Prosím o preventivku děkuji

[Papec]

Zdravím prosím o preventivní kontrolu antivir je jen zkušební verze NODu díky


Zde log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Tomik at 2010-05-20 00:12:03
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 236 MB (0%) free of 50 GB
Total RAM: 1022 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:12:25, on 20.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Documents and Settings\Tomik\Plocha\Čistič registrů\RSIT.exe
C:\Documents and Settings\Tomik\Plocha\Čistič registrů\Tomik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://codecs.r8.org/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - (no file)
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {42FDA9B0-4EF4-4676-871A-AAD4CE4B8A82} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: FlashCatchBHO Class - {88618A96-6D8A-42E7-B932-9073D5B2080F} - C:\Program Files\FlashCatch\flashcatch.dll
O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: (no name) - {FAC0D4CE-252C-4114-AD33-2B96C65628B3} - (no file)
O3 - Toolbar: (no name) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - (no file)
O3 - Toolbar: (no name) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: FlashCatch - {10CECF4F-A96E-4803-8AC2-F565FB29FF47} - C:\Program Files\FlashCatch\flashcatch.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [SpeedStartup] C:\Program Files\Speed Startup\speedstartup.exe bootup (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [SpeedStartup] C:\Program Files\Speed Startup\speedstartup.exe bootup (User 'Default user')
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe (file missing)
O23 - Service: AVG WatchDog (avg9wd) - Unknown owner - C:\Program Files\AVG\AVG9\avgwdsvc.exe (file missing)
O23 - Service: AVG Firewall (avgfws9) - Unknown owner - C:\Program Files\AVG\AVG9\avgfws9.exe (file missing)
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - Unknown owner - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1c9a8c3a9513872) (gupdate1c9a8c3a9513872) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Tomik/LOCALS~1/Temp/msohtml1/01/clip_image002.gif

--
End of file - 9892 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\PCConfidential.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2008-06-30 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42FDA9B0-4EF4-4676-871A-AAD4CE4B8A82}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88618A96-6D8A-42E7-B932-9073D5B2080F}]
FlashCatchBHO Class - C:\Program Files\FlashCatch\flashcatch.dll [2010-01-24 2265320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FAC0D4CE-252C-4114-AD33-2B96C65628B3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D2F8F919-690B-4EA2-9FA7-A203D1E04F75}
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2008-06-30 491520]
{10CECF4F-A96E-4803-8AC2-F565FB29FF47} - FlashCatch - C:\Program Files\FlashCatch\flashcatch.dll [2010-01-24 2265320]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-11-16 2054360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"WEBTRAN"= []
"OEXPRESS"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\36X Raid Configurer]
C:\WINDOWS\system32\xRaidSetup.exe [2007-11-19 1970176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe -launchedbylogin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2010-01-19 64032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2007-04-04 165784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flag]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GTablet]
C:\PROGRA~1\GENIUS~1\GTablet.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
C:\WINDOWS\Logi_MwX.Exe [2004-03-03 19968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M1000Mnt]
M1000Rmv.exe /StartStillMnt []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher]
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [2007-11-06 3096576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2010-01-11 110696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-03-20 1312256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2010-01-19 18790432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2010-01-19 1833504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Styler]
C:\Program Files\Styler\Styler.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemKey]
C:\Documents and Settings\All Users\Data aplikací\SystemKey\SystemKey.dll [2006-04-07 339968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UIWatcher]
C:\Program Files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VisualTooltip]
C:\Program Files\VisualTooltip\VisualToolTip.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipBuster]
C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe -nosplash -minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WEBTRAN]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2006-03-20 327680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zBrowser Launcher]
C:\Program Files\Logitech\iTouch\iTouch.exe [2004-03-18 892928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomik^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
avgrsstx.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2008-10-16 87352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\vturr.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\QIP Infium JadrisPack\infium.exe"="C:\QIP Infium JadrisPack\infium.exe:*:Enabled:infium"
"C:\Program Files\Mobiola Remote Control for S60\RemoteControlServer_S60.EXE"="C:\Program Files\Mobiola Remote Control for S60\RemoteControlServer_S60.EXE:*:Enabled:Mobiola ® Remote Control Server"
"D:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe"="D:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2 Game"
"D:\Program Files\Mass Effect 2\MassEffect2Launcher.exe"="D:\Program Files\Mass Effect 2\MassEffect2Launcher.exe:*:Enabled:Mass Effect 2 Launcher"
"D:\Command & Conquer 3 Kane's Wrath\RetailExe\1.0\cnc3ep1.dat"="D:\Command & Conquer 3 Kane's Wrath\RetailExe\1.0\cnc3ep1.dat:*:Enabled:Command & Conquer(tm) 3: Kane's Wrath"
"C:\Documents and Settings\Tomik\Local Settings\Temp\ElectronicArts_Patcher_000.exe"="C:\Documents and Settings\Tomik\Local Settings\Temp\ElectronicArts_Patcher_000.exe:*:Enabled:ElectronicArts_Patcher_000"
"D:\Command & Conquer 3 Kane's Wrath\RetailExe\1.2\cnc3ep1.dat"="D:\Command & Conquer 3 Kane's Wrath\RetailExe\1.2\cnc3ep1.dat:*:Enabled:Command & Conquer(tm) 3: Kane's Wrath"
"C:\Program Files\Invisible Browsing\InvisibleBrowsing.exe"="C:\Program Files\Invisible Browsing\InvisibleBrowsing.exe:*:Enabled:Invisible Browsing"
"D:\Program Files\Rise of Nations\rise.exe"="D:\Program Files\Rise of Nations\rise.exe:*:Enabled:Rise of Nations"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad656883-21c1-11dc-8716-806d6172696f}]
shell\AutoRun\command - E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5a0ef01-faf8-11de-bbe6-001617d43356}]
shell\AutoRun\command - I:\autorun.exe -auto

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cfcca1ed-89f3-11dc-b001-001617d43356}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - F:\Recycled\ctfmon.exe


======File associations======

.bat - edit -
.cmd - edit -
.inf - open -
.ini - open - notepad.exe %1
.js - edit -
.reg - edit -
.txt - open - notepad.exe %1
.vbs - edit -

======List of files/folders created in the last 3 months======

2010-05-17 10:07:23 ----D---- C:\Program Files\Virus Removal Tool
2010-05-16 14:15:59 ----D---- C:\MPS
2010-05-12 22:15:51 ----D---- C:\Program Files\OpenTTD
2010-04-27 20:02:58 ----HDC---- C:\WINDOWS\$NtUninstallWudf01007$
2010-04-27 20:01:48 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2010-04-27 19:54:57 ----D---- C:\Program Files\PC Connectivity Solution
2010-04-27 19:54:02 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-04-27 19:54:02 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-04-13 17:42:31 ----D---- C:\MyDownloads
2010-04-12 16:55:26 ----A---- C:\WINDOWS\system32\TubeFinder.exe
2010-04-12 16:54:55 ----A---- C:\WINDOWS\system32\PCCLPFR.DLL
2010-04-12 16:54:51 ----D---- C:\Program Files\Free FLV Converter
2010-04-12 16:54:51 ----D---- C:\Documents and Settings\Tomik\Data aplikací\FreeFLVConverter
2010-04-09 14:08:59 ----A---- C:\WINDOWS\system32\avgfwdx.dll
2010-04-09 14:08:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\avg9
2010-04-07 23:00:10 ----D---- C:\Documents and Settings\Tomik\Data aplikací\Ashampoo
2010-04-06 15:47:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2010-04-05 22:37:56 ----D---- C:\Documents and Settings\Tomik\Data aplikací\Malwarebytes
2010-04-05 22:37:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-04-05 22:37:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-05 18:49:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\SITEguard
2010-04-05 18:47:53 ----D---- C:\Program Files\Common Files\iS3
2010-04-05 18:47:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\STOPzilla!
2010-04-01 14:48:43 ----AC---- C:\WINDOWS\crywmvtoavi.ini
2010-04-01 14:48:12 ----D---- C:\Program Files\Crystal Software
2010-04-01 14:42:44 ----D---- C:\Program Files\Witcobber
2010-03-28 13:01:30 ----D---- C:\Program Files\Ashampoo
2010-03-23 23:05:08 ----H---- C:\Documents and Settings\Tomik\Data aplikací\xpy.ini
2010-03-23 22:35:49 ----D---- C:\Documents and Settings\Tomik\Data aplikací\Canneverbe Limited
2010-03-23 22:34:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
2010-03-23 22:16:49 ----D---- C:\Program Files\Foxit Software
2010-03-23 22:16:49 ----D---- C:\Documents and Settings\Tomik\Data aplikací\Foxit
2010-03-23 20:47:44 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-02-23 13:10:13 ----D---- C:\Documents and Settings\Tomik\Data aplikací\uTorrent
2010-02-21 19:19:09 ----D---- C:\QIP Infium JadrisPack

======List of files/folders modified in the last 3 months======

2010-05-20 00:12:09 ----D---- C:\WINDOWS\Temp
2010-05-20 00:12:06 ----D---- C:\WINDOWS\Prefetch
2010-05-20 00:09:52 ----RSD---- C:\WINDOWS\assembly
2010-05-20 00:09:52 ----HD---- C:\Config.Msi
2010-05-20 00:09:47 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-05-20 00:09:41 ----SHD---- C:\WINDOWS\Installer
2010-05-19 23:56:44 ----A---- C:\WINDOWS\Wincmd.ini
2010-05-19 23:23:08 ----D---- C:\Program Files\Mozilla Firefox
2010-05-19 23:17:12 ----D---- C:\WINDOWS
2010-05-19 23:17:12 ----A---- C:\WINDOWS\MAILTRAN.INI
2010-05-19 22:23:39 ----SD---- C:\WINDOWS\Tasks
2010-05-19 20:37:47 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-19 18:34:54 ----D---- C:\WINDOWS\Help
2010-05-19 12:04:48 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-19 12:03:53 ----D---- C:\WINDOWS\system32\drivers
2010-05-19 10:16:49 ----A---- C:\WINDOWS\TRNCOM.INI
2010-05-18 19:43:01 ----HD---- C:\WINDOWS\inf
2010-05-17 14:45:02 ----D---- C:\WINDOWS\system32
2010-05-17 14:45:00 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-17 11:01:18 ----SHD---- C:\System Volume Information
2010-05-17 10:07:23 ----D---- C:\Program Files
2010-05-16 20:25:01 ----D---- C:\Program Files\Lavalys
2010-05-16 14:34:53 ----D---- C:\Documents and Settings\Tomik\Data aplikací\foobar2000
2010-05-16 14:34:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-16 10:45:50 ----D---- C:\WINDOWS\system32\config
2010-05-16 10:43:03 ----D---- C:\Documents and Settings\Tomik\Data aplikací\Skype
2010-05-16 10:42:14 ----D---- C:\Program Files\Screamer Radio
2010-05-16 10:41:41 ----D---- C:\Program Files\ReadManiac
2010-05-15 15:03:42 ----D---- C:\Program Files\CCleaner
2010-05-14 17:45:52 ----D---- C:\WINDOWS\Debug
2010-05-13 16:21:36 ----D---- C:\Temp
2010-05-12 12:01:41 ----D---- C:\Program Files\Outlook Express
2010-05-12 10:46:42 ----HD---- C:\WINDOWS\$hf_mig$
2010-05-06 23:52:51 ----AC---- C:\WINDOWS\WTRAN32.INI
2010-05-06 10:36:38 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-05-06 06:01:47 ----AC---- C:\WINDOWS\Wdict32.INI
2010-05-02 21:42:53 ----D---- C:\Documents and Settings\Tomik\Data aplikací\Adobe
2010-04-30 20:51:06 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-29 16:00:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2010-04-29 15:32:45 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-04-27 23:25:52 ----D---- C:\Program Files\NSS
2010-04-27 19:55:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2010-04-27 19:55:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-04-27 19:53:44 ----D---- C:\Program Files\Nokia
2010-04-27 19:51:04 ----D---- C:\Program Files\Common Files\Nokia
2010-04-27 19:00:35 ----D---- C:\Documents and Settings\Tomik\Data aplikací\PC Suite
2010-04-27 18:26:52 ----D---- C:\WINDOWS\system32\Macromed
2010-04-17 11:04:47 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-17 11:02:41 ----D---- C:\WINDOWS\WinSxS
2010-04-13 18:06:39 ----D---- C:\Program Files\DsNET Corp
2010-04-10 15:08:25 ----D---- C:\Program Files\Native Instruments
2010-04-10 12:41:23 ----RSD---- C:\WINDOWS\Fonts
2010-04-10 12:41:01 ----D---- C:\Program Files\OpenOffice.org 3
2010-04-09 23:19:07 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-09 14:04:35 ----D---- C:\Documents and Settings
2010-04-08 21:07:23 ----D---- C:\WINDOWS\pss
2010-04-07 23:00:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ashampoo
2010-04-06 11:40:49 ----A---- C:\WINDOWS\win.ini
2010-04-05 18:57:54 ----D---- C:\WINDOWS\Minidump
2010-03-31 23:00:04 ----D---- C:\WINDOWS\system32\cs-cz
2010-03-31 23:00:03 ----D---- C:\Program Files\Internet Explorer
2010-03-29 20:03:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-28 13:31:59 ----D---- C:\Program Files\VirtualDJ
2010-03-28 13:26:57 ----D---- C:\Program Files\Game-Cloner
2010-03-23 22:41:11 ----D---- C:\Program Files\Common Files\Ahead
2010-03-23 22:41:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2010-03-23 22:18:04 ----D---- C:\Program Files\Common Files\Adobe
2010-03-23 22:17:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-03-23 22:08:50 ----D---- C:\Documents and Settings\Tomik\Data aplikací\Easy Duplicate Finder
2010-03-23 21:11:53 ----AC---- C:\WINDOWS\NeroDigital.ini
2010-03-16 20:38:11 ----D---- C:\Program Files\foobar2000
2010-03-15 21:20:02 ----D---- C:\Documents and Settings\Tomik\Data aplikací\Image Zone Express
2010-03-11 14:36:24 ----A---- C:\WINDOWS\system32\wininet.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\webcheck.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\url.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\pngfilt.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\occache.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\mstime.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\msrating.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\mshtmled.dll
2010-03-11 14:36:23 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-03-11 14:36:22 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-03-11 14:36:22 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-03-11 14:36:22 ----A---- C:\WINDOWS\system32\jsproxy.dll
2010-03-11 14:36:22 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-03-11 14:36:22 ----A---- C:\WINDOWS\system32\iernonce.dll
2010-03-11 14:36:22 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\ieencode.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\ieaksie.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\ieakeng.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\icardie.dll
2010-03-11 14:36:21 ----A---- C:\WINDOWS\system32\extmgr.dll
2010-03-11 14:36:20 ----N---- C:\WINDOWS\system32\corpol.dll
2010-03-11 14:36:20 ----A---- C:\WINDOWS\system32\dxtrans.dll
2010-03-11 14:36:20 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2010-03-11 14:36:20 ----A---- C:\WINDOWS\system32\advpack.dll
2010-03-10 15:17:16 ----A---- C:\WINDOWS\system32\ieudinit.exe
2010-03-10 15:17:16 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2010-03-10 13:04:51 ----D---- C:\Program Files\Movie Maker
2010-03-09 13:11:23 ----A---- C:\WINDOWS\system32\vbscript.dll
2010-03-01 21:31:12 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-01 20:57:33 ----D---- C:\Documents and Settings\Tomik\Data aplikací\Microsoft Games
2010-02-26 13:32:50 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2010-02-24 20:31:34 ----D---- C:\Program Files\RapidDown
2010-02-24 20:04:09 ----D---- C:\Program Files\FlashCatch
2010-02-23 07:18:28 ----A---- C:\WINDOWS\system32\ieakui.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 78501051;78501051; C:\WINDOWS\system32\DRIVERS\78501051.sys [2009-09-25 128016]
R1 78516071;78516071; C:\WINDOWS\system32\DRIVERS\78516071.sys [2009-09-25 128016]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-11-16 96408]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 setup_9.0.0.722_09.04.2010_23-08drv;setup_9.0.0.722_09.04.2010_23-08drv; C:\WINDOWS\system32\DRIVERS\7850105.sys [2009-10-09 315408]
R1 setup_9.0.0.722_17.05.2010_11-24drv;setup_9.0.0.722_17.05.2010_11-24drv; C:\WINDOWS\system32\DRIVERS\7851607.sys [2009-10-09 315408]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-07-15 271360]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-07-15 18048]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2010-04-09 30104]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-01-19 5818400]
R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2004-03-10 12953]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-12 10276768]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2005-11-02 10368]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-26 81408]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys []
S1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys []
S1 AvgTdiX;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
S2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys []
S3 a0icbdwh;a0icbdwh; C:\WINDOWS\system32\drivers\a0icbdwh.sys []
S3 a60smzx6;a60smzx6; C:\WINDOWS\system32\drivers\a60smzx6.sys []
S3 AEXPAM;Philips SmartManage Service; C:\WINDOWS\System32\Drivers\aexpamdrv.sys [2005-12-20 27008]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AsAudioDevice_351;AsAudioDevice_351; C:\WINDOWS\system32\drivers\AsAudioDevice_351.sys [2009-01-08 16640]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2010-04-09 30104]
S3 AVGIDSDriverxpx;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys []
S3 AVGIDSFilterxpx;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys []
S3 AVGIDSShimxpx;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys []
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-04-22 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2006-03-13 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2006-03-13 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2006-03-13 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2006-03-13 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2006-03-13 79488]
S3 L8042PR2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\System32\Drivers\l8042pr2.sys [2004-03-03 51729]
S3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\System32\Drivers\LMouFlt2.sys [2004-03-03 70801]
S3 M1000Srv;M5603C USB2.0 Camera Driver; C:\WINDOWS\System32\Drivers\M1000KNT.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSICPL;MSICPL; \??\E:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-14 5810]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys []
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-01-10 47360]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\WINDOWS\system32\DRIVERS\s115bus.sys [2007-04-23 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s115mdm.sys [2007-04-23 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s115mgmt.sys [2007-04-23 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s115obex.sys [2007-04-23 98568]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\WINDOWS\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); C:\WINDOWS\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); C:\WINDOWS\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 utg4njgy;AVZ Kernel Driver; \??\C:\WINDOWS\system32\Drivers\utg4njgy.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-05-06 232064]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
R2 NVSvc;WinFast(R) Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-01-11 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe []
S2 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe []
S2 AVGIDSAgent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe AVGIDSAgent []
S2 gupdate1c9a8c3a9513872;Služba Google Update (gupdate1c9a8c3a9513872); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-19 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-07-06 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe []
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-11-16 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-05 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-02-26 652800]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[JaRon]

Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cfcca1ed-89f3-11dc-b001-001617d43356}]

Driver::
AvgLdx86
AvgMfx86
AvgTdiX
a0icbdwh
a60smzx6

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:



po aplikacii by mal vzniknut dalsi log, ten vloz sem

[Papec]

zde je log :

ComboFix 10-05-19.02 - Tomik 20.05.2010 9:42.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1022.594 [GMT 2:00]
Spuštěný z: c:\documents and settings\Tomik\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tomik\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Tomik\DokumentyWeR14p_cfdg.exe
c:\documents and settings\Tomik\DokumentyXlK4Yy_cfdg.exe
c:\windows\eSellerateEngine.dll
c:\windows\system32\Ijl11.dll
c:\windows\system32\vbzlib1.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AVGLDX86
-------\Legacy_AVGMFX86
-------\Legacy_AVGTDIX
-------\Legacy_DOMAINSERVICE
-------\Legacy_NPF
-------\Service_AvgLdx86
-------\Service_AvgMfx86
-------\Service_AvgTdiX
-------\Service_NPF


((((((((((((((((((((((((( Soubory vytvořené od 2010-04-20 do 2010-05-20 )))))))))))))))))))))))))))))))
.

2010-05-19 10:03 . 2010-05-19 10:03 7168 ----a-w- c:\windows\system32\drivers\utg4njgy.sys
2010-05-17 08:07 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\78516072.sys
2010-05-17 08:07 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\78516071.sys
2010-05-17 08:07 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\7851607.sys
2010-05-17 08:07 . 2010-05-17 12:42 -------- d-----w- c:\program files\Virus Removal Tool
2010-05-16 12:15 . 2010-05-16 12:15 -------- d-----w- C:\MPS
2010-05-12 20:15 . 2010-05-16 12:16 -------- d-----w- c:\program files\OpenTTD
2010-04-27 17:55 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-04-27 17:54 . 2010-04-27 17:55 -------- d-----w- c:\program files\PC Connectivity Solution
2010-04-27 17:54 . 2010-02-26 11:21 8320 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2010-04-27 17:54 . 2010-02-26 11:21 137344 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2010-04-27 17:54 . 2010-02-26 11:32 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-04-27 17:54 . 2010-02-26 11:32 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-04-27 17:54 . 2010-02-26 11:32 22528 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-04-27 17:54 . 2010-02-26 11:32 662016 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-04-27 17:54 . 2010-02-26 11:32 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-04-27 17:54 . 2010-02-26 11:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-17 12:45 . 2001-10-25 12:00 79062 ----a-w- c:\windows\system32\perfc005.dat
2010-05-17 12:45 . 2001-10-25 12:00 432004 ----a-w- c:\windows\system32\perfh005.dat
2010-05-16 18:25 . 2009-08-08 06:58 -------- d-----w- c:\program files\Lavalys
2010-05-16 08:42 . 2007-12-12 15:30 -------- d-----w- c:\program files\Screamer Radio
2010-05-16 08:41 . 2008-07-28 23:23 -------- d-----w- c:\program files\ReadManiac
2010-05-15 13:03 . 2008-12-22 21:04 -------- d-----w- c:\program files\CCleaner
2010-05-06 08:36 . 2009-10-03 08:43 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-04-29 13:32 . 2007-10-05 13:02 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-04-27 21:25 . 2009-03-05 14:07 -------- d-----w- c:\program files\NSS
2010-04-27 18:03 . 2010-04-27 18:03 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-04-27 18:03 . 2010-04-27 18:03 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-04-27 18:02 . 2010-04-27 18:02 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-04-27 18:02 . 2010-04-27 18:02 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-04-27 17:53 . 2007-07-01 09:47 -------- d-----w- c:\program files\Nokia
2010-04-27 17:51 . 2008-04-23 07:22 -------- d-----w- c:\program files\Common Files\Nokia
2010-04-17 09:04 . 2007-06-23 18:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-13 16:06 . 2009-11-28 10:07 -------- d-----w- c:\program files\DsNET Corp
2010-04-12 14:55 . 2010-04-12 14:54 -------- d-----w- c:\program files\Free FLV Converter
2010-04-10 13:08 . 2009-03-13 22:29 -------- d-----w- c:\program files\Native Instruments
2010-04-10 13:03 . 2010-03-28 11:01 -------- d-----w- c:\program files\Ashampoo
2010-04-10 10:41 . 2009-01-07 21:21 -------- d-----w- c:\program files\OpenOffice.org 3
2010-04-09 12:09 . 2010-04-09 12:09 30104 ----a-w- c:\windows\system32\drivers\avgfwdx.sys
2010-04-09 12:09 . 2010-04-09 12:08 50968 ----a-w- c:\windows\system32\avgfwdx.dll
2010-04-08 18:52 . 2010-04-12 14:55 311296 ----a-w- c:\windows\system32\TubeFinder.exe
2010-04-05 20:37 . 2010-04-05 20:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-05 17:01 . 2010-04-05 17:01 352 ----a-w- c:\windows\system32\drivers\kgpfr2.cfg
2010-04-05 16:56 . 2010-04-05 16:55 4144 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
2010-04-05 16:47 . 2010-04-05 16:47 -------- d-----w- c:\program files\Common Files\iS3
2010-04-03 11:44 . 2010-04-01 12:48 5 ----a-w- c:\windows\system32\SySwmvtoavi.dat
2010-04-01 12:48 . 2010-04-01 12:48 -------- d-----w- c:\program files\Crystal Software
2010-04-01 12:42 . 2010-04-01 12:42 -------- d-----w- c:\program files\Witcobber
2010-03-29 22:46 . 2010-04-05 20:37 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-29 22:45 . 2010-04-05 20:37 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-28 11:31 . 2008-01-20 20:49 -------- d-----w- c:\program files\VirtualDJ
2010-03-28 11:26 . 2010-01-06 19:42 -------- d-----w- c:\program files\Game-Cloner
2010-03-23 20:41 . 2009-08-19 19:30 -------- d-----w- c:\program files\Common Files\Ahead
2010-03-23 20:18 . 2007-06-23 19:14 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-23 20:16 . 2010-03-23 20:16 -------- d-----w- c:\program files\Foxit Software
2010-03-11 12:36 . 2001-10-25 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:36 . 2007-06-23 18:12 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:36 . 2001-10-25 12:00 17408 ------w- c:\windows\system32\corpol.dll
2010-03-09 11:11 . 2001-10-25 12:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-02-26 11:32 . 2007-07-19 15:48 92672 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-02-24 13:11 . 2001-10-25 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2007-09-17 21:12 . 2007-09-17 17:43 24 -csh--w- c:\windows\SDE4CC256.tmp
.

Kód: Vybrat vše

<pre>
c:\program files\Common Files\Real\Update_OB\realsched .exe
c:\program files\Java\jre1.6.0_03\bin\jusched .exe
c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication .exe
c:\program files\Speed Startup\speedstartup  .exe
c:\program files\Speed Startup\speedstartup .exe
c:\program files\Windows Defender\MSASCui .exe
c:\program files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro .exe
</pre>

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WEBTRAN"="" [N/A]
"OEXPRESS"="" [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2054360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"SpeedStartup"="c:\program files\Speed Startup\speedstartup.exe" [N/A]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-10-16 19:35 87352 ----a-w- c:\windows\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk

[HKLM\~\startupfolder\C:^Documents and Settings^Tomik^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
backup=c:\windows\pss\Adobe Gamma.lnkStartup
path=c:\documents and settings\Tomik\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flag]
[X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\36X Raid Configurer]
2007-11-19 09:01 1970176 ----a-w- c:\windows\system32\xRaidSetup.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2010-01-19 17:46 64032 -c--a-w- c:\windows\ALCMTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2007-04-03 22:29 165784 ----a-w- c:\program files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GTablet]
c:\progra~1\GENIUS~1\GTablet.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 14:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
2007-03-20 12:36 36864 -c--a-w- c:\windows\RaidTool\xInsIDE.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
2004-03-03 17:50 19968 -c----w- c:\windows\LOGI_MWX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\M1000Mnt]
M1000Rmv.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher]
2007-11-06 08:16 3096576 -c--a-w- c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-01-11 21:17 13666408 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-01-11 21:17 110696 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2009-03-20 12:32 1312256 -c--a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-01-19 17:46 18790432 -c--a-w- c:\windows\RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2010-01-19 17:46 1833504 -c--a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2007-06-13 07:16 528384 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Styler]
c:\program files\Styler\Styler.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemKey]
2006-04-07 07:58 339968 ----a-w- c:\documents and settings\All Users\Data aplikací\SystemKey\SystemKey.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UIWatcher]
c:\program files\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VisualTooltip]
c:\program files\VisualTooltip\VisualToolTip.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VoipBuster]
c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
2006-03-20 12:53 327680 ----a-w- c:\program files\WinFast\WFTVFM\WFWIZ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\zBrowser Launcher]
2004-03-18 07:33 892928 ----a-w- c:\program files\Logitech\iTouch\iTouch.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\QIP Infium JadrisPack\\infium.exe"=
"d:\\Program Files\\Mass Effect 2\\Binaries\\MassEffect2.exe"=
"d:\\Program Files\\Mass Effect 2\\MassEffect2Launcher.exe"=
"d:\\Command & Conquer 3 Kane's Wrath\\RetailExe\\1.0\\cnc3ep1.dat"=
"d:\\Command & Conquer 3 Kane's Wrath\\RetailExe\\1.2\\cnc3ep1.dat"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 78501052;78501052 Boot Guard Driver;c:\windows\system32\drivers\78501052.sys [9.4.2010 23:11 37392]
R0 78516072;78516072 Boot Guard Driver;c:\windows\system32\drivers\78516072.sys [17.5.2010 10:07 37392]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24.6.2007 7:08 716272]
R0 tiamobus;vcdrom Bus;c:\windows\system32\drivers\tiamobus.sys [6.1.2010 21:42 6784]
R0 tiamoport;cxlmo Miniport;c:\windows\system32\drivers\tiamominiport.sys [6.1.2010 21:42 18304]
R1 78501051;78501051;c:\windows\system32\drivers\78501051.sys [9.4.2010 23:11 128016]
R1 78516071;78516071;c:\windows\system32\drivers\78516071.sys [17.5.2010 10:07 128016]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [16.11.2009 9:06 96408]
R1 setup_9.0.0.722_09.04.2010_23-08drv;setup_9.0.0.722_09.04.2010_23-08drv;c:\windows\system32\drivers\7850105.sys [9.4.2010 23:11 315408]
R1 setup_9.0.0.722_17.05.2010_11-24drv;setup_9.0.0.722_17.05.2010_11-24drv;c:\windows\system32\drivers\7851607.sys [17.5.2010 10:07 315408]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [16.11.2009 9:04 735960]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 20:19 13592]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [9.4.2010 14:09 30104]
R3 itchfltr;iTouch Keyboard Filter;c:\windows\system32\drivers\itchfltr.sys [10.8.2007 16:58 12953]
S0 AvgRkx86;avgrkx86.sys;c:\windows\system32\Drivers\avgrkx86.sys --> c:\windows\system32\Drivers\avgrkx86.sys [?]
S2 avg9wd;AVG WatchDog;"c:\program files\AVG\AVG9\avgwdsvc.exe" --> c:\program files\AVG\AVG9\avgwdsvc.exe [?]
S2 avgfws9;AVG Firewall;"c:\program files\AVG\AVG9\avgfws9.exe" --> c:\program files\AVG\AVG9\avgfws9.exe [?]
S2 AVGIDSAgent;AVG9IDSAgent;"c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe" AVGIDSAgent --> c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [?]
S2 gupdate1c9a8c3a9513872;Služba Google Update (gupdate1c9a8c3a9513872);c:\program files\Google\Update\GoogleUpdate.exe [19.3.2009 20:51 133104]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 AEXPAM;Philips SmartManage Service;c:\windows\system32\drivers\aexpamdrv.sys [20.12.2005 10:57 27008]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [25.1.2010 15:59 1691480]
S3 AsAudioDevice_351;AsAudioDevice_351;c:\windows\system32\drivers\AsAudioDevice_351.sys [3.4.2010 13:57 16640]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe --> c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [9.4.2010 14:09 30104]
S3 AVGIDSDriverxpx;AVG9IDSDriver;\??\c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys --> c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [?]
S3 AVGIDSFilterxpx;AVG9IDSFilter;\??\c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys --> c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [?]
S3 AVGIDSShimxpx;AVG9IDSShim;\??\c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys --> c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [?]
S3 M1000Srv;M5603C USB2.0 Camera Driver;c:\windows\system32\Drivers\M1000KNT.sys --> c:\windows\system32\Drivers\M1000KNT.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [27.4.2010 19:54 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [27.4.2010 19:54 8320]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [3.3.2009 17:35 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [3.3.2009 17:35 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [3.3.2009 17:35 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [3.3.2009 17:35 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [3.3.2009 17:35 98568]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys [3.3.2009 17:25 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter;c:\windows\system32\drivers\s816mdfl.sys [3.3.2009 17:25 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver;c:\windows\system32\drivers\s816mdm.sys [3.3.2009 17:25 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s816mgmt.sys [3.3.2009 17:25 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS);c:\windows\system32\drivers\s816nd5.sys [3.3.2009 17:26 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface;c:\windows\system32\drivers\s816obex.sys [3.3.2009 17:25 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM);c:\windows\system32\drivers\s816unic.sys [3.3.2009 17:25 97704]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 utg4njgy;AVZ Kernel Driver;c:\windows\system32\drivers\utg4njgy.sys [19.5.2010 12:03 7168]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [27.8.2007 22:57 9446]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'

2010-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-19 18:50]

2010-05-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-19 18:50]

2010-05-20 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = hxxp://codecs.r8.org/
uInternet Settings,ProxyOverride = local
uInternet Settings,ProxyServer = 127.0.0.1:8080
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
FF - ProfilePath - c:\documents and settings\Tomik\Data aplikací\Mozilla\Firefox\Profiles\hxa4y507.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101808&gct=&gc=1&q=
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npgcplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
BHO-{42FDA9B0-4EF4-4676-871A-AAD4CE4B8A82} - (no file)
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
BHO-{FAC0D4CE-252C-4114-AD33-2B96C65628B3} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Notify-avgrsstarter - avgrsstx.dll
AddRemove-Nokia Multimedia Factory{4CFB3821-1582-4F3B-BF8D-30986923B36B} - c:\documents and settings\All Users\Data aplikací\Installations\{4CFB3821-1582-4f3b-BF8D-30986923B36B}\Nokia_Multimedia_Factory_2_0.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-20 09:50
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spjr.sys >>UNKNOWN [0x87B86938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf75abf28
\Driver\ACPI -> ACPI.sys @ 0xf7329cb8
\Driver\atapi -> atapi.sys @ 0xf72beb40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Realtek RTL8169/8110 Family Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xf719cbb0
PacketIndicateHandler -> NDIS.sys @ 0xf71a9a21
SendHandler -> NDIS.sys @ 0xf718787b
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-796845957-630328440-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D69CF586-F0E1-4A3F-869D-5F10DD17EFE0}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"ialcfjlckbpnfobbni"=hex:69,61,6f,62,6e,69,6b,65,69,64,6d,70,6a,64,6c,6a,70,6a,
00,02
"habdpjgdfmmmjine"=hex:69,61,6f,62,6e,69,6b,65,69,64,6d,70,6a,64,6c,6a,70,6a,
00,02

[HKEY_USERS\S-1-5-21-796845957-630328440-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:d0,e4,c1,51,66,10,10,ac,92,b8,59,8f,92,82,f7,74,59,ec,d0,da,a3,
cf,51,86,29,5a,a4,49,df,1b,c1,6c,a1,f4,a2,03,ea,cd,6a,7e,41,c8,86,f0,25,ff,\
"rkeysecu"=hex:79,2f,00,a0,b7,fa,4d,f2,58,96,3a,25,11,b5,45,0e

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ř•€|˙˙˙˙•€|ů•6~*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="2224823586A007E1EB6CF252834B4CD50BCA37C3EB0D80675FE387E8F8346E2CCF1A756B16376B68C12D03F5C3261652537388F5C123E8DC7B1573738D6B1B1BE66247FE29F14EAA30B57C1BBE8C133362E525CF082C33F4CD49E6360EA7D9E6AE45C3A7B397FD689EF4B06E933DA5F85ADA028FA901760FD5A09D9DD3FC15EF246B0B251D93D621A5BFC61ED69C41E6116F6A730920DAD048A229992E9F4B5B78E494B73FF34D9D13CA37DB8FB16E0392A27DBE7AA79DA10AFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933FEBC9E127BECC74C8EDD5E5BE2F6E6678EDD5E5BE2F6E6677ED7231FA1DDB3C7D7D4F0DC9FAF7C4D60CEB2D1D60A19DC50D788807D0D6EF50B06E591AE34236A5B55517AE762EBEDAEE23CFC13C8EB7B6A77ECF3A2959F0BCADBF0EF35F060985D8627205BD16FF07B0E5294551C935F617743C77991CC9C4C4B0EF716940B1235FDCE5A7034867507AA0292CD8D92A57F1A6C800E8396E1049A8CDED4B408501E28A7A947517550F8695CE4533DAC9EF373471C8DFC65CAC8E13F4C18F7FA7C3AC217051E88C487D7CD74EBE0DBECCD506C3B09CD25E07756907CDBAD1BD2760DE002535BC8C1581230E40091301F6D0C41312843B779BE4BE71F9E04EE3CCE7F6956F108197AAF7A3A49EAAA94D468000496D28904E0292AFD05183057AACC5D1702335092C433446D42E81076E2616B18DD53DF6D0CF35D3B90BF68CB566CD778F95B05E138BA0B9DF32DCAD962A971377CE8A86B36112EDF2B038AD93AD802EFB5A29B48AF4FC97287DD8B53314C97EC6B466B085CA64D7BBC3F95A214F8D53530B6AC1B4D336467AA95220E6F05471C2912D163420D4CF4B44C2DD6E75FAED2E839F4C474591ECB8CE0054883455177B7E72C316C53A30606EE99C27E59CC2764BED541CD67A1C3E2C2CD54163066891A576CB8A63AAE3C2765C6C05F6355642AD05321C3BA7CC765303B97939E9CAD5DE12AD47D36ADF892DD44C0DD31D193C56A988C09629F2351152E8D2E1EEF948D00A0F345F1C172467E46C70AA9AB0DC6FE6FB90F2260F5E7CD2DC3D9EDBDC4BC1C2D9B114B7432C75CA4EDBB66360140734A771071F7B2EB2EE1DC5183C8157F9553E03DD2B01799075BDF8E3623F1CA1EBEA607FA84A3277A1A8F10063734EFBEBBEFE74EC5D1C97B0B5D621C8DB6024F053D359E86E1E6EC49A5D8D314212D5FAF0772B86667652F753A59CD70F805C679449EF0E35EFAB382FB2F7CCCB157321DFB833C2B34FE8A04DFDA362BB8F7B89DD70AB8E55D387182075D45B30D146698B385BE8E632EE7C3CA11740448024F172B0571BA75F7BBA44CF0A400B20E1F592AA5D170F70D99E188EC59234F4FA62C02DECA7213169CEC66B9"
"OOSAFEERASE03.00.00.01MSWINDOWS"="BBDCE4F0F180E00EF614FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933FEBC9E127BECC74C5D575E7D6A3B9808A9C6AECB7A5D140718355A3448749E1AD48B33220C22263D79BEC14A986C19300882418C20B5C4A3243A28A410C793002537714F2F789FA640C47A34461A5B10BC86E92B65433BAE3DA22E49ACDF7F2C91BE84442F1C036EA34F9524E1101CF3E6AE1D3D12CE96F7630FA98800302BEDCCB1623E73FA1DC8257AE14B6FDB54157744A30C6FA394DD1A147B61B35E3EE888112490243C20BE4A5352723BBD5D806582687285BE5A13E7BAA9E4B248C51600D1879FAD36A3AD9CDFFEF251AB771AAB997B612753F020DA01DA372E7CB3416EDF6F6842F721462A14A03E064EC616C9AC11DD64C8C55D80D6DC1419BE5D091418E0F656BF770D055D97566E05D0FD41D5017F153826FAECA1A146AC06FBE0B6CB86EDA382E8D9C119E65364608331999F47F05570C97B383BBC30E3FD2D131F43AE8326699BDBFA1B34DF8625ABDF5C0B84F50475C7357DEF68478006F1B81937498321D09A914DAA4CBB364E7E10198AFAE0C3FB9AD35D807F9386333042F4D5EC4A174953CF5B021CB81B88939CE2879419FB6F2655FAA205B4BC4B317309BFD54BD3189941C95038C09E35E3324F5E5A1CD76EAC0DFDFE1DD930CAA2E5AC8D5E8C6333A26143B8564D6EE9D1D278DC7FF9C64BD6A1123211C830DF1682BC488B2896C98801F5D2526DFB719FD40049D456FA8B318DE54DCB5B526F7F0B1A6C80CC033CCBC491292AC57F47F3E084DA55EAECEAACA0AE56E0FE6D913A92A8ED89BB019CCB264DBB818B721F5B7630BD9A0357589C7B24C683339E8F8181D232934CAE36D171E1FB9E0D125D4465AA12E47EB8F43A9680098D1046EAF8930393B0686C0507C60E51ECA6619A03D4A56B19D2551921BC83807C3C87D525D6AB5F160F6038781D12177ACC26A5CE3E51D23E8733CCD20CF1016F76C9B96EB1C0581E51F3351BBAB41D7B076A00426E654301B91ED0B2F613D3AB0F3C30A3D9BB3347D55294C3BDBE25C5EF7D5E5D899DAC3097A4970B4632379AEC4B89F5DA961C32D76E232D9600675538EF2B0403B5F2C0679A4685929F5A4A87AEC97A96552F26247CE0F589C60DC7211883FB2572EF4A019738B44B2FE2E8ED5C262A40FA800C1E768220316AB661831139F28E9A6D0950F57B8BB336EA4EBF100EE25E8F14F13A18EF12F7C5F7874A3951F5B0F8ACDB56D353E36293FD7032CB9DE54D22640B06644796203455C6F43206FA50DAE1C62617B4F841259D6F90D22AD83D40DF2B9C9E57DB3E194CCB166044578913B47368E34DEA10CE3F09B6AC3A46B101684DB1D126753BD9CBEBD471AD46C7F8412B5AA8F73F61F7CBA495260A"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1028)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll

- - - - - - - > 'explorer.exe'(3704)
c:\progra~1\WINDOW~3\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
.
**************************************************************************
.
Celkový čas: 2010-05-20 09:55:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-05-20 07:55

Před spuštěním: 131 817 472
Po spuštění: 309 465 088

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

Current=10 Default=10 Failed=9 LastKnownGood=11 Sets=1,2,3,4,5,6,7,8,9,10,11
- - End Of File - - EAD0E49192A15D30F94A9146E2F0E35C

[JaRon]

vycisti PC s CCleanerom

[Papec]

Díííky moc za kontrolu

[JaRon]

rado sa stalo