C:\Program Files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe [2007-08-15 63040]
R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-09-30 271760]
R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-09-30 112016]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-03-03 33176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

[motji]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Folder::
C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\ICQ6Toolbar
Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=-
"{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=- 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes Anti-Malware (reboot)"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
DDS::
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[pidalka]

tady je..

ComboFix 10-02-02.08 - lucinka 04.02.2010 14:45:45.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.420.1029.18.2046.1378 [GMT 1:00]
Spuštěný z: c:\users\lucinka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\lucinka\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090530-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1335 [VPS 090530-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\program files\DAEMON Tools Toolbar\DTToolbar.dll
c:\program files\DAEMON Tools Toolbar\Resources\about.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.png
c:\program files\DAEMON Tools Toolbar\Resources\astro.ico
c:\program files\DAEMON Tools Toolbar\Resources\b1.bmp
c:\program files\DAEMON Tools Toolbar\Resources\b1.png
c:\program files\DAEMON Tools Toolbar\Resources\BurnImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\cond000.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond001.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond003.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond004.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond005.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond006.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond007.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond008.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond009.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond010.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond011.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond019.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond020.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond021.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond022.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond023.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond024.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond025.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond026.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond037.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond038.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond039.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond040.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond041.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond046.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond048.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond050.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond051.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond052.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond053.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond054.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond055.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond056.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond057.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond058.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond059.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond060.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond061.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond062.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond063.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond064.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond065.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond066.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond067.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond068.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond069.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond075.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond076.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond077.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond078.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond079.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond080.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond084.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond085.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond086.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond087.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond088.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond089.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond090.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond091.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond092.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond093.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond094.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond095.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond108.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond109.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond110.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond111.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond112.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond113.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond120.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond121.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond122.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond126.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond127.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond128.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond129.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond130.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond131.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond132.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond133.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond134.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond135.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond136.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond137.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond138.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond140.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond141.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond142.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond143.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond148.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond149.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond152.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond154.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond155.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond156.gif
c:\program files\DAEMON Tools Toolbar\Resources\cond157.gif
c:\program files\DAEMON Tools Toolbar\Resources\d.ico
c:\program files\DAEMON Tools Toolbar\Resources\d2.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon.ico
c:\program files\DAEMON Tools Toolbar\Resources\ds.ico
c:\program files\DAEMON Tools Toolbar\Resources\dsearch.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt.ico
c:\program files\DAEMON Tools Toolbar\Resources\DTPro.ico
c:\program files\DAEMON Tools Toolbar\Resources\Dwnl.ico
c:\program files\DAEMON Tools Toolbar\Resources\emulation.ico
c:\program files\DAEMON Tools Toolbar\Resources\features.ico
c:\program files\DAEMON Tools Toolbar\Resources\gd.ico
c:\program files\DAEMON Tools Toolbar\Resources\globe.ico
c:\program files\DAEMON Tools Toolbar\Resources\GrabImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\hb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\hb.ico
c:\program files\DAEMON Tools Toolbar\Resources\help.ico
c:\program files\DAEMON Tools Toolbar\Resources\ip.ico
c:\program files\DAEMON Tools Toolbar\Resources\lang.xml
c:\program files\DAEMON Tools Toolbar\Resources\lingvo.ico
c:\program files\DAEMON Tools Toolbar\Resources\m.ico
c:\program files\DAEMON Tools Toolbar\Resources\mail.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\noW.gif
c:\program files\DAEMON Tools Toolbar\Resources\op.ico
c:\program files\DAEMON Tools Toolbar\Resources\pragma.ico
c:\program files\DAEMON Tools Toolbar\Resources\prev.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prod.ico
c:\program files\DAEMON Tools Toolbar\Resources\refresh.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Rss.ico
c:\program files\DAEMON Tools Toolbar\Resources\Rss1.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssClose.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rssOpen.ico
c:\program files\DAEMON Tools Toolbar\Resources\size.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\skins.ico
c:\program files\DAEMON Tools Toolbar\Resources\spt.ico
c:\program files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
c:\program files\DAEMON Tools Toolbar\Resources\time.ico
c:\program files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
c:\program files\DAEMON Tools Toolbar\Resources\toolbar.xml
c:\program files\DAEMON Tools Toolbar\Resources\trans.ico
c:\program files\DAEMON Tools Toolbar\Resources\Trash.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\u.ico
c:\program files\DAEMON Tools Toolbar\Resources\wb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wi.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi0.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi1.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi10.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi11.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi12.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi13.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi2.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi3.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi4.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi5.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi6.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi7.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi8.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi9.ico
c:\program files\DAEMON Tools Toolbar\uninst.exe
c:\program files\ICQ6.5\ICQLRun.exe
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ICQ Service


((((((((((((((((((((((((( Soubory vytvořené od 2010-01-04 do 2010-02-04 )))))))))))))))))))))))))))))))
.

2010-02-04 14:00 . 2010-02-04 14:06 -------- d-----w- c:\users\lucinka\AppData\Local\temp
2010-02-04 14:00 . 2010-02-04 14:00 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-02-04 14:00 . 2010-02-04 14:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-04 13:28 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-04 13:28 . 2010-02-04 13:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-04 13:28 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-03 16:55 . 2010-02-03 16:55 -------- d-----w- c:\users\lucinka\AppData\Roaming\Malwarebytes
2010-02-03 16:55 . 2010-02-03 16:55 -------- d-----w- c:\programdata\Malwarebytes
2010-02-03 15:28 . 2010-02-03 15:29 -------- d-----w- C:\rsit
2010-02-03 14:45 . 2010-02-03 14:45 -------- d-----w- c:\users\lucinka\AppData\Local\Mozilla
2010-01-29 11:41 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll
2010-01-14 18:42 . 2009-10-19 14:27 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-14 18:42 . 2009-10-19 14:24 72704 ----a-w- c:\windows\system32\fontsub.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-04 14:01 . 2008-04-17 16:41 836 ----a-w- c:\windows\bthservsdp.dat
2010-02-04 13:59 . 2009-07-14 14:55 -------- d-----w- c:\program files\ICQ6.5
2010-02-04 13:44 . 2008-02-26 01:24 598838 ----a-w- c:\windows\system32\perfh005.dat
2010-02-04 13:44 . 2008-02-26 01:24 115014 ----a-w- c:\windows\system32\perfc005.dat
2010-02-03 23:38 . 2008-02-25 17:20 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-02-03 23:09 . 2008-02-25 17:20 -------- d-----w- c:\programdata\Symantec
2010-02-03 14:52 . 2009-02-06 07:11 28029 ----a-w- c:\programdata\nvModes.dat
2010-02-03 14:50 . 2008-09-10 19:26 -------- d-----w- c:\users\lucinka\AppData\Roaming\ICQ
2010-01-19 18:41 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-14 10:12 . 2009-10-03 18:36 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-02 06:38 . 2010-01-29 11:44 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-29 11:44 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-29 11:44 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-29 11:44 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-19 12:15 . 2009-12-19 12:15 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-11-09 13:22 . 2009-12-13 21:04 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 13:20 . 2009-12-13 21:04 31232 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 11:04 . 2009-12-13 21:04 411136 ----a-w- c:\windows\system32\drivers\http.sys
2009-11-07 13:33 . 2009-11-07 13:33 1961720 ----a-w- c:\users\lucinka\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2008-02-26 01:52 . 2008-02-26 01:41 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-19 2153472]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2008-10-19 243072]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-09-30 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-16 218408]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-03 36352]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-04 92704]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [1.4.2009 10:04 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [1.4.2009 10:04 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [1.4.2009 10:03 51792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-08-23 15:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-01-26 c:\windows\Tasks\HPCeeScheduleForlucinka.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-02-25 10:58]

2010-02-04 c:\windows\Tasks\User_Feed_Synchronization-{D0774B5A-4964-43B1-BDE3-6D89D13484CB}.job
- c:\windows\system32\msfeedssync.exe [2010-01-29 04:56]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://mystart.incredimail.com/english/
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: {621D6D99-255D-4BBC-BCC3-B478B3D543D2} = 213.226.224.12,194.213.224.1
FF - ProfilePath - c:\users\lucinka\AppData\Roaming\Mozilla\Firefox\Profiles\99sq4urz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-04 15:05
Windows 6.0.6001 Service Pack 1 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x84A191F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x87fa8322
\Driver\ACPI -> acpi.sys @ 0x80741d4c
\Driver\atapi -> 0x84a191f8
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(5136)
c:\program files\IncrediMail\bin\B4ImApp.dll
c:\windows\system32\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\conime.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\windows\System32\rundll32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\IncrediMail\bin\IMApp.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
.
**************************************************************************
.
Celkový čas: 2010-02-04 15:17:08 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-04 14:17
ComboFix2.txt 2010-02-03 16:33

Před spuštěním: Volných bajtů: 79 504 539 648
Po spuštění: Volných bajtů: 79 315 357 696

- - End Of File - - EC14135B18075EE353723233D6D84BCF

[motji]

Jak to vypadá s počítačem ted?

Používáte Daemon nebo alcohol?