počítač po 5 min provozu zamrzne

[Moteex]

Jakmile počítač zamrzne, nejdou ukončit spuštěné programy ani vypnout či restartovat počítač.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Petr at 2010-03-28 20:17:13
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 28 GB (24%) free of 114 GB
Total RAM: 2046 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:17:26, on 28.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Petr\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 8003 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-573735546-839522115-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-573735546-839522115-1004UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2010-01-08 700416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2010-01-08 1109504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-19 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2010-01-08 700416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-28 16248320]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2006-04-15 53248]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761946]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-12-18 307200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-02-09 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
C:\WINDOWS\system32\WLTRAY.exe [2005-11-11 1236992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-02-09 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\INPROCOMMWireless]
C:\Program Files\Atheros\Wireless\Utility\WlanUtil.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2010-01-08 974848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2010-02-19 149280]

C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Documents and Settings\Petr\Local Settings\Temp\Rar$EX00.875\utorrent.exe"="C:\Documents and Settings\Petr\Local Settings\Temp\Rar$EX00.875\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Petr\Plocha\uTorrent\utorrent.exe"="C:\Documents and Settings\Petr\Plocha\uTorrent\utorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-03-28 20:17:13 ----D---- C:\rsit
2010-03-28 20:17:13 ----D---- C:\Program Files\trend micro
2010-03-28 12:21:02 ----D---- C:\Documents and Settings\Petr\Data aplikací\Mathsoft
2010-03-28 12:18:49 ----D---- C:\Program Files\Mathsoft
2010-03-28 12:18:25 ----A---- C:\WINDOWS\SilentScriptLog.txt
2010-03-28 12:16:19 ----D---- C:\WINDOWS\system32\URTTEMP
2010-03-21 19:55:03 ----A---- C:\WINDOWS\system32\msvcsv60.dll
2010-03-21 19:28:24 ----D---- C:\Program Files\IK Multimedia
2010-03-21 19:27:22 ----D---- C:\Documents and Settings\Petr\Data aplikací\MusicLab
2010-03-19 18:06:49 ----A---- C:\WINDOWS\iun6002.exe
2010-03-19 18:06:42 ----D---- C:\Program Files\Codec Pack - All In 1
2010-03-19 18:05:11 ----A---- C:\WINDOWS\Codec Pack - All In 1 Setup Log.txt
2010-03-16 21:12:34 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{B386D963-5B25-453D-944B-BCE9993F76FA}
2010-03-16 20:54:20 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{2E36EF44-3E35-4623-B1DD-517C334DF1C5}
2010-03-14 12:40:07 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-13 00:55:02 ----D---- C:\Documents and Settings\Petr\Data aplikací\dvdcss
2010-03-13 00:49:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2010-03-13 00:49:46 ----D---- C:\Program Files\McAfee Security Scan
2010-03-12 11:03:47 ----A---- C:\WINDOWS\system32\NI_IRC_1_2.dll
2010-03-12 11:03:47 ----A---- C:\WINDOWS\system32\NI_DFD_1_5.dll
2010-03-12 11:03:47 ----A---- C:\WINDOWS\system32\bconvert.dll
2010-03-12 10:34:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-03-10 00:23:41 ----D---- C:\Documents and Settings\Petr\Data aplikací\InstallShield
2010-03-10 00:23:07 ----D---- C:\Program Files\Valentin EnergieSoftware
2010-03-10 00:23:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Valentin EnergieSoftware
2010-03-10 00:20:08 ----D---- C:\Program Files\Common Files\Nemetschek
2010-03-10 00:19:45 ----A---- C:\WINDOWS\system32\msxml3a.dll
2010-03-10 00:19:44 ----A---- C:\WINDOWS\system32\mfc71u.dll
2010-03-10 00:19:44 ----A---- C:\WINDOWS\system32\MFC71ITA.DLL
2010-03-10 00:19:44 ----A---- C:\WINDOWS\system32\MFC71FRA.DLL
2010-03-10 00:19:44 ----A---- C:\WINDOWS\system32\MFC71ESP.DLL
2010-03-10 00:19:44 ----A---- C:\WINDOWS\system32\MFC71ENU.DLL
2010-03-10 00:19:44 ----A---- C:\WINDOWS\system32\MFC71DEU.DLL
2010-03-10 00:19:44 ----A---- C:\WINDOWS\system32\FLXGDDE.DLL
2010-03-10 00:19:43 ----A---- C:\WINDOWS\system32\P2smon.dll
2010-03-10 00:19:43 ----A---- C:\WINDOWS\system32\implode.dll
2010-03-10 00:19:43 ----A---- C:\WINDOWS\system32\crpe32.dll
2010-03-10 00:19:43 ----A---- C:\WINDOWS\system32\crpaig32.dll
2010-03-10 00:19:43 ----A---- C:\WINDOWS\system32\cr2c70de.dll
2010-03-10 00:19:42 ----D---- C:\WINDOWS\Crystal
2010-03-10 00:19:41 ----A---- C:\WINDOWS\system32\cpeaut32.dll
2010-03-10 00:19:10 ----D---- C:\Data
2010-03-10 00:19:08 ----D---- C:\Program Files\Nemetschek
2010-03-09 01:42:44 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{D69A48BF-7653-4AA8-94BC-5847522A4573}
2010-03-09 01:41:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Native Instruments
2010-03-09 01:41:15 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{0CC51CB2-911C-40BB-BC1B-BD3CAC590222}
2010-03-09 01:40:42 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{EC98E512-708C-4C3B-9F07-B58768C1DD8A}
2010-03-09 01:40:33 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}
2010-03-09 01:40:28 ----D---- C:\Program Files\Common Files\Native Instruments
2010-03-08 03:47:25 ----D---- C:\Documents and Settings\Petr\Data aplikací\Facebook
2010-03-04 21:10:28 ----D---- C:\Documents and Settings\Petr\Data aplikací\Apple Computer

======List of files/folders modified in the last 1 months======

2010-03-28 20:17:18 ----D---- C:\WINDOWS\Prefetch
2010-03-28 20:17:13 ----RD---- C:\Program Files
2010-03-28 20:15:13 ----D---- C:\WINDOWS
2010-03-28 20:14:53 ----D---- C:\WINDOWS\Temp
2010-03-28 20:13:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-28 12:19:49 ----SHD---- C:\WINDOWS\Installer
2010-03-28 12:17:06 ----D---- C:\WINDOWS\Registration
2010-03-28 12:16:46 ----RSD---- C:\WINDOWS\assembly
2010-03-28 12:16:43 ----D---- C:\WINDOWS\system32
2010-03-28 12:16:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-21 19:47:14 ----D---- C:\Program Files\MusicLab
2010-03-21 19:28:35 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-21 14:21:08 ----D---- C:\Documents and Settings\Petr\Data aplikací\vlc
2010-03-21 14:20:38 ----D---- C:\WINDOWS\system32\drivers
2010-03-21 14:18:52 ----HD---- C:\WINDOWS\inf
2010-03-21 14:18:51 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-21 14:17:25 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-03-19 18:29:18 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-19 13:06:53 ----D---- C:\Documents and Settings\Petr\Data aplikací\gtk-2.0
2010-03-19 00:07:54 ----SD---- C:\Documents and Settings\Petr\Data aplikací\Microsoft
2010-03-17 00:59:36 ----D---- C:\WINDOWS\system32\Restore
2010-03-16 21:07:41 ----D---- C:\Program Files\Native Instruments
2010-03-13 00:10:48 ----D---- C:\joy music
2010-03-12 10:34:25 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-12 10:34:25 ----D---- C:\Program Files\Movie Maker
2010-03-12 10:34:01 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-12 10:33:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-03-12 10:31:03 ----D---- C:\WINDOWS\Debug
2010-03-11 23:49:03 ----D---- C:\DC Strong
2010-03-11 17:28:41 ----D---- C:\Program Files\Common Files\Adobe
2010-03-10 00:20:08 ----D---- C:\Program Files\Common Files
2010-03-10 00:19:22 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-09 01:40:57 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-09 01:31:10 ----D---- C:\Documents and Settings\Petr\Data aplikací\Steinberg
2010-03-09 01:28:04 ----D---- C:\Program Files\Syncrosoft
2010-03-07 12:01:28 ----D---- C:\song
2010-03-03 21:36:27 ----D---- C:\WINDOWS\Help
2010-03-02 07:30:12 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43008]
R1 Asapi;Asapi; C:\WINDOWS\system32\drivers\Asapi.sys [2002-04-17 11264]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-04-27 1540096]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-05-25 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-05-25 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-05-25 74752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-03-01 988032]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-03-01 210688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-03-01 731136]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 ajq0i730;ajq0i730; C:\WINDOWS\system32\drivers\ajq0i730.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-01-25 488448]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 kvnet;Kerio Virtual Network Adapter; C:\WINDOWS\system32\DRIVERS\kvnet.sys [2009-03-23 29696]
S3 kwflower;Kerio WinRoute Firewall Driver - Lower Layer; C:\WINDOWS\system32\DRIVERS\kwflower.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [2006-06-09 6909]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 YMIDUSB;YAMAHA Corporation USB MIDI Driver; C:\WINDOWS\System32\Drivers\ymidusb.sys [2004-11-19 13184]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-08 380928]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-04-27 405504]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-02-19 153376]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-07-17 3576320]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2005-11-11 18944]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-02-10 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Caroprd111]

Zdravím

Odstraňte log z "Code" a já se na to podívám.

[Caroprd111]

Podívám se na to.

[Caroprd111]

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.


Doporučuji odinstalovat:
C:\Documents and Settings\Petr\Plocha\uTorrent\utorrent.exe

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.




Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
• Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
• Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
• Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
• Během skenování může být počítač restartován.

[Moteex]

ComboFix 10-03-28.01 - Petr 28.03.2010 21:40:06.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1543 [GMT 2:00]
Spuštěný z: c:\documents and settings\Petr\Dokumenty\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100328-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\pdfforge Toolbar\SearchSettings.dll
c:\windows\OPTIONS\CABS\_desktop.ini
c:\windows\system32\msvcsv60.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-28 do 2010-03-28 )))))))))))))))))))))))))))))))
.

2010-03-28 18:17 . 2010-03-28 18:17 -------- d-----w- C:\rsit
2010-03-28 18:17 . 2010-03-28 18:17 -------- d-----w- c:\program files\trend micro
2010-03-28 10:18 . 2010-03-28 10:18 -------- d-----w- c:\program files\Mathsoft
2010-03-28 10:16 . 2010-03-28 10:16 -------- d-----w- c:\windows\system32\URTTEMP
2010-03-21 17:55 . 2010-03-21 18:04 16 ----a-w- c:\windows\msocreg32.dat
2010-03-21 17:28 . 2010-03-21 17:28 -------- d-----w- c:\program files\IK Multimedia
2010-03-19 16:06 . 2010-03-19 16:05 737280 ----a-w- c:\windows\iun6002.exe
2010-03-19 16:06 . 2010-03-19 16:06 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-03-14 11:54 . 2010-03-14 11:54 -------- d-----w- c:\documents and settings\Petr\Data aplikacĂ­
2010-03-14 10:40 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-12 22:49 . 2010-03-12 23:44 -------- d-----w- c:\program files\McAfee Security Scan
2010-03-12 09:03 . 2006-09-03 13:36 61440 ----a-w- c:\windows\system32\NI_DFD_1_5.dll
2010-03-12 09:03 . 2006-09-03 13:36 393216 ----a-w- c:\windows\system32\NI_IRC_1_2.dll
2010-03-12 09:03 . 2006-09-03 13:36 1870336 ----a-w- c:\windows\system32\bconvert.dll
2010-03-11 19:16 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-03-09 22:23 . 2010-03-11 22:05 -------- d-----w- c:\program files\Valentin EnergieSoftware
2010-03-09 22:20 . 2010-03-09 22:22 -------- d-----w- c:\program files\Common Files\Nemetschek
2010-03-08 23:40 . 2010-03-16 19:07 -------- d-----w- c:\program files\Common Files\Native Instruments
2010-03-07 10:34 . 2004-11-19 14:01 13184 ----a-r- c:\windows\system32\drivers\ymidusb.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-28 20:00 . 2010-02-10 17:53 -------- d-----w- c:\program files\pdfforge Toolbar
2010-03-28 10:16 . 2006-03-02 12:00 82840 ----a-w- c:\windows\system32\perfc005.dat
2010-03-28 10:16 . 2006-03-02 12:00 437574 ----a-w- c:\windows\system32\perfh005.dat
2010-03-21 17:47 . 2010-02-16 18:13 -------- d-----w- c:\program files\MusicLab
2010-03-21 17:28 . 2010-02-08 23:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-16 19:07 . 2010-02-16 19:15 -------- d-----w- c:\program files\Native Instruments
2010-03-11 15:28 . 2010-02-09 06:55 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-09 22:19 . 2010-03-09 22:19 -------- d-----w- c:\program files\Nemetschek
2010-03-08 23:28 . 2010-02-16 17:56 -------- d-----w- c:\program files\Syncrosoft
2010-02-25 22:20 . 2010-02-25 22:20 -------- d-----w- c:\program files\Windows Media Components
2010-02-25 21:42 . 2010-02-25 21:42 -------- d-----w- c:\program files\MID Converter
2010-02-24 18:39 . 2010-02-24 13:57 -------- d-----w- c:\program files\Polda 2
2010-02-21 19:15 . 2010-02-21 19:15 -------- d-----w- c:\program files\Common Files\Nero
2010-02-21 19:14 . 2010-02-21 19:14 -------- d-----w- c:\program files\Ahead
2010-02-21 19:14 . 2010-02-21 19:14 -------- d-----w- c:\program files\Common Files\Ahead
2010-02-20 21:11 . 2010-02-20 21:11 -------- d-----w- c:\program files\Rigips
2010-02-20 21:02 . 2010-02-20 21:02 -------- d-----w- c:\program files\Participatory Culture Foundation
2010-02-20 20:31 . 2010-02-20 20:31 -------- d-----w- c:\program files\Common Files\Fine Shared
2010-02-20 20:31 . 2010-02-20 20:31 -------- d-----w- c:\program files\Fine
2010-02-19 12:37 . 2010-02-19 12:37 -------- d-----w- c:\program files\Common Files\Graphisoft Shared
2010-02-19 12:33 . 2010-02-19 09:54 -------- d-----w- c:\program files\Graphisoft
2010-02-19 10:08 . 2010-02-19 10:09 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-19 10:08 . 2010-02-19 09:53 -------- d-----w- c:\program files\Java
2010-02-19 09:58 . 2010-02-19 09:58 -------- d-----w- c:\program files\WIBU-SYSTEMS
2010-02-19 09:58 . 2010-02-19 09:57 -------- d-----w- c:\program files\QuickTime
2010-02-19 09:57 . 2010-02-19 09:57 -------- d-----w- c:\program files\Apple Software Update
2010-02-19 09:53 . 2010-02-19 09:53 -------- d-----w- c:\program files\Common Files\Java
2010-02-18 19:12 . 2010-02-18 19:12 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-18 19:12 . 2010-02-18 19:12 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-02-17 23:56 . 2010-02-17 23:56 -------- d-----w- c:\program files\Common Files\SafeNet Sentinel
2010-02-17 23:54 . 2010-02-17 23:54 -------- d-----w- c:\program files\SCIA
2010-02-16 19:16 . 2010-02-16 19:16 -------- d-----w- c:\program files\Waves
2010-02-16 19:16 . 2010-02-16 19:16 -------- d-----w- c:\program files\Common Files\Digidesign
2010-02-16 18:29 . 2010-02-16 18:29 -------- d-----w- c:\program files\EDIROL
2010-02-16 17:59 . 2010-02-09 21:02 -------- d-----w- c:\program files\Steinberg
2010-02-16 16:56 . 2010-02-16 16:56 -------- d-----w- c:\program files\Lavalys
2010-02-15 12:26 . 2010-02-12 10:20 -------- d-----w- c:\program files\Microsoft Works
2010-02-13 15:12 . 2010-02-13 15:12 -------- d-----w- c:\program files\Miranda IM
2010-02-12 22:39 . 2010-02-12 22:38 -------- d-----w- c:\program files\vanBasco's Karaoke Player
2010-02-12 10:26 . 2010-02-12 10:26 -------- d-----w- c:\program files\MSECache
2010-02-12 10:19 . 2010-02-12 10:19 -------- d-----w- c:\program files\Microsoft.NET
2010-02-10 17:59 . 2010-02-10 17:59 -------- d-----w- c:\program files\PSPad editor
2010-02-10 17:53 . 2010-02-10 17:52 -------- d-----w- c:\program files\PDFCreator
2010-02-10 17:53 . 2010-02-10 17:53 -------- d-----w- c:\program files\Application Updater
2010-02-10 17:40 . 2010-02-10 08:15 -------- d-----w- c:\program files\AutoCAD 2009
2010-02-10 08:18 . 2010-02-10 08:15 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-02-09 23:21 . 2010-02-09 23:21 -------- d-----w- c:\program files\MSXML 4.0
2010-02-09 21:04 . 2010-02-09 21:04 -------- d-----w- c:\program files\VOB
2010-02-09 20:56 . 2010-02-09 20:56 -------- d-----w- c:\program files\MediaMonkey
2010-02-09 20:56 . 2010-02-09 20:56 -------- d-----w- c:\program files\Media Tagger
2010-02-09 20:51 . 2010-02-09 20:51 -------- d-----w- c:\program files\GIMP-2.0
2010-02-09 20:33 . 2010-02-09 20:33 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-02-09 20:33 . 2010-02-09 20:33 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-02-09 20:33 . 2010-02-09 20:33 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-09 20:26 . 2010-02-09 20:26 -------- d-----w- c:\program files\Common Files\GTK
2010-02-09 20:07 . 2010-02-09 20:07 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-09 19:50 . 2010-02-09 19:50 -------- d-----w- c:\program files\Sunbelt Software
2010-02-09 19:49 . 2010-02-09 00:14 20745 ----a-w- c:\windows\system32\drivers\kwflower.log
2010-02-09 17:10 . 2010-02-09 00:15 16541 ----a-w- c:\windows\system32\drivers\kwfupper.log
2010-02-09 08:31 . 2010-02-08 23:33 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-09 08:31 . 2010-02-08 23:33 2684 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-09 01:47 . 2010-02-09 00:55 -------- d-----w- c:\program files\Nokia
2010-02-09 01:43 . 2010-02-09 01:43 -------- d-----w- c:\program files\MSBuild
2010-02-09 01:39 . 2010-02-09 01:39 -------- d-----w- c:\program files\Reference Assemblies
2010-02-09 01:04 . 2010-02-09 01:04 -------- d-----w- c:\program files\MSXML 6.0
2010-02-09 00:59 . 2010-02-09 00:59 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-02-09 00:59 . 2010-02-09 00:59 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-02-09 00:56 . 2010-02-08 23:41 -------- d-----w- c:\program files\DIFX
2010-02-09 00:56 . 2010-02-09 00:56 -------- d-----w- c:\program files\Common Files\PCSuite
2010-02-09 00:56 . 2010-02-09 00:56 -------- d-----w- c:\program files\Common Files\Nokia
2010-02-09 00:56 . 2010-02-09 00:55 -------- d-----w- c:\program files\PC Connectivity Solution
2010-02-09 00:35 . 2010-02-09 00:23 -------- d-----w- c:\program files\Google
2010-02-09 00:32 . 2010-02-09 00:32 -------- d-----w- c:\program files\Alwil Software
2010-02-09 00:26 . 2010-02-09 00:26 -------- d-----w- c:\program files\CCleaner
2010-02-09 00:16 . 2010-02-09 00:16 -------- d-----w- c:\program files\VideoLAN
2010-02-09 00:14 . 2010-02-09 00:14 -------- d-----w- c:\program files\Kerio
2010-02-09 00:11 . 2010-02-09 00:11 0 ----a-w- c:\windows\nsreg.dat
2010-02-09 00:02 . 2010-02-09 00:02 -------- d-----w- c:\program files\Atheros
2010-02-09 00:01 . 2010-02-09 00:01 -------- d-----w- c:\program files\Broadcom
2010-02-09 00:00 . 2010-02-08 23:33 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-08 23:54 . 2010-02-08 23:54 -------- d-----w- c:\program files\Synaptics
2010-02-08 23:53 . 2010-02-08 23:53 -------- d-----w- c:\program files\CONEXANT
2010-02-08 23:50 . 2010-02-08 23:50 -------- d-----w- c:\program files\Realtek
2010-02-08 23:47 . 2010-02-08 23:47 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-02-08 23:46 . 2010-02-08 23:42 -------- d-----w- c:\program files\ATI Technologies
2010-02-08 23:45 . 2010-02-08 23:42 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-08 23:34 . 2010-02-08 23:34 -------- d-----w- c:\program files\microsoft frontpage
2010-02-08 23:30 . 2010-02-08 23:30 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-08 22:42 . 2010-01-08 22:42 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2009-12-31 16:50 . 2006-03-02 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2010-01-08 02:17 700416 ----a-w- c:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll" [2010-01-08 700416]

[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-02-09 135664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 16248320]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2006-04-15 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-12-18 307200]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Petr\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=xgusb.cpl
"midi2"=xgusb.cpl

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
2005-11-11 12:40 1236992 ----a-r- c:\windows\system32\WLTRAY.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-02-09 00:17 135664 ----atw- c:\documents and settings\Petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-11-11 09:57 1451520 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2006-09-01 14:57 282624 ----a-w- c:\program files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
2010-01-08 00:36 974848 ----a-w- c:\program files\pdfforge Toolbar\SearchSettings.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-19 10:08 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\Petr\\Plocha\\uTorrent\\utorrent.exe"=

R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [9.2.2010 23:04 11264]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [9.2.2010 2:33 114768]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [9.2.2010 21:50 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 5:54 66600]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [8.1.2010 1:51 380928]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.2.2010 2:33 20560]
R2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [17.7.2009 15:32 3576320]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 8:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 8:24 1365288]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [16.2.2010 19:56 33792]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [9.2.2010 21:50 65576]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9.2.2010 22:33 691696]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9.2.2010 2:24 135664]
S3 kvnet;Kerio Virtual Network Adapter;c:\windows\system32\drivers\kvnet.sys [23.3.2009 11:25 29696]
S3 kwflower;Kerio WinRoute Firewall Driver - Lower Layer;c:\windows\system32\DRIVERS\kwflower.sys --> c:\windows\system32\DRIVERS\kwflower.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [9.2.2010 2:55 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [9.2.2010 2:55 8320]
.
Obsah adresáře 'Naplánované úlohy'

2010-03-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 13:21]

2010-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 00:24]

2010-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 00:24]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\xdy4rr8q.default\
FF - component: c:\program files\pdfforge Toolbar\SSFF\components\SearchSettingsFF.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-INPROCOMMWireless - c:\program files\Atheros\Wireless\Utility\WlanUtil.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-28 22:00
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(740)
c:\windows\system32\Ati2evxx.dll
c:\windows\System32\BCMLogon.dll
.
Celkový čas: 2010-03-28 22:06:27
ComboFix-quarantined-files.txt 2010-03-28 20:06

Před spuštěním: Volných bajtů: 29 299 073 024
Po spuštění: Volných bajtů: 29 295 632 384

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - C3DE6672F3CEE019364F54A7EFBA47F4

[Caroprd111]

Stáhněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229

• Podle návodu v odkazu nainstalujte, poté dejte úplný sken.
• Nic nemažte MBAM má občas falešné detekce a mohl by smazat např. systémové soubory.
• Log vložte sem.

[Moteex]

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3924
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

28.3.2010 23:39:20
mbam-log-2010-03-28 (23-39-11).txt

Typ kontroly: Kompletní kontrola (C:\|E:\|)
Zkontrolované objekty: 272803
Uplynulý čas: 1 hour(s), 19 minute(s), 51 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 4

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\Program Files\Native Instruments\Guitar Rig 2\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\Program Files\Steinberg\Cubase SX 3\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
C:\Program Files\Steinberg\Vstplugins\Hypersonic\Hypersonic Content\UNWISE.EXE (Malware.Packer.Morphine) -> No action taken.
E:\System Volume Information\_restore{701AFC22-16C4-4C65-B5D7-1A80813628CF}\RP321\A0087197.exe (Malware.Packer.Morphine) -> No action taken.

[Caroprd111]

Vše, co našel MBAM smažte a napište stav PC.