Často (téměř vždy) se stává, že po zasunutí flešky mi kaspersky hlásí že na flešce jsou trojani v souborech autorun a nějakých dalších souborech .exe, které se vždy jmenujou jinak a jsou v kořenovém adresáři na flešce. Ty soubory se tam podle mě tvoří nějak náhodně.
Nevím jestli v mém počítači nemám nějakou havěť a ta mi infikuje flešky, protože je to pořád dokola a nemůžu se toho zbavit.
Proto zde vkládám svůj log a prosím o kontrolu.
Díky
Logfile of random's system information tool 1.06 (written by random/random)
Run by Honza at 2010-03-09 15:08:15
Microsoft« Windows VistaÖ Ultimate Service Pack 1
System drive C: has 9 GB (6%) free of 150 GB
Total RAM: 2559 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:08:22, on 9.3.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
C:\Program Files (x86)\CyberLink\Shared Files\brs.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\totalcmd\TOTALCMD.EXE
D:\RSIT.exe
C:\Program Files (x86)\trend micro\Honza.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Pomocnß slu×ba pro p°ihlßÜenÝ ke slu×bý Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATKMEDIA] "C:\Program Files (x86)\ASUS\ATK Media\DMEDIA.EXE"
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] "C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: CCC.lnk = ?
O4 - Startup: Lingea Update Center.lnk = C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: P°evÚst cÝl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: P°evÚst do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: P°idat do Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: P°ipojit cÝl vazby k existujÝcÝmu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: P°ipojit k existujÝcÝmu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: &VirtußlnÝ klßvesnice - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: &Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - C:\Program Files (x86)\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2009\RpcAgentSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Unknown owner - C:\Windows\System32\StkCSrv.exe (file missing)
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Slu×ba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12906 bytes
======Scheduled tasks folder======
C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\Ad-Aware Update (Daily 1).job
C:\Windows\tasks\Ad-Aware Update (Daily 2).job
C:\Windows\tasks\Ad-Aware Update (Daily 3).job
C:\Windows\tasks\Ad-Aware Update (Daily 4).job
C:\Windows\tasks\Ad-Aware Update (Weekly).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocnß slu×ba pro p°ihlßÜenÝ ke slu×bý Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21 349640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-08-27 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21 349640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-12-21 349640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"RemoteControl8"=C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
"PDVD8LanguageShortcut"=C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"BDRegion"=C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [2008-10-27 91432]
"AdobeCS4ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2009-03-11 611712]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2009-12-21 640440]
"Adobe_ID0ENQBO"=C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE [2008-08-15 378224]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2007-10-19 286720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-18 1555968]
""= []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"AlcoholAutomount"=C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe [2007-08-01 222592]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 138240]
"AnyDVD"=C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [2009-03-19 2300864]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CCC.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Lingea Update Center.lnk - C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"ForceActiveDesktopOn"=
"NoActiveDesktopChanges"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21f4a992-bd52-11de-ad7c-0018f32faa1c}]
shell\AutoRun\command - G:\ej10fkdo.bat
shell\open\command - G:\ej10fkdo.bat
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{384f5868-d058-11dd-a7d3-0018f32faa1c}]
shell\AutoRun\command - G:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e393fbc3-2c2e-11de-8c47-0018f32faa1c}]
shell\AutoRun\command - G:\WDSetup.exe
======File associations======
.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2010-03-09 15:08:15 ----D---- C:\rsit
2010-03-02 14:42:22 ----A---- C:\Windows\system32\jscript.dll
2010-03-02 14:41:44 ----A---- C:\Windows\system32\tzres.dll
2010-03-02 14:40:49 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-03-02 14:40:49 ----A---- C:\Windows\system32\RMActivate.exe
2010-03-02 14:40:47 ----A---- C:\Windows\system32\secproc.dll
2010-03-02 14:40:47 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-03-02 14:40:47 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-03-02 14:40:46 ----A---- C:\Windows\system32\secproc_isv.dll
2010-03-02 14:40:43 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-03-02 14:40:43 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-03-02 14:40:43 ----A---- C:\Windows\system32\msdrm.dll
2010-02-14 11:13:12 ----D---- C:\ProgramData\ACD Systems
2010-02-10 14:15:39 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 14:15:35 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 14:15:34 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 14:15:34 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 14:15:33 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 14:15:33 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 14:15:32 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 14:15:32 ----A---- C:\Windows\system32\avicap32.dll
2010-02-10 14:15:31 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-10 14:15:31 ----A---- C:\Windows\system32\avifil32.dll
======List of files/folders modified in the last 1 months======
2010-03-09 15:08:22 ----D---- C:\Windows\Temp
2010-03-09 15:08:22 ----D---- C:\Windows\Prefetch
2010-03-09 15:08:18 ----D---- C:\Program Files (x86)\trend micro
2010-03-09 15:07:32 ----D---- C:\Windows\Tasks
2010-03-09 15:04:50 ----D---- C:\ProgramData\Kaspersky Lab
2010-03-09 15:03:59 ----AD---- C:\Windows
2010-03-09 14:56:18 ----D---- C:\Windows\System32
2010-03-09 14:56:18 ----D---- C:\Windows\inf
2010-03-09 14:37:46 ----D---- C:\Rapidshare
2010-03-09 14:17:16 ----SHD---- C:\System Volume Information
2010-03-09 14:01:20 ----A---- C:\Windows\NeroDigital.ini
2010-03-03 22:53:03 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2010-03-03 21:55:53 ----D---- C:\Users\Honza\AppData\Roaming\skypePM
2010-03-02 19:31:37 ----D---- C:\Windows\rescache
2010-03-02 18:08:18 ----D---- C:\Windows\SysWOW64
2010-03-02 18:08:18 ----D---- C:\Windows\system32\cs-CZ
2010-03-02 18:08:08 ----RSD---- C:\Windows\Fonts
2010-03-02 14:49:32 ----D---- C:\Windows\winsxs
2010-02-14 11:15:07 ----SHD---- C:\Windows\Installer
2010-02-14 11:13:24 ----D---- C:\Program Files (x86)\Common Files\ACD Systems
2010-02-14 11:13:12 ----HD---- C:\ProgramData
2010-02-10 17:21:34 ----D---- C:\Program Files (x86)\Windows Mail
2010-02-10 14:21:40 ----D---- C:\Windows\Debug
2010-02-10 14:20:45 ----D---- C:\ProgramData\Microsoft Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys []
R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys []
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys []
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys []
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys []
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [2008-02-01 32240]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2009-06-04 86584]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys []
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2008-12-02 119744]
R3 CmBatt;OvladaŔ baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys []
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys []
R3 NETw3v64;OvladaŔ adaptÚru Intel(R) PRO/Wireless 3945ABG pro Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw3v64.sys []
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys []
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys []
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 toshidpt;Bluetooth HID Port; C:\Windows\system32\drivers\Toshidpt.sys []
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys []
R3 Tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys []
R3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys []
R3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys []
R3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys []
R3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys []
R3 WCPU;WCPU; \??\C:\Program Files\P4G\WCPU.sys [2006-12-21 12656]
S1 eusk2par;EUTRON SmartKey Parallel Driver; \??\C:\Windows\system32\Drivers\eusk2par.sys [2004-11-18 24786]
S2 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Users\Honza\AppData\Local\Temp\HWInfo\HWiNFO64A.SYS []
S3 agvbyyh3;agvbyyh3; C:\Windows\system32\drivers\agvbyyh3.sys []
S3 BthEnum;OvladaŔ pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys []
S3 BthPan;Za°ÝzenÝ Bluetooth (sÝŁ PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;OvladaŔ portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;OvladaŔ rozhranÝ USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 drmkaud;DekodÚr zvuk¨ DRM jßdra spoleŔnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys []
S3 HdAudAddService;OvladaŔ funkce Microsoft 1.1 UAA pro slu×bu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
S3 MMIOPORT;MMIOPORT; \??\C:\Windows\system32\drivers\MMIOPORT.sys [2000-03-03 7424]
S3 MSKSSRV;Server proxy slu×by datovřch proud¨ Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Server proxy hodin datovřch proud¨ Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Server proxy sprßvce kvality datovřch proud¨ Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Konvertor jÝmka-jÝmka typu T datovřch proud¨ Microsoft; C:\Windows\system32\drivers\MSTEE.sys []
S3 NETw4v64;OvladaŔ adaptÚru Intel(R) Wireless WiFi Link pro systÚm Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw4v64.sys []
S3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw5v64.sys []
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys []
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys []
S3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RFCOMM;Za°ÝzenÝ Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2009\WNt500x64\Sandra.sys [2008-07-29 22432]
S3 SIVDRIVER;SIV Kernel Driver; \??\C:\Windows\system32\Drivers\SIVX64.sys []
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usb_rndisx;AdaptÚr USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys []
S3 usbscan;OvladaŔ skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys []
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys []
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\Windows\system32\DRIVERS\wceusbsh.sys []
S3 WINUSB;OvladaŔ WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ATK Hotkey\ASLDRSrv.exe [2007-02-05 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe []
R2 AVP;Kaspersky Internet Security; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
R2 BBDemon;Backbone Service; C:\Program Files (x86)\Dassault Systemes\B18\intel_a\code\bin\CATSysDemon.exe [2007-07-03 36864]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-02-05 1181328]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe []
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-02 153088]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe []
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 2297216]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2009-03-12 288112]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-26 85096]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-06-04 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-04 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-18 19968]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2009\RpcAgentSrv.exe [2008-09-01 98488]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe []
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []
-----------------EOF-----------------
Zapojte do pc všechny 
Nebo si myslíte, že se to zhoršilo právě po jeho použití? 
.
záložka 
Přispějete na provoz fóra?