Dlouhé načítaní windows Vista

[SkillHead]

Ahok Začali se mi dlouho načítat Visty, tak proto prosím o kontrolu. Můj antivir nic nenašel ani Malwarebytes´ Anti-Malware a stále se mi to nezdá, tak prosím o kontrolu, moc děkuju
Logfile of random's system information tool 1.06 (written by random/random)
Run by Junior at 2010-03-21 08:09:08
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 163 GB (53%) free of 305 GB
Total RAM: 2046 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:09:28, on 21.3.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Junior\Program Files\DNA\btdna.exe
C:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Junior\Desktop\RSIT.exe
C:\Program Files\trend micro\Junior.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Junior\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Junior\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Junior\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Pando Media Booster] "C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe

--
End of file - 10854 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AWC AutoSweep.job
C:\Windows\tasks\AWC Update.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-273610277-679555191-1394931262-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-273610277-679555191-1394931262-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2008-09-24 756840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-02-28 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll [2009-12-10 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL [2009-11-17 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\Junior\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-03-16 149968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-08-08 691656]

{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-02-28 798771]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll [2009-12-10 394608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]
"TrojanScanner"=C:\Program Files\Trojan Remover\Trjscan.exe [2010-03-13 1070984]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=c:\program files\steam\steam.exe [2010-03-14 1217872]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
"BitTorrent DNA"=C:\Users\Junior\Program Files\DNA\btdna.exe [2009-11-07 323392]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2009-05-06 2920264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
C:\Windows\JM\JMInsIDE.exe [2006-10-30 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RAM Idle Professional]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoToolbarCustomize"=0
"NoBandCustomize"=0
"NoResolveSearch"=1
"NoResolveTrack"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoToolbarCustomize"=
"NoBandCustomize"=
"NoDriveTypeAutoRun"=
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8cee052a-8b44-11dd-8380-001fc608264c}]
shell\AutoRun\command - I:\Razor1911_Installer.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-03-21 08:09:10 ----D---- C:\Program Files\trend micro
2010-03-21 08:09:08 ----D---- C:\rsit
2010-03-21 07:55:11 ----A---- C:\Windows\ntbtlog.txt
2010-03-20 22:38:35 ----A---- C:\Windows\system32\imageres.dll
2010-03-20 22:37:48 ----D---- C:\ProgramData\Stardock
2010-03-20 22:37:40 ----D---- C:\Program Files\Stardock
2010-03-20 22:25:33 ----D---- C:\Program Files\Xobni
2010-03-20 22:24:18 ----D---- C:\Users\Junior\AppData\Roaming\OpenCandy
2010-03-20 22:08:50 ----D---- C:\Program Files\RivaTuner v2.23
2010-03-20 20:39:33 ----D---- C:\Qoobox
2010-03-20 18:19:57 ----D---- C:\Program Files\CleanMyPC
2010-03-20 18:06:24 ----D---- C:\Users\Junior\AppData\Roaming\CleanMyPC Software
2010-03-20 17:52:39 ----D---- C:\Program Files\Advanced Registry Doctor
2010-03-20 11:30:02 ----D---- C:\Program Files\Amic Utilities
2010-03-20 11:22:25 ----D---- C:\Windows\Speeditup Free
2010-03-20 11:22:25 ----D---- C:\Program Files\Speeditup Free
2010-03-20 11:11:30 ----D---- C:\Program Files\Windows Doctor
2010-03-20 08:03:57 ----D---- C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
2010-03-20 08:03:27 ----D---- C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
2010-03-20 07:41:02 ----D---- C:\Program Files\METRO 2033
2010-03-19 19:35:36 ----D---- C:\Program Files\QIP Infium
2010-03-18 13:19:20 ----D---- C:\Windows\LastGood
2010-03-18 13:13:06 ----D---- C:\Windows\LastGood.Tmp
2010-03-17 16:27:35 ----D---- C:\Users\Junior\AppData\Roaming\Uniblue
2010-03-17 16:05:41 ----D---- C:\Users\Junior\AppData\Roaming\DriverCure
2010-03-17 16:05:34 ----D---- C:\ProgramData\ParetoLogic
2010-03-17 16:05:34 ----D---- C:\ProgramData\DriverCure
2010-03-17 16:05:34 ----D---- C:\Program Files\Common Files\ParetoLogic
2010-03-16 17:03:44 ----D---- C:\Program Files\Ventrilo
2010-03-16 16:19:43 ----A---- C:\Windows\system32\TURegOpt.exe
2010-03-16 16:19:42 ----A---- C:\Windows\system32\uxtuneup.dll
2010-03-16 16:19:42 ----A---- C:\Windows\system32\authuitu.dll
2010-03-16 16:19:03 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-03-15 17:49:06 ----A---- C:\Windows\system32\autoscan.dll
2010-03-15 14:52:50 ----D---- C:\Program Files\Yamicsoft
2010-03-15 14:43:45 ----D---- C:\Users\Junior\AppData\Roaming\Smart PC Solutions
2010-03-15 14:43:03 ----D---- C:\Program Files\TweakRAM
2010-03-14 16:25:18 ----D---- C:\ProgramData\PC Optimizer Pro
2010-03-14 16:25:14 ----D---- C:\Program Files\PC Optimizer Pro
2010-03-14 16:02:18 ----A---- C:\Windows\system32\wbhelp2.dll
2010-03-14 16:02:16 ----A---- C:\Windows\system32\W95INF32.DLL
2010-03-14 16:02:16 ----A---- C:\Windows\system32\W95INF16.DLL
2010-03-14 16:02:16 ----A---- C:\Windows\system32\unicows.dll
2010-03-14 16:02:16 ----A---- C:\Windows\system32\anim.dll
2010-03-14 14:14:57 ----D---- C:\Alien vs. Predator 2010
2010-03-14 10:28:55 ----D---- C:\Users\Junior\AppData\Roaming\Tific
2010-03-14 10:28:01 ----D---- C:\Program Files\Symantec
2010-03-14 10:28:01 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-03-14 10:27:46 ----D---- C:\Program Files\Norton Internet Security
2010-03-14 10:27:38 ----D---- C:\Program Files\NortonInstaller
2010-03-14 09:48:38 ----D---- C:\ProgramData\Norton
2010-03-14 09:48:31 ----D---- C:\ProgramData\NortonInstaller
2010-03-13 20:07:26 ----D---- C:\Program Files\QuickTime
2010-03-13 20:07:25 ----D---- C:\ProgramData\Apple Computer
2010-03-13 20:02:42 ----D---- C:\Program Files\Common Files\Apple
2010-03-13 20:02:06 ----D---- C:\Program Files\Apple Software Update
2010-03-13 20:02:05 ----D---- C:\ProgramData\Apple
2010-03-13 15:13:56 ----A---- C:\Windows\system32\NVStWiz.exe
2010-03-13 14:46:41 ----AD---- C:\Guru3D.com
2010-03-13 14:15:37 ----A---- C:\Users\Junior\AppData\Roaming\PStrip.ini
2010-03-13 13:16:38 ----D---- C:\Program Files\AMD
2010-03-13 12:54:55 ----D---- C:\Program Files\Mozilla Firefox
2010-03-13 11:23:56 ----A---- C:\Windows\system32\browserchoice.exe
2010-03-13 09:49:43 ----A---- C:\Windows\system32\ztvunrar36.dll
2010-03-13 09:49:43 ----A---- C:\Windows\system32\ztvunace26.dll
2010-03-13 09:49:43 ----A---- C:\Windows\system32\ztvcabinet.dll
2010-03-13 09:49:43 ----A---- C:\Windows\system32\UNRAR3.dll
2010-03-13 09:49:43 ----A---- C:\Windows\system32\unacev2.dll
2010-03-13 09:49:42 ----D---- C:\Users\Junior\AppData\Roaming\Simply Super Software
2010-03-13 09:49:42 ----D---- C:\Program Files\Trojan Remover
2010-03-11 16:01:31 ----A---- C:\Windows\system32\nshhttp.dll
2010-03-11 16:01:25 ----A---- C:\Windows\system32\httpapi.dll
2010-03-10 21:58:47 ----SHD---- C:\Windows\system32\%APPDATA%
2010-03-10 15:20:23 ----D---- C:\Program Files\Sophos
2010-02-28 10:32:02 ----A---- C:\Windows\WTRDCTM.INI
2010-02-28 10:28:44 ----D---- C:\TRANSLAT
2010-02-28 10:28:39 ----D---- C:\ProgramData\LangSoft
2010-02-28 10:28:28 ----D---- C:\Users\Junior\AppData\Roaming\LangSoft
2010-02-24 18:31:32 ----D---- C:\Program Files\COMODO
2010-02-24 08:48:32 ----DC---- C:\Windows\system32\DRVSTORE
2010-02-24 08:46:25 ----D---- C:\Program Files\Windows Live SkyDrive
2010-02-24 08:38:54 ----D---- C:\Program Files\Common Files\Windows Live
2010-02-24 08:36:50 ----D---- C:\Program Files\Microsoft
2010-02-24 08:06:01 ----A---- C:\Windows\system32\jscript.dll
2010-02-24 08:05:53 ----A---- C:\Windows\system32\tzres.dll
2010-02-24 08:05:10 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-24 08:05:09 ----A---- C:\Windows\system32\secproc.dll
2010-02-24 08:04:51 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-24 08:04:49 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-24 08:04:49 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-24 08:04:48 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-24 08:04:46 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-24 08:04:45 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-24 08:04:44 ----A---- C:\Windows\system32\msdrm.dll
2010-02-24 08:04:39 ----A---- C:\Windows\system32\gameux.dll
2010-02-24 08:04:36 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-02-24 08:04:36 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-02-22 18:39:21 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

======List of files/folders modified in the last 1 months======

2010-03-21 08:09:10 ----RD---- C:\Program Files
2010-03-21 08:09:06 ----D---- C:\Windows\Temp
2010-03-21 08:06:09 ----D---- C:\Users\Junior\AppData\Roaming\DNA
2010-03-21 07:56:37 ----D---- C:\Program Files\Steam
2010-03-21 07:56:17 ----SHD---- C:\Windows\Installer
2010-03-21 07:55:29 ----D---- C:\ProgramData\NVIDIA
2010-03-21 07:55:11 ----D---- C:\Windows
2010-03-21 07:55:06 ----SHD---- C:\System Volume Information
2010-03-20 22:38:35 ----D---- C:\Windows\System32
2010-03-20 22:37:48 ----HD---- C:\ProgramData
2010-03-20 22:35:27 ----D---- C:\Windows\system32\en-US
2010-03-20 22:35:26 ----D---- C:\Windows\system32\cs-CZ
2010-03-20 22:30:11 ----D---- C:\Users\Junior\AppData\Roaming\BitTorrent
2010-03-20 22:26:15 ----D---- C:\Windows\Microsoft.NET
2010-03-20 22:26:03 ----RSD---- C:\Windows\assembly
2010-03-20 22:25:19 ----SD---- C:\Users\Junior\AppData\Roaming\Microsoft
2010-03-20 18:35:40 ----D---- C:\Windows\Tasks
2010-03-20 18:32:10 ----SHD---- C:\Boot
2010-03-20 18:32:10 ----D---- C:\Windows\system32\config
2010-03-20 18:26:12 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-03-20 18:21:01 ----D---- C:\Users\Junior\AppData\Roaming\Skype
2010-03-20 18:20:58 ----D---- C:\Users\Junior\AppData\Roaming\skypePM
2010-03-20 18:09:48 ----AD---- C:\ProgramData\TEMP
2010-03-20 18:02:25 ----D---- C:\Program Files\IObit
2010-03-20 13:08:03 ----D---- C:\Windows\system32\catroot2
2010-03-20 11:32:54 ----D---- C:\Program Files\WinRAR
2010-03-20 08:05:11 ----D---- C:\Windows\inf
2010-03-20 08:03:53 ----D---- C:\Program Files\AGEIA Technologies
2010-03-20 08:03:52 ----D---- C:\Program Files\NVIDIA Corporation
2010-03-20 08:03:22 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-03-20 08:02:40 ----D---- C:\Windows\system32\catroot
2010-03-19 19:59:03 ----D---- C:\Windows\system32\drivers
2010-03-19 19:35:18 ----D---- C:\Users\Junior\AppData\Roaming\ICQ
2010-03-19 13:50:12 ----D---- C:\Users\Junior\AppData\Roaming\SUPERAntiSpyware.com
2010-03-19 13:50:09 ----D---- C:\Program Files\SUPERAntiSpyware
2010-03-18 20:10:06 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-18 12:56:05 ----D---- C:\Users\Junior\AppData\Roaming\IObit
2010-03-17 16:35:48 ----D---- C:\Windows\system32\Tasks
2010-03-17 16:05:34 ----D---- C:\Program Files\Common Files
2010-03-15 18:17:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-14 15:09:20 ----D---- C:\Program Files\Common Files\Steam
2010-03-14 14:37:13 ----D---- C:\Windows\system32\directx
2010-03-14 09:44:45 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2010-03-14 09:44:45 ----D---- C:\ProgramData\Kaspersky Lab
2010-03-13 22:47:32 ----D---- C:\Program Files\Speccy
2010-03-13 18:19:42 ----D---- C:\Windows\Prefetch
2010-03-13 13:28:20 ----D---- C:\Program Files\ESET
2010-03-13 12:55:45 ----D---- C:\Users\Junior\AppData\Roaming\Mozilla
2010-03-13 12:35:19 ----D---- C:\Program Files\Opera 10.50 Beta
2010-03-13 12:31:43 ----D---- C:\Users\Junior\AppData\Roaming\Real
2010-03-13 12:31:43 ----D---- C:\Program Files\Common Files\Real
2010-03-13 12:29:30 ----D---- C:\Windows\winsxs
2010-03-13 09:11:40 ----D---- C:\Windows\Debug
2010-03-13 09:11:03 ----D---- C:\Program Files\CCleaner
2010-03-11 18:26:46 ----D---- C:\Program Files\ICQ7.0
2010-03-11 17:12:58 ----D---- C:\Program Files\7-Zip
2010-03-11 17:02:47 ----RD---- C:\Program Files\Skype
2010-03-11 17:02:44 ----D---- C:\ProgramData\Skype
2010-03-11 16:59:10 ----D---- C:\Program Files\mIRC
2010-03-11 16:13:27 ----D---- C:\Program Files\Windows Mail
2010-03-11 16:13:27 ----D---- C:\Program Files\Movie Maker
2010-03-11 16:10:44 ----D---- C:\ProgramData\Microsoft Help
2010-03-02 06:30:12 ----A---- C:\Windows\system32\mrt.exe
2010-02-26 13:07:27 ----D---- C:\PerfLogs
2010-02-25 21:10:36 ----D---- C:\Users\Junior\AppData\Roaming\Opera
2010-02-25 17:59:39 ----D---- C:\Program Files\Opera
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-02-24 08:48:40 ----D---- C:\Windows\rescache
2010-02-24 08:47:55 ----SD---- C:\ProgramData\Microsoft
2010-02-24 08:36:57 ----D---- C:\Program Files\Common Files\microsoft shared
2010-02-24 08:27:49 ----D---- C:\Windows\AppPatch
2010-02-24 08:27:48 ----RSD---- C:\Windows\Fonts
2010-02-23 19:34:21 ----D---- C:\Users\Junior\AppData\Roaming\mIRC
2010-02-23 12:05:08 ----D---- C:\Users\Junior\AppData\Roaming\Ventrilo

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100211.001\BHDrvx86.sys [2010-02-11 536112]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\NIS\1105000.07F\ccHPx86.sys [2009-12-09 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-03-14 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100312.001\IDSvix86.sys [2009-10-28 343088]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2010-02-17 66632]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1105000.07F\SRTSP.SYS [2009-12-03 325168]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1105000.07F\SRTSPX.SYS [2009-12-03 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2009-12-03 44080]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NIS\1105000.07F\Ironx86.SYS [2009-11-26 116272]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NIS\1105000.07F\SYMTDIV.SYS [2009-11-22 340016]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-01-15 318464]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-03-14 102448]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-01-07 19160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100320.022\NAVENG.SYS [2010-03-14 84912]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100320.022\NAVEX15.SYS [2010-03-14 1324720]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-08-01 1052704]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-01-12 11586280]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-03-14 124976]
R3 tenCapture;tenCapture; C:\Windows\system32\DRIVERS\tenCapture.sys [2007-04-21 9344]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
S2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []
S3 aw9i8ogh;aw9i8ogh; C:\Windows\system32\drivers\aw9i8ogh.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 29696]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2008-12-22 25280]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\Windows\system32\2C1E.tmp []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
S3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.23\RivaTuner32.sys [2009-02-15 9088]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2010-02-17 12872]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\Windows\system32\drivers\ScreamingBAudio.sys [2009-11-26 34384]
S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2010-03-15 23600]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 wrssweep;Webroots Volume Access Driver; \??\C:\Program Files\Webroot\Washer\wrssweep.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-01-07 236368]
R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe [2009-12-09 126392]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-01-11 129640]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-01-11 240232]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 XobniService;XobniService; C:\Program Files\Xobni\XobniService.exe [2010-01-28 50176]
R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-03-14 332720]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-29 31048]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-09-26 85096]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-04-28 2806062]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-03-16 435016]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S4 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]

-----------------EOF-----------------

[Rudy]

Zkuste ještě čištění CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 . V logu nic nebezpečného není vidět.

[SkillHead]

To už jsem taky zkoušel. Napadlo mě nějaký zákeřný vir v ramce, ale čím to zkontrolovat?

[Rudy]

Udělejte sken Combofix a dejte log:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[SkillHead]

Tady to je
ComboFix 10-03-19.08 - Junior 21.03.2010 12:45:55.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1306 [GMT 1:00]
Spuštěný z: c:\users\Junior\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
C:\install.exe
c:\windows\system32\autoscan.dll
c:\windows\system32\Connect.dll
c:\windows\system32\H

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-21 do 2010-03-21 )))))))))))))))))))))))))))))))
.

2010-03-21 11:54 . 2010-03-21 11:55 -------- d-----w- c:\users\Junior\AppData\Local\temp
2010-03-21 11:54 . 2010-03-21 11:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-21 11:05 . 2010-03-21 11:05 -------- d-----w- c:\windows\$regcmp$
2010-03-21 07:09 . 2010-03-21 07:09 -------- d-----w- c:\program files\trend micro
2010-03-21 07:09 . 2010-03-21 07:09 -------- d-----w- C:\rsit
2010-03-21 07:06 . 2010-03-14 09:41 84912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100320.022\NAVENG.SYS
2010-03-21 07:06 . 2010-03-14 09:41 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100320.022\NAVENG32.DLL
2010-03-21 07:06 . 2010-03-14 09:41 1647984 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100320.022\NAVEX32A.DLL
2010-03-21 07:06 . 2010-03-14 09:41 1324720 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100320.022\NAVEX15.SYS
2010-03-21 07:05 . 2010-03-14 09:41 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100320.022\EECTRL.SYS
2010-03-21 07:05 . 2010-03-14 09:41 2747440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100320.022\CCERASER.DLL
2010-03-21 07:05 . 2010-03-14 09:41 259440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100320.022\ECMSVR32.DLL
2010-03-21 07:05 . 2010-03-14 09:41 102448 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100320.022\ERASER.SYS
2010-03-20 21:38 . 2010-03-20 21:38 16294912 ----a-w- c:\windows\system32\imageres.dll
2010-03-20 21:37 . 2010-03-20 21:37 -------- d-----w- c:\programdata\Stardock
2010-03-20 21:37 . 2010-03-20 21:37 -------- d-----w- c:\program files\Stardock
2010-03-20 21:26 . 2010-03-20 21:27 -------- d-----w- c:\users\Junior\AppData\Local\Xobni
2010-03-20 21:25 . 2010-03-20 21:26 -------- d-----w- c:\program files\Xobni
2010-03-20 21:24 . 2010-03-20 21:27 -------- d-----w- c:\users\Junior\AppData\Local\OpenCandy
2010-03-20 21:24 . 2010-03-21 06:55 -------- d-----w- c:\users\Junior\AppData\Roaming\OpenCandy
2010-03-20 21:24 . 2010-03-20 21:24 264106 ----a-w- c:\users\Junior\AppData\Roaming\OpenCandy\Ddlmgr2Xobni.exe
2010-03-20 21:09 . 2010-03-20 21:19 -------- d-----w- c:\users\Junior\AppData\Local\GPUMonitor
2010-03-20 21:08 . 2010-03-20 21:08 -------- d-----w- c:\program files\RivaTuner v2.23
2010-03-20 17:19 . 2010-03-20 17:19 -------- d-----w- c:\program files\CleanMyPC
2010-03-20 17:06 . 2010-03-20 17:06 -------- d-----w- c:\users\Junior\AppData\Roaming\CleanMyPC Software
2010-03-20 16:52 . 2010-03-20 16:52 -------- d-----w- c:\program files\Advanced Registry Doctor
2010-03-20 10:30 . 2010-03-20 10:30 -------- d-----w- c:\program files\Amic Utilities
2010-03-20 10:22 . 2010-03-20 10:22 -------- d-----w- c:\program files\Speeditup Free
2010-03-20 10:22 . 2010-03-20 10:22 -------- d-----w- c:\windows\Speeditup Free
2010-03-20 10:11 . 2010-03-20 10:11 -------- d-----w- c:\program files\Windows Doctor
2010-03-20 09:54 . 2010-03-20 09:54 -------- d-----w- c:\users\Junior\AppData\Local\Apple Computer
2010-03-20 07:07 . 2010-03-20 07:07 -------- d-----w- c:\users\Junior\AppData\Local\4A Games
2010-03-20 07:03 . 2010-03-20 07:03 -------- d-----w- c:\windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
2010-03-20 07:03 . 2010-03-20 07:03 -------- d-----w- c:\windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
2010-03-20 06:41 . 2010-03-20 06:56 -------- d-----w- c:\program files\METRO 2033
2010-03-19 18:35 . 2010-03-16 15:45 149968 ----a-w- c:\users\Junior\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
2010-03-19 18:35 . 2010-03-19 18:35 -------- d-----w- c:\program files\QIP Infium
2010-03-18 12:19 . 2010-03-20 07:02 -------- d-----w- c:\windows\LastGood
2010-03-18 12:13 . 2010-03-18 12:13 -------- d-----w- c:\windows\LastGood.Tmp
2010-03-17 15:27 . 2010-03-17 15:27 -------- d-----w- c:\users\Junior\AppData\Roaming\Uniblue
2010-03-17 15:24 . 2010-03-17 15:24 125952 ----a-w- c:\programdata\ParetoLogic\UUS2\Temp\Update.exe
2010-03-17 15:05 . 2010-03-17 15:22 -------- d-----w- c:\users\Junior\AppData\Roaming\DriverCure
2010-03-17 15:05 . 2010-03-17 15:24 -------- d-----w- c:\programdata\DriverCure
2010-03-17 15:05 . 2010-03-17 15:05 -------- d-----w- c:\programdata\ParetoLogic
2010-03-17 15:05 . 2010-03-17 15:05 -------- d-----w- c:\program files\Common Files\ParetoLogic
2010-03-16 16:03 . 2010-03-16 16:03 -------- d-----w- c:\program files\Ventrilo
2010-03-16 15:19 . 2010-02-25 10:03 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-03-16 15:19 . 2010-02-25 09:56 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-03-16 15:19 . 2010-02-25 09:56 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-03-16 15:19 . 2010-03-16 15:19 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-03-16 04:47 . 2010-03-16 04:47 620032 ----a-w- c:\users\Junior\AppData\Roaming\OpenCandy\Xobni_Installed.exe
2010-03-16 04:47 . 2010-03-16 04:47 5693448 ----a-w- c:\users\Junior\AppData\Roaming\OpenCandy\Xobni_OC_3.exe
2010-03-15 14:52 . 2010-03-20 06:57 -------- d-----w- c:\users\Junior\AppData\Local\CrashDumps
2010-03-15 13:52 . 2010-03-15 13:52 -------- d-----w- c:\program files\Yamicsoft
2010-03-15 13:43 . 2010-03-15 13:48 -------- d-----w- c:\users\Junior\AppData\Roaming\Smart PC Solutions
2010-03-15 13:43 . 2010-03-15 13:48 -------- d-----w- c:\program files\TweakRAM
2010-03-15 13:31 . 2010-03-15 13:31 23600 ----a-w- c:\windows\system32\drivers\TVICHW32.SYS
2010-03-15 13:12 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100312.001\IDSvix86.sys
2010-03-15 13:12 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100312.001\IDSXpx86.sys
2010-03-15 13:12 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100312.001\Scxpx86.dll
2010-03-15 13:12 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100312.001\IDSxpx86.dll
2010-03-15 13:12 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100312.001\IDSviA64.sys
2010-03-14 15:25 . 2010-03-14 15:43 -------- d-----w- c:\programdata\PC Optimizer Pro
2010-03-14 15:25 . 2010-03-14 17:09 -------- d-----w- c:\program files\PC Optimizer Pro
2010-03-14 15:02 . 2007-06-05 10:26 56496 ----a-w- c:\windows\system32\wbhelp2.dll
2010-03-14 15:02 . 2007-08-31 11:52 33968 ----a-w- c:\windows\system32\anim.dll
2010-03-14 15:02 . 2004-12-07 09:11 258352 ----a-w- c:\windows\system32\unicows.dll
2010-03-14 15:02 . 1999-11-22 14:50 4608 ----a-w- c:\windows\system32\W95INF32.DLL
2010-03-14 15:02 . 1999-11-22 14:50 2272 ----a-w- c:\windows\system32\W95INF16.DLL
2010-03-14 13:44 . 2010-03-14 13:44 -------- d-----w- c:\users\Junior\AppData\Local\AliensVsPredator
2010-03-14 13:14 . 2010-03-14 13:17 -------- d-----w- C:\Alien vs. Predator 2010
2010-03-14 09:46 . 2009-12-03 06:09 44080 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2010-03-14 09:42 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100310.001\IDSvix86.sys
2010-03-14 09:42 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100310.001\IDSXpx86.sys
2010-03-14 09:42 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100310.001\Scxpx86.dll
2010-03-14 09:42 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100310.001\IDSxpx86.dll
2010-03-14 09:42 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100310.001\IDSviA64.sys
2010-03-14 09:29 . 2010-03-14 09:36 -------- d-----w- c:\users\Junior\AppData\Local\Tific
2010-03-14 09:28 . 2010-03-14 09:28 -------- d-----w- c:\users\Junior\AppData\Roaming\Tific
2010-03-14 09:28 . 2010-03-14 09:28 -------- d-----w- c:\users\Junior\AppData\Local\Symantec
2010-03-14 09:28 . 2009-12-10 03:16 784752 ----a-r- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll
2010-03-14 09:28 . 2010-03-14 09:28 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-03-14 09:28 . 2010-03-14 09:43 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-03-14 09:28 . 2010-03-14 09:28 -------- d-----w- c:\program files\Symantec
2010-03-14 09:27 . 2010-03-21 11:40 968560 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\OCS\hsplayer.dll
2010-03-14 09:27 . 2009-08-30 00:16 164216 ----a-r- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll
2010-03-14 09:27 . 2010-03-14 15:07 -------- d-----w- c:\windows\system32\drivers\NIS
2010-03-14 09:27 . 2010-03-14 09:27 -------- d-----w- c:\program files\Norton Internet Security
2010-03-14 09:27 . 2010-03-14 09:27 -------- d-----w- c:\program files\NortonInstaller
2010-03-14 08:48 . 2010-03-14 10:56 -------- d-----w- c:\programdata\Norton
2010-03-14 08:48 . 2010-03-14 09:46 -------- d-----w- c:\programdata\NortonInstaller
2010-03-13 19:07 . 2010-03-13 19:08 -------- d-----w- c:\program files\QuickTime
2010-03-13 19:07 . 2010-03-13 19:07 -------- d-----w- c:\programdata\Apple Computer
2010-03-13 19:02 . 2010-03-13 19:02 -------- d-----w- c:\program files\Common Files\Apple
2010-03-13 19:02 . 2010-03-13 19:02 -------- d-----w- c:\users\Junior\AppData\Local\Apple
2010-03-13 19:02 . 2010-03-13 19:02 -------- d-----w- c:\program files\Apple Software Update
2010-03-13 19:02 . 2010-03-13 19:02 -------- d-----w- c:\programdata\Apple
2010-03-13 14:13 . 2009-11-20 18:18 4990056 ----a-w- c:\windows\system32\NVStWiz.exe
2010-03-13 13:46 . 2015-07-25 02:24 -------- d---a-w- C:\Guru3D.com
2010-03-13 12:16 . 2007-06-29 13:47 34304 ----a-w- c:\windows\system32\drivers\AmdLLD.sys
2010-03-13 12:16 . 2010-03-15 13:35 -------- d-----w- c:\program files\AMD
2010-03-13 11:55 . 2010-03-13 11:55 -------- d-----w- c:\users\Junior\AppData\Local\Mozilla
2010-03-13 10:23 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-03-13 08:49 . 2006-06-19 11:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2010-03-13 08:49 . 2006-05-25 13:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2010-03-13 08:49 . 2005-08-25 23:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2010-03-13 08:49 . 2003-02-02 18:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2010-03-13 08:49 . 2002-03-05 23:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2010-03-13 08:49 . 2010-03-20 10:32 -------- d-----w- c:\program files\Trojan Remover
2010-03-13 08:49 . 2010-03-13 08:49 -------- d-----w- c:\users\Junior\AppData\Roaming\Simply Super Software
2010-03-11 15:01 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-03-11 15:01 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-03-11 15:01 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-03-10 20:58 . 2010-03-10 20:58 -------- d-sh--w- c:\windows\system32\%APPDATA%
2010-03-10 14:20 . 2010-03-10 14:20 -------- d-----w- c:\program files\Sophos
2010-02-28 09:29 . 2010-02-28 09:30 798771 ----a-w- c:\programdata\LangSoft\WebIE.dll
2010-02-28 09:29 . 2010-02-28 09:30 299008 ----a-w- c:\programdata\LangSoft\TrnWord.dll
2010-02-28 09:29 . 2010-02-28 09:30 356352 ----a-w- c:\programdata\LangSoft\TrnOutl.dll
2010-02-28 09:28 . 2010-02-28 09:32 -------- d-----w- C:\TRANSLAT
2010-02-28 09:28 . 2010-02-28 09:30 -------- d-----w- c:\programdata\LangSoft
2010-02-28 09:28 . 2010-02-28 09:30 -------- d-----w- c:\users\Junior\AppData\Roaming\LangSoft
2010-02-26 19:52 . 2010-02-26 19:52 -------- d-----w- c:\users\Junior\AppData\Local\Microsoft Corporation
2010-02-24 17:32 . 2010-02-24 17:31 74328 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-02-24 17:31 . 2010-03-10 15:08 -------- d-----w- c:\program files\COMODO
2010-02-24 07:50 . 2010-02-25 10:28 -------- d-----w- c:\users\Junior\Tracing

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-21 11:44 . 2008-09-25 19:31 -------- d-----w- c:\programdata\NVIDIA
2010-03-21 11:42 . 2008-09-27 05:44 12 ----a-w- c:\windows\bthservsdp.dat
2010-03-21 11:18 . 2010-02-17 09:49 -------- d-----w- c:\program files\Steam
2010-03-21 11:17 . 2010-03-18 12:35 52718 ----a-w- c:\programdata\nvModes.dat
2010-03-21 11:05 . 2009-06-15 16:13 -------- d-----w- c:\users\Junior\AppData\Roaming\BitTorrent
2010-03-21 11:02 . 2009-11-22 15:14 -------- d-----w- c:\program files\Speccy
2010-03-21 10:57 . 2009-06-15 16:13 -------- d-----w- c:\users\Junior\AppData\Roaming\DNA
2010-03-21 08:07 . 2009-06-15 16:13 -------- d-----w- c:\program files\DNA
2010-03-20 17:21 . 2008-11-30 15:18 -------- d-----w- c:\users\Junior\AppData\Roaming\Skype
2010-03-20 17:20 . 2008-11-30 15:18 -------- d-----w- c:\users\Junior\AppData\Roaming\skypePM
2010-03-20 17:02 . 2010-02-19 07:55 -------- d-----w- c:\program files\IObit
2010-03-20 07:03 . 2009-08-28 10:30 -------- d-----w- c:\program files\AGEIA Technologies
2010-03-20 07:03 . 2009-12-10 17:17 -------- d-----w- c:\program files\NVIDIA Corporation
2010-03-20 07:03 . 2009-04-19 11:04 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-03-19 18:35 . 2008-09-26 17:46 -------- d-----w- c:\users\Junior\AppData\Roaming\ICQ
2010-03-18 19:10 . 2008-09-25 19:17 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-18 11:56 . 2010-02-19 09:10 -------- d-----w- c:\users\Junior\AppData\Roaming\IObit
2010-03-15 17:17 . 2007-01-08 21:09 656846 ----a-w- c:\windows\system32\perfh005.dat
2010-03-15 17:17 . 2007-01-08 21:09 143478 ----a-w- c:\windows\system32\perfc005.dat
2010-03-14 14:09 . 2009-11-19 14:23 -------- d-----w- c:\program files\Common Files\Steam
2010-03-14 09:28 . 2010-03-14 09:28 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-03-14 09:28 . 2010-03-14 09:28 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-03-14 08:44 . 2009-07-30 12:06 -------- d-----w- c:\programdata\Kaspersky Lab
2010-03-14 08:44 . 2009-07-30 11:59 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2010-03-13 16:08 . 2009-11-28 06:30 7916 ----a-w- c:\users\Junior\AppData\Local\d3d9caps.dat
2010-03-13 11:35 . 2010-02-18 12:08 -------- d-----w- c:\program files\Opera 10.50 Beta
2010-03-13 11:31 . 2010-01-29 07:06 -------- d-----w- c:\program files\Common Files\Real
2010-03-13 08:11 . 2009-11-21 18:43 -------- d-----w- c:\program files\CCleaner
2010-03-11 17:26 . 2010-01-18 17:15 -------- d-----w- c:\program files\ICQ7.0
2010-03-11 16:12 . 2010-01-10 10:29 -------- d-----w- c:\program files\7-Zip
2010-03-11 16:02 . 2009-11-30 20:51 -------- d-----r- c:\program files\Skype
2010-03-11 16:02 . 2008-11-30 10:23 -------- d-----w- c:\programdata\Skype
2010-03-11 15:59 . 2009-05-24 07:21 -------- d-----w- c:\program files\mIRC
2010-03-11 15:13 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-03-11 15:10 . 2008-09-26 13:07 -------- d-----w- c:\programdata\Microsoft Help
2010-02-25 16:59 . 2008-12-16 13:50 -------- d-----w- c:\program files\Opera
2010-02-24 07:38 . 2010-02-24 07:38 -------- d-----w- c:\program files\Common Files\Windows Live
2010-02-24 07:31 . 2008-09-26 14:12 131952 ----a-w- c:\users\Junior\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-23 18:34 . 2009-05-10 12:18 -------- d-----w- c:\users\Junior\AppData\Roaming\mIRC
2010-02-23 11:05 . 2009-02-16 12:25 -------- d-----w- c:\users\Junior\AppData\Roaming\Ventrilo
2010-02-21 11:35 . 2009-08-28 10:30 -------- d-----w- c:\program files\Electronic Arts
2010-02-21 11:03 . 2009-08-06 16:27 -------- d-----w- c:\program files\Trillian
2010-02-20 11:03 . 2009-08-28 09:57 -------- d-----w- c:\program files\EA GAMES
2010-02-20 10:33 . 2008-10-12 07:21 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-20 10:30 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-02-20 10:30 . 2010-02-20 10:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-02-20 10:29 . 2010-02-20 10:29 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-02-20 10:09 . 2008-09-26 13:11 -------- d-----w- c:\program files\Microsoft Works
2010-02-19 11:00 . 2010-02-19 11:00 -------- d-----w- c:\programdata\Solidshield
2010-02-19 10:23 . 2010-02-06 09:13 -------- d-----w- c:\program files\AV Vcs 4.0 DIAMOND
2010-02-19 10:23 . 2010-02-03 15:03 -------- d-----w- c:\program files\AV Vcs 4.0
2010-02-19 10:23 . 2010-01-02 10:22 -------- d-----w- c:\users\Junior\AppData\Roaming\TeamViewer
2010-02-19 10:23 . 2009-11-30 19:56 -------- d-----w- c:\users\Junior\AppData\Roaming\HLSW
2010-02-19 10:23 . 2009-11-16 15:25 -------- d-----w- c:\users\Junior\AppData\Roaming\jabbim
2010-02-19 10:23 . 2009-05-24 08:38 -------- d-----w- c:\programdata\FLEXnet
2010-02-19 10:23 . 2008-11-20 16:37 -------- d-----w- c:\program files\Teamspeak2_RC2
2010-02-16 17:50 . 2010-02-16 17:50 -------- d-----w- c:\users\Junior\AppData\Roaming\DivX
2010-02-16 17:48 . 2010-02-16 17:48 -------- d-----w- c:\program files\DivX
2010-02-16 17:48 . 2010-02-16 17:48 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2010-02-16 17:48 . 2010-02-16 17:48 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-02-16 15:48 . 2010-02-16 15:46 -------- d-----w- c:\users\Junior\AppData\Roaming\TS3Client
2010-02-14 12:15 . 2010-02-14 12:05 -------- d-----w- c:\program files\X-ray Anti-Cheat
2010-02-12 19:40 . 2009-07-26 16:17 -------- d-----w- c:\program files\Activision
2010-02-12 13:27 . 2010-02-12 13:27 62976 ----a-w- c:\windows\DTDraw.dll
2010-02-12 13:27 . 2010-02-12 13:27 -------- d-----w- c:\users\Junior\AppData\Roaming\DeskSoft
2010-02-12 10:54 . 2010-02-12 10:54 -------- d-----w- c:\program files\innoheim
2010-02-12 10:53 . 2010-02-12 10:53 -------- d-----w- c:\users\Junior\AppData\Roaming\InstallShield
2010-02-11 17:45 . 2010-02-11 17:45 676912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100211.001\BHDrvx64.sys
2010-02-11 17:45 . 2010-02-11 17:45 611216 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100211.001\bbRGen.dll
2010-02-11 17:45 . 2010-02-11 17:45 536112 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100211.001\BHDrvx86.sys
2010-02-11 17:45 . 2010-02-11 17:45 201616 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100211.001\BHRules.dll
2010-02-11 17:45 . 2010-02-11 17:45 1406352 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100211.001\BHEngine.dll
2010-02-09 15:05 . 2008-09-26 13:18 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-09 14:50 . 2010-02-09 14:50 -------- d-----w- c:\program files\Adobe Media Player
2010-02-09 14:49 . 2010-02-09 14:49 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-02-07 11:35 . 2010-02-07 11:35 -------- d-----w- c:\users\Junior\AppData\Roaming\Screaming Bee
2010-02-07 11:35 . 2010-02-07 11:34 -------- d-----w- c:\programdata\Screaming Bee
2010-02-07 09:38 . 2010-02-07 09:36 -------- d-----w- c:\program files\Personal Voice Changer Driver
2010-02-06 11:29 . 2010-02-06 11:29 -------- d-----w- c:\programdata\boost_interprocess
2010-02-06 09:05 . 2010-02-06 08:52 -------- d-----w- c:\program files\AV Vcs 7.0 DIAMOND
2010-02-06 08:53 . 2010-02-06 08:53 -------- d-----w- c:\users\Junior\AppData\Roaming\Avnex
2010-02-05 20:03 . 2010-02-05 20:03 -------- d-----w- c:\program files\PowerISO
2010-02-05 13:08 . 2010-02-05 13:08 737280 ----a-w- c:\windows\iun6002.exe
2010-02-04 09:01 . 2010-02-14 12:06 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-02-04 09:01 . 2010-02-14 12:06 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-02-04 09:01 . 2010-02-14 12:06 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-02-04 09:01 . 2010-02-14 12:06 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-01-24 10:50 . 2010-01-24 10:50 -------- d-----w- c:\users\Junior\AppData\Roaming\Malwarebytes
2010-01-24 10:50 . 2010-01-24 10:50 -------- d-----w- c:\programdata\Malwarebytes
2010-01-22 10:46 . 2010-01-22 10:46 -------- d-----w- c:\programdata\0150
2010-01-12 11:03 . 2010-01-12 11:03 9388648 ----a-w- c:\windows\system32\nvd3dum.dll
2010-01-12 11:03 . 2010-01-12 11:03 68200 ----a-w- c:\windows\system32\OpenCL.dll
2010-01-12 11:03 . 2010-01-12 11:03 4321384 ----a-w- c:\windows\system32\nvwgf2um.dll
2010-01-12 11:03 . 2010-01-12 11:03 4077672 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-01-12 11:03 . 2010-01-12 11:03 4061800 ----a-w- c:\windows\system32\nvcuda.dll
2010-01-12 11:03 . 2010-01-12 11:03 2243176 ----a-w- c:\windows\system32\nvcuvid.dll
2010-01-12 11:03 . 2010-01-12 11:03 182888 ----a-w- c:\windows\system32\nvcod189.dll
2010-01-12 11:03 . 2010-01-12 11:03 182888 ----a-w- c:\windows\system32\nvcod.dll
2010-01-12 11:03 . 2010-01-12 11:03 14924392 ----a-w- c:\windows\system32\nvoglv32.dll
2010-01-12 11:03 . 2010-01-12 11:03 1280616 ----a-w- c:\windows\system32\nvapi.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\steam\steam.exe" [2010-03-14 1217872]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-01-07 429392]
"TrojanScanner"="c:\program files\Trojan Remover\Trjscan.exe" [2010-03-13 1070984]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RAM Idle Professional

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
2006-10-30 12:44 36864 ------r- c:\windows\JM\JMInsIDE.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Junior\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"BitTorrent DNA"="c:\program files\DNA\btdna.exe"
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\be413448-e838-4793-8ed3-c472553b967b.exe
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"Registry Cleaner Scheduler"="c:\program files\CleanMyPC\Registry Cleaner\RCHelper.exe" /startup
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):18,92,8e,ae,2f,87,ca,01

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-09-25 717296]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\2C1E.tmp [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2009-04-28 2806062]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-17 12872]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-11-25 34384]
R3 TVICHW32;TVICHW32;c:\windows\system32\DRIVERS\TVICHW32.SYS [2010-03-15 23600]
R3 wrssweep;Webroots Volume Access Driver;c:\program files\Webroot\Washer\wrssweep.sys [x]
S0 nvamacpi;Nvidia Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [2008-07-22 24608]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1105000.07F\SYMDS.SYS [2009-08-30 328752]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1105000.07F\SYMEFA.SYS [2009-11-26 172592]
S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100211.001\BHDrvx86.sys [2010-02-11 536112]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1105000.07F\ccHPx86.sys [2009-12-09 501888]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100312.001\IDSvix86.sys [2009-10-28 343088]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-02-17 66632]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1105000.07F\Ironx86.SYS [2009-11-26 116272]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NIS\1105000.07F\SYMTDIV.SYS [2009-11-22 340016]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-01-07 236368]
S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe [2009-12-09 126392]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-01-11 240232]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
S2 XobniService;XobniService;c:\program files\Xobni\XobniService.exe [2010-01-28 50176]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-03-14 102448]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-01-07 19160]
S3 tenCapture;tenCapture;c:\windows\system32\DRIVERS\tenCapture.sys [2007-04-21 9344]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
getPlusHelper REG_MULTI_SZ getPlusHelper
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-03-21 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-02-19 13:11]

2010-03-18 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-02-19 12:38]

2010-03-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-273610277-679555191-1394931262-1001Core.job
- c:\users\Junior\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-13 15:33]

2010-03-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-273610277-679555191-1394931262-1001UA.job
- c:\users\Junior\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-13 15:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\Junior\AppData\Roaming\Mozilla\Firefox\Profiles\ao5f8mzx.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: c:\users\Junior\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

[Rudy]

Log sice není kompletní, nicméně je patrné, že CF 5 položek smazal a ve fragmentu logu nic nebezpečného již nevidím.