problém USB - SP3 nebo vir?

[mal.vir]

Dobrý den,
mám problém s USB. Flashky vím že fungují na jiných PC ale u mě do nich nejde zapisovat. Problém mám i s myší, ale vzhledem k tomu, že ke svému notesu jsem dlouho používal jen tauchpad, příliš mi to nevadilo. Nicméně problém tu je. Možná to souvisí s HIDem .. nevim.
Kdy jsem to spozoroval? Nedávno, ale nejspíše (rozuměj, já flash a myš moc nepoužívám, tak nevím po jaké instalaci vznikla nefunkčnost.) buď instalací sp3 NEBO prostší varianta ... mám malware, vir či podivnou chamrať ve střevech notesu.

Posílím RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Carlos at 2010-04-26 01:39:26
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (7%) free of 25 GB
Total RAM: 1023 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:39:50, on 26.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\SlickRun\sr.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Carlos\Plocha\viry.cz\1\02. RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Carlos.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://novinky.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: DebugBar BHO - {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} - C:\Program Files\Core Services\DebugBar\DebugInfoBar.dll
O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: (no name) - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - (no file)
O3 - Toolbar: DebugBar - {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files\Core Services\DebugBar\DebugToolBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKCU\..\Run: [SlickRun] "C:\Program Files\SlickRun\sr.exe"
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Stáhnout všechny FlashGetem - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F29D7D2F-1844-4A15-A5E2-581C1B93F9C3}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: O2Micro Flash Memory Card Service (O2Flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 9828 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-12 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2009-12-08 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69FC0024-10EB-480A-BBF2-3BF4E78E17B1}]
DebugBar BHO - C:\Program Files\Core Services\DebugBar\DebugInfoBar.dll [2009-03-23 1083392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}]
IE Developer Toolbar BHO - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll [2007-03-01 623992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-19 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-12 520192]
{6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68}
{3E1201F4-1707-409F-BB45-A5F192381DA0} - DebugBar - C:\Program Files\Core Services\DebugBar\DebugToolBar.dll [2009-03-23 742400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2006-06-29 89541]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SlickRun"=C:\Program Files\SlickRun\sr.exe [2007-03-21 187392]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2009-08-22 5148672]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-02-25 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:QIP 2005"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"D:\== sw ==\_net komunikace\miranda\Miranda_IM_Bagr_pack_v1.3.1 na flash\Miranda IM Bagr pack\miranda32.exe"="D:\== sw ==\_net komunikace\miranda\Miranda_IM_Bagr_pack_v1.3.1 na flash\Miranda IM Bagr pack\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.txt - open - C:\WINDOWS\NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2010-04-26 01:39:26 ----D---- C:\rsit
2010-04-20 17:42:10 ----D---- C:\Documents and Settings\Carlos\Data aplikací\OpenOffice.org
2010-04-20 17:33:44 ----D---- C:\Program Files\OpenOffice.org 3
2010-04-17 16:44:33 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-04-17 16:41:06 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-13 19:00:37 ----D---- C:\Program Files\Karen's Power Tools
2010-04-13 19:00:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Karen's Power Tools
2010-04-06 01:13:19 ----D---- C:\Program Files\A4Tech
2010-04-03 19:44:47 ----D---- C:\cmdcons
2010-03-31 18:11:05 ----RASH---- C:\Kopie - boot.ini
2010-03-29 23:56:59 ----D---- C:\Program Files\Common Files\Freedom Scientific
2010-03-29 23:56:51 ----D---- C:\Program Files\Common Files\soft602
2010-03-29 23:56:49 ----D---- C:\Program Files\Software602
2010-03-29 15:02:16 ----D---- C:\Program Files\CPUID
2010-03-27 18:08:57 ----D---- C:\Documents and Settings\Carlos\Data aplikací\TaskCoach

======List of files/folders modified in the last 1 months======

2010-04-26 01:39:33 ----D---- C:\WINDOWS\Prefetch
2010-04-26 01:39:28 ----D---- C:\WINDOWS\Temp
2010-04-26 00:30:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-04-25 23:46:02 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-04-25 23:44:50 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-25 23:42:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-25 23:31:06 ----D---- C:\WINDOWS
2010-04-25 22:08:56 ----SHD---- C:\System Volume Information
2010-04-25 22:08:56 ----D---- C:\WINDOWS\system32\Restore
2010-04-25 21:02:56 ----D---- C:\FF-zotero
2010-04-25 17:47:15 ----D---- C:\WINDOWS\system32
2010-04-25 13:26:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-24 01:40:10 ----D---- C:\Program Files\a-squared Free
2010-04-23 02:11:59 ----A---- C:\WINDOWS\system32\everest_cpl.ini
2010-04-22 22:40:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-22 22:39:03 ----D---- C:\WINDOWS\system32\drivers
2010-04-22 22:27:02 ----D---- C:\Program Files\SUPERAntiSpyware
2010-04-22 22:12:27 ----D---- C:\Program Files\FlashGet
2010-04-22 17:08:10 ----D---- C:\Program Files\NetBeans 6.7.1
2010-04-20 23:22:11 ----D---- C:\Documents and Settings\Carlos\Data aplikací\Skype
2010-04-20 21:00:57 ----D---- C:\Documents and Settings\Carlos\Data aplikací\skypePM
2010-04-20 20:34:33 ----A---- C:\WINDOWS\win.ini
2010-04-20 17:57:00 ----SHD---- C:\WINDOWS\Installer
2010-04-20 17:36:04 ----RSD---- C:\WINDOWS\assembly
2010-04-20 17:34:21 ----RSD---- C:\WINDOWS\Fonts
2010-04-20 17:33:44 ----D---- C:\Program Files
2010-04-19 13:51:05 ----D---- C:\WINDOWS\Debug
2010-04-19 09:21:14 ----HD---- C:\WINDOWS\inf
2010-04-18 13:46:08 ----D---- C:\Program Files\EasyPHP 3.0
2010-04-18 13:17:45 ----D---- C:\Program Files\Mozilla Firefox
2010-04-17 20:06:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-17 16:44:54 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-17 16:41:56 ----D---- C:\WINDOWS\WinSxS
2010-04-17 16:41:56 ----D---- C:\Program Files\MSXML 4.0
2010-04-17 16:40:37 ----D---- C:\Program Files\Internet Explorer
2010-04-13 23:44:58 ----D---- C:\Neznámý adresář
2010-04-13 23:44:28 ----D---- C:\nezname_01.27
2010-04-13 14:13:02 ----D---- C:\Documents and Settings\Carlos\Data aplikací\EssentialPIM Pro
2010-04-12 22:56:24 ----D---- C:\Downloads
2010-04-11 11:46:52 ----SHD---- C:\RECYCLER
2010-04-11 11:45:04 ----D---- C:\Documents and Settings
2010-04-09 16:51:18 ----D---- C:\WINDOWS\security
2010-04-07 12:45:32 ----D---- C:\temp
2010-04-06 10:52:56 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-01 15:50:44 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-31 18:12:43 ----RASH---- C:\boot.ini
2010-03-29 23:56:59 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 43008]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
R1 FileDisk;FileDisk; C:\WINDOWS\system32\drivers\FileDisk.sys [2004-05-29 9728]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-09-26 286720]
R1 GhPciScan;GhostPciScanner; \??\C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys []
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-09-26 81920]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-02-04 21275]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2003-05-28 17005]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 pxrts;pxrts; C:\WINDOWS\System32\drivers\pxrts.sys [2009-11-15 46768]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-06-29 1160320]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-02-26 3565568]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-08-31 20480]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2005-08-31 20480]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]
R3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2009-06-07 27136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys [2006-06-01 236800]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2006-02-28 84836]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Amps2prt;A4Tech PS/2 Port Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amps2prt.sys [2007-05-14 14336]
S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 AVerBDA3x;AVerMedia SAA713x BDA Service; C:\WINDOWS\system32\DRIVERS\AVerBDA3x.sys [2007-03-05 1176192]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2006-01-19 10068]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-10-23 23000]
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-07-29 11988]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\D:\== sw ==\_start cd\_system\info, benchmarky a testy\Everest Ultimate Edition V. 4.00.976\kerneld.wnt []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-03-03 25280]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nrtap;NeoRouter Virtual Network Interface; C:\WINDOWS\system32\DRIVERS\nrtap.sys [2009-09-01 24576]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-17 78976]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-03-31 10301184]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VHidMinidrv;Bluetooth HID Device Service; C:\WINDOWS\system32\drivers\VHIDMini.sys [2005-07-29 11736]
S3 WEBNTACCESS;WEBNTACCESS; \??\C:\WINDOWS\system32\NTACCESS.SYS []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 zebratap;NeoRouter Network Interface; C:\WINDOWS\system32\DRIVERS\zebratap.sys [2009-03-29 25216]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2010-04-16 1872320]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-02-25 602112]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
R2 GhostStartService;GhostStartService; C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe [2003-05-28 200704]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-17 153376]
R2 KPF4;Kerio Personal Firewall 4; C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe [2005-10-10 1617920]
R2 O2Flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Oz128 Driver\o2flash.exe [2007-02-12 65536]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-04 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-02-04 360192]
S3 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-02-04 603904]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
=============================
=============================
info.txt logfile of random's system information tool 1.06 2010-04-26 01:39:53

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
602XML Filler-->MsiExec.exe /X{E5C8C4ED-A76A-49F3-BDB8-56DEEE92F19B}
602XML podpora hlasového vystupu-->MsiExec.exe /X{6D5983E9-2655-4DE7-8278-2D6549732A9B}
AC3 DirectShow Audio Decoder-->C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_AC3 132 C:\WINDOWS\INF\AC3.inf
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Reader 7.0 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A70000000000}
Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
Agere Systems HDA Modem-->agrsmdel
Aktualizace systému Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB976749)-->"C:\WINDOWS\ie8updates\KB976749-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
AM-DeadLink 3.3-->"C:\Program Files\AM-DeadLink\unins000.exe"
AngelPotion Video Codec V1-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\AngelPotion Video Codec V1\Uninst.isu"
Archivátor WinRAR-->C:\Program Files\WinRAR\uninstall.exe
a-squared Free 3.5-->"C:\Program Files\a-squared Free\unins000.exe"
a-squared HiJackFree 3.1-->"C:\Program Files\a-squared HiJackFree\unins000.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avidemux 2.5-->C:\Program Files\Avidemux 2.5\uninstall.exe
Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_E04BFC62AB75C18018CA32A469FC44BA0E376B83\amdk8.inf
Balíček ovladače systému Windows - Advanced Micro Devices, Inc. (USB28xxBGA) Media (08/31/2007 5.7.0831.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst32.exe /u C:\WINDOWS\system32\DRVSTORE\embda_754491038463AF55DC013DBF40581C2B1BFEE429\embda.inf
Balíček ovladače systému Windows - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst32.exe /u C:\WINDOWS\system32\DRVSTORE\emaudio_754491038463AF55DC013DBF40581C2B1BFEE429\emaudio.inf
Bayden SlickRun (remove only)-->"C:\Program Files\SlickRun\uninst.exe"
BeClean-->"C:\Program Files\BeClean\unins000.exe"
BlueSoleil-->MsiExec.exe /X{E82C83C0-8897-4D91-949D-E051E3F24626}
BurnInTest v3.0 Pro-->"C:\Program Files\BurnInTest\unins000.exe"
Bytescout SWF To Image GUI 1.00 (FREEWARE)-->"C:\Program Files\Bytescout SWF To Image GUI\unins000.exe"
cam2pc (remove only)-->"C:\Program Files\cam2pc\uninstall.exe"
CaRevol Jet - Aquarium Skin-->C:\Program Files\CaRevol Jet\Uninstall.Aquarium.Skin.exe
CaRevol Jet-->C:\Program Files\CaRevol Jet\Uninstall.jet.exe
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CodeZulu Bind Maker-->MsiExec.exe /I{208B110E-76EA-45A9-9FFC-33597A68981C}
Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
Counter-Strike 1.6-->C:\Program Files\Counter-Strike 1.6\Uninstal.exe
CPUID HWMonitor 1.15-->"C:\Program Files\CPUID\HWMonitor\unins000.exe"
CSE HTML Validator Professional v6.01 Trial Version-->"C:\Program Files\HTMLValidator60\unins000.exe"
DebugBar v5.2.2 for Internet Explorer (remove only)-->"C:\Program Files\Core Services\DebugBar\uninstall.exe"
Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe"
Direct Show Ogg Vorbis Filter (remove only)-->"C:\WINDOWS\system32\OggDSuninst.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Plus Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy Neatly-->C:\Program Files\Easy Neatly\uninstall.easyneatly.exe
EPIM Archiver-->C:\Program Files\EPIM Archiver\uninstall.exe
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
EssentialPIM Pro-->C:\Program Files\EssentialPIM Pro1.6\uninstall.exe
EssentialPIM-->C:\Program Files\EssentialPIM\uninstall.exe
FlashGet 1.9.6.1073-->C:\Program Files\FlashGet\uninst.exe
FLV to MP3 v1.00-->"C:\Program Files\FlvToMp3\unins000.exe"
Free CSS Toolbox 1.2-->"C:\Program Files\Free CSS Toolbox\unins000.exe"
Futuremark SystemInfo-->"C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -runfromtemp -l0x0009 -removeonly
Gifex 2.1 beta-->"C:\Program Files\GIF Icon Gallery\Gifex\unins000.exe"
GOM Player-->"C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
GPL Ghostscript 8.63-->C:\Program Files\gs\uninstgs.exe "C:\Program Files\gs\gs8.63\uninstal.txt"
GTK+ Runtime 2.14.7 rev a (odstranit)-->C:\Program Files\Common Files\GTK\2.0\uninst.exe
Hard Drive Powerwash (Remove only)-->"C:\Program Files\Hard Drive Powerwash\uninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
IETester v0.3.3 (remove only)-->"C:\Program Files\Core Services\IETester\uninstall.exe"
Internet Explorer Developer Toolbar-->MsiExec.exe /I{E7081891-BC7F-43F9-9CE6-B5DD2F497156}
iolo technologies' System Mechanic 5 Professional-->C:\PROGRA~1\iolo\SYSTEM~1\UninstallSMPro.exe
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java DB 10.4.2.1-->MsiExec.exe /X{926C96FB-9D0A-4504-8000-C6D3A4A3118E}
Java(TM) 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216017FF}
Java(TM) SE Development Kit 6 Update 16-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160160}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
jwDuplFiles 2.0-->"C:\Program Files\jwDuplFiles\unins000.exe"
Karen's LAN Monitor-->C:\Program Files\Karen's Power Tools\LAN Monitor\uninstall.exe
Kerio Personal Firewall-->MsiExec.exe /X{333BECA0-DED8-4139-A516-8D9E44E22669}
Links Manager 1.11-->"C:\Program Files\Links Manager\unins000.exe"
LiveReg (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
Magic Swf2Gif 1.35-->"C:\Program Files\Magic Swf2Gif\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Miranda IM KenDASS Pack v4.1-->"C:\Program Files\Miranda IM2\unins000.exe"
Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mp3tag v2.45a-->C:\Program Files\Mp3tag\Mp3tagUninstall.EXE
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
MV2Player (remove only)-->C:\Program Files\Mv2Player\uninst.exe
Nepravidelná slovesa 3.0-->"C:\Program Files\Nepravidelná slovesa 3\unins000.exe"
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetBeans IDE 6.7.1-->"C:\Program Files\NetBeans 6.7.1\uninstall.exe"
Norton Ghost-->MsiExec.exe /I{BBAAACFA-B012-4367-ADDA-4DDCDFD48F96}
O2Micro Flash Memory Card Reader Driver Installer(x86)-->MsiExec.exe /X{372B31CF-77FB-4E29-860C-A0EA2985AB7F}
O2Micro Flash Memory Card Windows Driver V2.04-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{EB1B0104-6A57-446F-B855-FDF49151BE0C} /l1033
OpenOffice.org 3.2 Language Pack (Czech)-->MsiExec.exe /I{1BDB1D84-C653-457B-AC1E-33997E288E91}
OpenOffice.org 3.2-->MsiExec.exe /I{5DE71D48-01EB-4BF2-A643-50FE6C9B6AC9}
Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
PC Connectivity Solution-->MsiExec.exe /I{D848D140-41C3-4A53-86D8-E866A100B4CD}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
PDFill PDF Editor with FREE PDF Writer and Tools-->MsiExec.exe /I{262C7F33-8251-432E-88C1-E9F42A53F8F0}
PHP Designer 2007 - Personal - version 5.0.2-->"C:\Program Files\PHP Designer 2007 - Personal\unins000.exe"
PSPad editor-->"C:\Program Files\PSPad editor\Uninst\unins000.exe"
Quick Poker (remove only)-->"C:\Program Files\Quick Poker\uninst.exe"
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Rainlendar2 (remove only)-->"C:\Program Files\Rainlendar2\uninst.exe"
Ralink Wireless LAN Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAB1F336-1B7C-4057-A7BC-2922CD82A781}\setup.exe" -l0x9 -removeonly
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x5 -removeonly
REALTEK PCIE NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E2F183-BAC4-4D01-BD7A-59F781E17EFA}\Setup.exe" -l0x5 REMOVE
Recuva-->"C:\Program Files\Recuva\uninst.exe"
RentASoft Image Converter v2.3-->"C:\Program Files\RentASoft\Image Converter\unins000.exe"
SIW version 2009-05-12-->"C:\Program Files\SIW\unins000.exe"
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Smart Defrag 1.20-->"C:\Program Files\IObit\IObit SmartDefrag\unins000.exe"
Smart-X7 7.80-->C:\Program Files\A4Tech\Mouse\Uninst32.exe
SoundTap Streaming Audio Recorder-->C:\Program Files\NCH Swift Sound\SoundTap\uninst.exe
Sprinx PTimer 1.5.4-->"C:\Program Files\Sprinx Systems\Sprinx PTimer\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
SWF Extractor 2.3-->"C:\Program Files\GlobFX\SWF Extractor\unins000.exe"
Swift To-Do List Lite 1.33-->"C:\Program Files\Swift To-Do List\unins000.exe"
System Cleaner 5-->C:\Program Files\Pointstone\System Cleaner 5\Uninstall.exe
TC PowerPack 1.7-->C:\Program Files\TC PowerPack\uninstall.exe
TenLittleIndians-->MsiExec.exe /I{12BA5DFC-4BE2-4F07-BE38-5BDC50789B35}
TextMaker Viewer-->C:\WINDOWS\untmv.exe
TheSage-->"C:\Program Files\TheSage\uninstall.exe"
Transmute v1.56-->MsiExec.exe /X{521DF6C8-7ECD-491B-B0E4-4BA84C617646}
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
UnderCoverXP 1.20-->"C:\Program Files\UnderCoverXP\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
USB2.0 PC Camera (SN9C201&202)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}\Setup.exe" -l0x9
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
WavePad Sound Editor-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinHTTrack Website Copier 3.43-3-->"C:\Program Files\WinHTTrack\unins000.exe"
Yaho's Miranda Pack - Light 4.6-->"C:\Program Files\Yaho's Miranda IM_4.6\unins000.exe"

======Hosts File======

127.0.0.1 localhost
127.0.0.1 sq
127.0.0.1 sq2
127.0.0.1 cat_nabytek.zoe
127.0.0.1 auknet2.zoe
127.0.0.1 korunark.zoe
127.0.0.1 vrbenska.zoe
127.0.0.1 urban.zoe
127.0.0.1 pubrestaurants2.zoe
127.0.0.1 moira-diskuze.zoe

======Security center information======

AV: ESET NOD32 Antivirus 4.0
FW: Kerio Personal Firewall

======System event log======

Computer Name: TAEK
Event Code: 1
Message: \Device\ACPIEC: Hardware vloženého řadiče (EC) neodpověděl v daném časovém limitu. To může znamenat, že došlo k chybě v hardwaru řadiče nebo ve firmwaru nebo že je nesprávně navržen systém BIOS, který k vloženému řadiči přistupuje nebezpečným způsobem. Řadič EC v případě možnosti zopakuje transakci, která se nezdařila.

Record Number: 94577
Source Name: ACPIEC
Time Written: 20100418210746.000000+120
Event Type: Chyba
User:

Computer Name: TAEK
Event Code: 1
Message: \Device\ACPIEC: Hardware vloženého řadiče (EC) neodpověděl v daném časovém limitu. To může znamenat, že došlo k chybě v hardwaru řadiče nebo ve firmwaru nebo že je nesprávně navržen systém BIOS, který k vloženému řadiči přistupuje nebezpečným způsobem. Řadič EC v případě možnosti zopakuje transakci, která se nezdařila.

Record Number: 94576
Source Name: ACPIEC
Time Written: 20100418210403.000000+120
Event Type: Chyba
User:

Computer Name: TAEK
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{F29D7D2F-1844-4A15-A5E2-581C1B93F9C3} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 94575
Source Name: Tcpip
Time Written: 20100418210329.000000+120
Event Type: Informace
User:

Computer Name: TAEK
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{F29D7D2F-1844-4A15-A5E2-581C1B93F9C3} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 94574
Source Name: Tcpip
Time Written: 20100418210314.000000+120
Event Type: Informace
User:

Computer Name: TAEK
Event Code: 1
Message: \Device\ACPIEC: Hardware vloženého řadiče (EC) neodpověděl v daném časovém limitu. To může znamenat, že došlo k chybě v hardwaru řadiče nebo ve firmwaru nebo že je nesprávně navržen systém BIOS, který k vloženému řadiči přistupuje nebezpečným způsobem. Řadič EC v případě možnosti zopakuje transakci, která se nezdařila.

Record Number: 94573
Source Name: ACPIEC
Time Written: 20100418210309.000000+120
Event Type: Chyba
User:

=====Application event log=====

Computer Name: TAEK
Event Code: 0
Message:
Record Number: 112
Source Name: GhostStartService
Time Written: 20090821111948.000000+120
Event Type: Informace
User:

Computer Name: TAEK
Event Code: 1005
Message: Služba Windows Installer vyvolala restart systému k dokončení či pokračování konfigurace Microsoft Office Professional Edition 2003.
Record Number: 111
Source Name: MsiInstaller
Time Written: 20090821031726.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: TAEK
Event Code: 11728
Message: Produkt: Microsoft Office Professional Edition 2003 - Konfigurace byla úspěšně dokončena.

Record Number: 110
Source Name: MsiInstaller
Time Written: 20090821031726.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: TAEK
Event Code: 1022
Message: Aktualizace Aktualizace SP-3 (Service Pack 3) produktu Office 2003: MAINSP3 produktu Microsoft Office Professional Edition 2003 byla úspěšně nainstalována.

Record Number: 109
Source Name: MsiInstaller
Time Written: 20090821031726.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: TAEK
Event Code: 1025
Message: Produkt Microsoft Office Professional Edition 2003: Soubor C:\Program Files\Common Files\SYSTEM\MSMAPI\1029\MSMAPI32.DLL je používán jiným procesem (Název: jqs , ID: 1484).

Record Number: 108
Source Name: MsiInstaller
Time Written: 20090821031544.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\Symantec\Norton Ghost 2003;C:\Program Files\QuickTime\QTSystem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\DivX Shared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 36 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2402
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

[JaRon]

pozri Hardware - spravca zariadeni > ci tam nemas nejake "zlte alebo cervene problemy" ?

[mal.vir]

Ve správci zařízení je vše ok

[JaRon]

stiahni a uloz na plochu ComboFix

potom spust pod uctom s administratorskym opravnenim


akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie

Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.

po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)

[mal.vir]

Nejsem si jistý jak to s tím oprávněním je. Řekl bych, že svůj Win účet je s adminstátorským (ve win označován jako správce) oprávněním, ale v nouzáku mám admin účet, který se zobrazuje jen v nouzáku.

Který mám tedy použít? V nouzáku jde všechno o mnohem pomaleji (soudě dle scanu některých mých antispy* sw)

[motji]

Omluva za vstup - záskok za kolegu
Můžete v běžném režimu, pokud to není omezený učet, a to asi není

[mal.vir]

Jdu na to.
V omezeném účtu nepracujji, to bych nemohl skoro nic dělat

Restartuji tedy OS, aby se tam něco nepřipletlo, vypnu NOD Antivirus a FW Kerio. Ve službách bude asi a2service (= A-squared).

Jestli vše půjde jak má, do pů hodiny je tu log z ComboFixu

[mal.vir]

Jak jsem postupoval je psáno výše, nicméně po restartu a spuštění ComboFixu se objevilo Warning okno
"CD-emulation drivers are running on this machine. ComboFix needs disable item."
Poté nastala chyba (na malou chvilku něco o DLL a restart).

Scanu jsem se nedočkal. Mám CF pustit ještě jednou?

[mal.vir]

Prosím dejte vědět, kdyby bylo něco nestandartního nebo bylo něco v nepořádku. Děkuji

- Při první spuštění CF se objevil warning:
CD-emulation drivers are running on this machine a že to CF disabluje.
- Poré nastala chyba (něco o DLL knihovně, ale bylo to rychlé a nepřečetl jsem to), restartovalo se to
- K žádnému scanu nedošlo
- dal jsem msconfig a pro jistotu zamítl start keria a noda
- restartoval jsem
- odinstaloval jmse CF (combofix /uninstall)
- pustil jsem CF znovu a OK, nicméně CF zjistil, že mám zaplý NOD Ant.4, což zřejmě nebyl, pač byl odškttnut v msconfigu, u hodin se neobjevoval, v taskmanageru egui nebyl. Možná má NOD ještě nějaký proces. Nevím. Nicméně dal jsem OK a akceptoval jsem tuto hlášku
- o5 se hláška objevila s tím, že CF bude pokračovat a že budu jednat na své riziko. Dal jsem OK (co mi jiného zbývá), když nevím jak jinak NOD vypnout
- CF konečně pracuje v modrém okně
- CF chce nainstalovat "Konzoli pro zotavení" -> dávám OK
- konzole nainstalována
- CF konečně hledá
- mám LOG z CF

ComboFix 10-04-21.01 - Carlos 26.04.2010 17:46:06.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.593 [GMT 2:00]
Spuštěný z: c:\documents and settings\Carlos\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Kerio Personal Firewall *enabled* {333BECA0-DED8-4139-A516-8D9E44E22669}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((( Soubory vytvořené od 2010-03-26 do 2010-04-26 )))))))))))))))))))))))))))))))
.

2010-04-20 15:33 . 2010-04-20 15:33 -------- d-----w- c:\program files\OpenOffice.org 3
2010-04-16 20:51 . 2010-04-16 20:57 3532 ----a-w- C:\drmHeader.bin
2010-04-13 17:00 . 2010-04-13 17:00 -------- d-----w- c:\program files\Karen's Power Tools
2010-04-11 09:48 . 2010-04-11 09:48 -------- d-sh--w- c:\documents and settings\acq\PrivacIE
2010-04-05 23:13 . 2010-04-05 23:13 -------- d-----w- c:\program files\A4Tech
2010-03-29 21:56 . 2010-03-29 21:56 -------- d-----w- c:\program files\Common Files\Freedom Scientific
2010-03-29 21:56 . 2010-03-29 21:56 -------- d-----w- c:\program files\Common Files\soft602
2010-03-29 21:56 . 2010-03-29 21:56 -------- d-----w- c:\program files\Software602
2010-03-29 13:02 . 2009-03-26 23:16 12672 ----a-w- c:\windows\system32\drivers\cpuz132_x32.sys
2010-03-29 13:02 . 2010-03-29 13:02 -------- d-----w- c:\program files\CPUID

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-26 15:10 . 2010-04-26 15:10 100 ----a-w- c:\windows\system32\drivers\fwdrv.err
2010-04-23 23:40 . 2009-02-04 20:58 -------- d-----w- c:\program files\a-squared Free
2010-04-22 20:40 . 2009-12-08 20:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-22 20:27 . 2009-12-11 08:49 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-04-22 20:12 . 2009-02-23 11:21 -------- d-----w- c:\program files\FlashGet
2010-04-22 15:08 . 2009-08-24 12:59 -------- d-----w- c:\program files\NetBeans 6.7.1
2010-04-18 11:46 . 2009-06-25 14:42 -------- d-----w- c:\program files\EasyPHP 3.0
2010-04-17 18:07 . 2001-10-25 14:00 79818 ----a-w- c:\windows\system32\perfc005.dat
2010-04-17 18:07 . 2001-10-25 14:00 433028 ----a-w- c:\windows\system32\perfh005.dat
2010-04-17 14:41 . 2009-02-16 10:05 -------- d-----w- c:\program files\MSXML 4.0
2010-03-29 22:46 . 2009-12-08 20:57 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-29 22:45 . 2009-12-08 20:57 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-26 21:56 . 2010-03-24 14:05 -------- d-----w- c:\program files\BurnInTest
2010-03-26 21:17 . 2010-03-02 16:23 -------- d-----w- c:\program files\Setup Files
2010-03-24 14:24 . 2009-04-11 09:45 -------- d-----w- c:\program files\BeClean
2010-03-24 09:01 . 2009-10-19 13:39 -------- d-----w- c:\program files\ElcomSoft
2010-03-19 00:37 . 2010-03-19 00:37 -------- d-----w- c:\program files\Swift To-Do List
2010-03-17 21:45 . 2010-03-13 18:09 -------- d-----w- c:\program files\Free Easy Burner
2010-03-17 18:12 . 2010-01-24 20:17 -------- d-----w- c:\program files\Yaho's Miranda IM_4.6
2010-03-16 00:04 . 2010-03-16 00:03 -------- d-----w- c:\program files\DivX
2010-03-16 00:03 . 2010-03-16 00:03 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-03-15 11:12 . 2010-03-15 11:12 -------- d-----w- c:\program files\EssentialPIM Pro1.6
2010-03-11 11:30 . 2009-03-02 22:59 -------- d-----w- c:\program files\Winamp
2010-03-10 06:17 . 2004-08-17 13:49 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-03 16:17 . 2009-02-05 00:58 -------- d-----w- c:\program files\Java
2010-03-03 15:08 . 2010-03-03 15:08 -------- d-----w- c:\program files\Common Files\Java
2010-03-03 11:55 . 2009-09-23 08:41 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-03-03 11:42 . 2010-03-03 11:41 -------- d-----w- c:\program files\EPIM Archiver
2010-03-02 18:13 . 2010-03-02 18:13 -------- d-----w- c:\program files\IVT Corporation
2010-03-02 18:09 . 2010-03-02 18:09 -------- d-----w- c:\program files\Common Files\snp2std
2010-03-02 18:09 . 2009-02-04 15:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-02 16:21 . 2010-03-02 16:20 -------- d-----w- c:\program files\MSI
2010-03-02 13:05 . 2009-08-23 21:52 -------- d-----w- c:\program files\TortoiseSVN
2010-03-01 21:06 . 2009-09-21 18:42 -------- d-----w- c:\program files\CaRevol Jet
2010-02-27 16:50 . 2009-02-04 14:53 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-27 16:50 . 2009-02-04 14:53 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-27 14:29 . 2009-07-10 11:04 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-25 06:18 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2004-08-03 21:15 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-17 12:09 . 2004-08-17 13:45 2192128 ------w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:09 . 2004-08-17 15:45 2068992 ------w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 21:04 . 2010-02-12 21:04 8 ----a-w- C:\xtrinit5.dat
2010-02-12 04:35 . 2004-08-17 13:49 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-08-03 21:07 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-09 11:48 . 2010-02-09 11:48 0 -c--a-w- c:\windows\ativpsrm.bin
2010-02-08 16:12 . 2010-02-08 16:12 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-02-08 16:06 . 2010-02-08 16:06 682232 ----a-w- c:\windows\system32\drivers\sptd.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SlickRun"="c:\program files\SlickRun\sr.exe" [2007-03-21 187392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 14:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
2009-05-14 13:47 2029640 ----a-w- c:\program files\ESET\ESET NOD32 Antivirus\egui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rainlendar2]
2009-08-22 10:31 5148672 ----a-w- c:\program files\Rainlendar2\Rainlendar2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlickRun]
2007-03-21 07:59 187392 ----a-w- c:\program files\SlickRun\sr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"KPF4"=2 (0x2)
"ekrn"=2 (0x2)
"EhttpSrv"=3 (0x3)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"tsnp2std"=c:\windows\tsnp2std.exe
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"snp2std"=c:\windows\vsnp2std.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\FlashGet\\flashget.exe"=
"d:\\== sw ==\\_net komunikace\\miranda\\Miranda_IM_Bagr_pack_v1.3.1 na flash\\Miranda IM Bagr pack\\miranda32.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [27.2.2006 16:00 39680]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20.2.2006 17:01 35712]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14.5.2009 15:49 94360]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26.9.2005 12:05 286720]
R1 GhPciScan;GhostPciScanner;c:\program files\Symantec\Norton Ghost 2003\GhPciScan.sys [28.5.2003 20:01 5632]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26.9.2005 12:05 81920]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [15.9.2009 12:42 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [15.9.2009 12:42 66632]
R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [4.2.2009 22:58 1872320]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14.5.2009 15:47 731840]
R2 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [15.11.2009 16:07 46768]
R3 NCHSSVAD;SoundTap Recorder;c:\windows\system32\drivers\nchssvad.sys [7.6.2009 16:00 27136]
S3 Amps2prt;A4Tech PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [14.5.2007 23:40 14336]
S3 AVerBDA3x;AVerMedia SAA713x BDA Service;c:\windows\system32\drivers\AVerBDA3x.sys [20.8.2009 0:23 1176192]
S3 nrtap;NeoRouter Virtual Network Interface;c:\windows\system32\drivers\nrtap.sys [1.9.2009 21:06 24576]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [15.9.2009 12:42 12872]
S3 WEBNTACCESS;WEBNTACCESS;c:\windows\system32\Ntaccess.sys [14.4.2008 3:21 17920]
S3 zebratap;NeoRouter Network Interface;c:\windows\system32\drivers\zebratap.sys [29.3.2009 22:24 25216]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8.2.2010 18:06 682232]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-04-26 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2010-04-16 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://novinky.cz/
uDefault_Search_URL = hxxp://www.google.com/
uLocal Page =
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: &Stáhnout FlashGetem - c:\program files\FlashGet\jc_link.htm
IE: &Stáhnout všechny FlashGetem - c:\program files\FlashGet\jc_all.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Trusted Zone: com.tw\www.msi
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: {F29D7D2F-1844-4A15-A5E2-581C1B93F9C3} = 208.67.222.222,208.67.220.220
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath - c:\documents and settings\Carlos\Data aplikací\Mozilla\Firefox\Profiles\h2ou1wgz.defaultni\
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-26 17:54
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1608)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3032)
c:\windows\system32\webcheck.dll
.
Celkový čas: 2010-04-26 17:59:16
ComboFix-quarantined-files.txt 2010-04-26 15:59

Před spuštěním: 1 589 805 056
Po spuštění: 1 844 060 160

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

Current=3 Default=3 Failed=2 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 2FEADEE39FB7F15F11B1CDBB60093222

[JaRon]

vsetko si urobil spravne, ale toto virovy problem nebude ,,,
skus este pozriet nastavenia USB v BIOS-e, ci nie je cosi vypnute
prip. skus na forum.zive.cz

[mal.vir]

V BIOSU je jediná zmíňka o USB - a Support mám Enabled.

Je mi to prostě divné. Ovladače na myš mám jak originální tak z webu a navíc myš přez rok chodila ... a najednou mi to píše že zařízení usb nebylo rozpoznáno (bublina u hodin) a ve správci obě položky o myši (HID zařízení a myš HID) chybí.
A ten zápis do flashek je také divné že nejede. Přeci USB data načetla, tak je musí i zapisovat. Přijde mi to logické

[JaRon]

toto je problem USB
ak odisiel HW tak s tym nenarobis nic ,,,
ak iba nejak zblbli ovladace, tak sanca je skus odobrat vsetko co pojde ohladne USB - restart a nechaj system si nanovo ovladace doinstalovat

[mal.vir]

Tak jsem USB (vše co tam bylo) odintaloval a restarotval. Widle je po restartu naintalovaly, ale nic se nezlepšilo. Co bych teda měl vyměnit za HW?

Logy z RSITu a Combofixu jsou v pořádku? Mám něco odintalovat? Díky

[JaRon]

ComboFix mozes odinstalovat + zmazat adresar RSIT
co sa tyka USB - zvacsa "odide" na motherboarde cast pre USB a s tym nenarobis nic, riesenim je bud zakupenie USB-karty pre PCI-slot, alebo vymena celej MB - no doporucujem , aby sa este pozrela na to osoba znala, mnohokrat jeden pohlad viac naznaci ako viacstrankovy popis

[mal.vir]

OKI díky, ještě ta odpověď s logy z RSITu a Combofixu. Jsou oki?