Nenastavitelne XP

[Pa3ot]

Zdravim. Potrebujem pomoc pred par dnami sa instalovali do pc niake auto aktualizacie a odvtedy neide ako ma. Windows teraz vyzera podobne ako Milenium niektore programi napr. Skype nefunguju, nedaju sa menit ziadne nastavenia vzhladu. Avast nic nenasiel, cistil som PC Ad-awarom a Spybotom SD. Myslim ze problem mohol byt v tom ze po tej aktualizacii ostalo na systemovom disku 1,5MB volneho miesta.

Tu je log:

Logfile of random's system information tool 1.07 (written by random/random)
Run by Bošanský at 2010-06-19 04:28:13
Microsoft Windows XP Professional Service Pack 3
System drive C: has 839 MB (6%) free of 14 GB
Total RAM: 511 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:28:20, on 19. 6. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Avast4\aswUpdSv.exe
C:\Program\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programy\Comodo Firewall\Comodo\Firewall\cmdagent.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Bošanský.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\Bošanský\Local Settings\Application Data\Windows Update\svchost.exe,C:\Documents and Settings\Bo?anský.HOME-26B49DF8A9.004\Local Settings\Application Data\Windows Update\svchost.exe,C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Local Settings\Application Data\Windows Update\svchost.exe,
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programy\Orbitdownloader\orbitcth.dll (file missing)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Programy\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programy\Spybot - Search & Destroy (antivirus)\SDHelper.dll
O2 - BHO: PageRage Toolbar - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPag1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programy\Orbitdownloader\GrabPro.dll (file missing)
O3 - Toolbar: PageRage Toolbar - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPag1.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\Program\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programy\Comodo Firewall\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programy\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinUpdate] C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Local Settings\Application Data\Windows Update\svchost.exe
O4 - HKLM\..\RunOnce: [*Restore] C:\WINDOWS\system32\restore\rstrui.exe -c
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Programy\Spybot - Search & Destroy (antivirus)\SpybotSD.exe" /autocheck
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\Spybot - Search & Destroy (antivirus)\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\Spybot - Search & Destroy (antivirus)\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programy\ICQ6.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programy\ICQ6.5\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} - http://213.160.191.162:801//activex/AMC.cab
O16 - DPF: {A4735C9C-6626-4386-9B93-2D9B79047AB8} (MediaPlugin Control) - http://www.joj.sk/fileadmin/joj_player/ ... Player.cab
O16 - DPF: {CE40C3F1-3DF5-4461-A521-810923235628} - http://www.joj.sk/fileadmin/joj_player/ ... Player.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/ ... taller.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Programy\Ares\chatServer.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programy\Comodo Firewall\Comodo\Firewall\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1c9cb602040571a) (gupdate1c9cb602040571a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 11199 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1245596034.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\SpeedyPC Program Check.job
C:\WINDOWS\tasks\SpeedyPC.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{AFCAC836-695A-49CA-AAD6-61A0F92BED86}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Programy\Orbitdownloader\orbitcth.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Programy\Internet Download Manager\IDMIECC.dll [2009-05-07 169392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Programy\Spybot - Search & Destroy (antivirus)\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9565115d-c7d6-46d3-bd63-b67b481a4368}]
PageRage Toolbar - C:\Program Files\PageRage\tbPag1.dll [2010-05-28 2393184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2010-02-25 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo Layers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - []
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Programy\Orbitdownloader\GrabPro.dll []
{9565115d-c7d6-46d3-bd63-b67b481a4368} - PageRage Toolbar - C:\Program Files\PageRage\tbPag1.dll [2010-05-28 2393184]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\Program\Avast4\ashDisp.exe [2009-02-05 81000]
"COMODO Firewall Pro"=C:\Programy\Comodo Firewall\Comodo\Firewall\CPF.exe [2009-05-01 1115728]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"QuickTime Task"=C:\Programy\QuickTime\qttask.exe [2007-06-29 286720]
"WinUpdate"=C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Local Settings\Application Data\Windows Update\svchost.exe [2009-04-01 33792]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"*Restore"=C:\WINDOWS\system32\restore\rstrui.exe [2008-04-14 380416]
"SpybotSnD"=C:\Programy\Spybot - Search & Destroy (antivirus)\SpybotSD.exe [2009-01-26 5365592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
"system"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Programy\Orbitdownloader\orbitnet.exe"="C:\Programy\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programy\3D Max 9\monitor.exe"="C:\Programy\3D Max 9\monitor.exe:*:Enabled:backburner 2.3 monitor"
"C:\Programy\3D Max 9\manager.exe"="C:\Programy\3D Max 9\manager.exe:*:Enabled:backburner 2.3 manager"
"C:\Programy\3D Max 9\server.exe"="C:\Programy\3D Max 9\server.exe:*:Enabled:backburner 2.3 server"
"E:\Program Games\The Settlers V\bin\settlershok.exe"="E:\Program Games\The Settlers V\bin\settlershok.exe:*:Enabled:THE SETTLERS - Heritage of Kings"
"E:\utorrent.exe"="E:\utorrent.exe:*:Enabled:µTorrent"
"F:\uTorrent\uTorrent.exe"="F:\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Programy\Orbitdownloader\orbitdm.exe"="C:\Programy\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"F:\Skype\Phone\Skype.exe"="F:\Skype\Phone\Skype.exe:*:Enabled:Skype"
"F:\uTorrent.exe"="F:\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.js - open - NOTEPAD.EXE %1
.reg - edit -
.reg - open -
.vbs - open - NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2010-06-19 04:16:38 ----D---- C:\Program Files\trend micro
2010-06-19 04:16:36 ----D---- C:\rsit
2010-06-19 04:12:20 ----D---- C:\VundoFix Backups
2010-06-19 04:12:20 ----A---- C:\VundoFix.txt
2010-06-19 03:01:41 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\DivX
2010-06-19 00:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-19 00:22:14 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-19 00:19:28 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-06-19 00:19:02 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-19 00:16:30 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-19 00:16:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-06-19 00:16:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-19 00:15:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-06-18 21:50:24 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Safer Networking
2010-06-18 21:44:57 ----D---- C:\Documents and Settings\All Users\Application Data\SpeedyPC
2010-06-18 18:15:36 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\uTorrent
2010-06-18 14:44:54 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Lavasoft
2010-06-18 14:27:41 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\iolo
2010-06-18 02:44:09 ----A---- C:\WINDOWS\system32\tpuninst.exe
2010-06-18 02:36:11 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\TuneUp Software
2010-06-18 02:31:45 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Apple Computer
2010-06-17 20:54:02 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Hamachi
2010-06-17 17:32:49 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Microsoft
2010-06-17 02:35:21 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Mozilla
2010-06-16 23:06:35 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Macromedia
2010-06-16 23:02:03 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Adobe
2010-06-16 15:59:29 ----D---- C:\WINDOWS\Profiles
2010-06-16 14:08:18 ----D---- C:\WINDOWS\Application Data
2010-06-16 13:06:36 ----ASH---- C:\ntuser.ini
2010-06-14 17:01:49 ----D---- C:\Program Files\Ask.com
2010-06-13 07:24:20 ----A---- C:\WINDOWS\OEWABLog.txt
2010-06-13 07:23:38 ----D---- C:\Windows Update

======List of files/folders modified in the last 1 months======

2010-06-19 04:28:16 ----D---- C:\WINDOWS\Temp
2010-06-19 04:16:51 ----D---- C:\WINDOWS\Prefetch
2010-06-19 04:16:38 ----AD---- C:\Program Files
2010-06-19 04:04:33 ----D---- C:\WINDOWS\system32\config
2010-06-19 03:59:46 ----D---- C:\Program Files\Mozilla Firefox
2010-06-19 03:48:49 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-19 03:48:38 ----SD---- C:\WINDOWS\Tasks
2010-06-19 02:53:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-19 01:16:24 ----HD---- C:\Config.Msi
2010-06-19 01:16:24 ----D---- C:\WINDOWS\SxsCaPendDel
2010-06-19 01:13:39 ----D---- C:\WINDOWS\system32
2010-06-19 01:13:16 ----SHD---- C:\WINDOWS\Installer
2010-06-19 01:12:48 ----HD---- C:\WINDOWS\inf
2010-06-19 01:12:46 ----D---- C:\Program Files\Internet Explorer
2010-06-19 01:12:41 ----RSD---- C:\WINDOWS\assembly
2010-06-19 01:10:48 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-19 01:10:46 ----RSD---- C:\WINDOWS\Fonts
2010-06-19 01:10:46 ----D---- C:\WINDOWS\system32\en-US
2010-06-19 01:09:44 ----D---- C:\WINDOWS\WinSxS
2010-06-19 01:00:16 ----A---- C:\WINDOWS\wincmd.ini
2010-06-19 00:46:09 ----AD---- C:\WINDOWS
2010-06-19 00:25:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-19 00:23:54 ----A---- C:\WINDOWS\win.ini
2010-06-19 00:22:19 ----A---- C:\WINDOWS\imsins.BAK
2010-06-19 00:17:23 ----D---- C:\WINDOWS\ie8updates
2010-06-19 00:16:26 ----D---- C:\Program Files\Outlook Express
2010-06-19 00:14:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-18 23:10:04 ----D---- C:\Programy
2010-06-18 22:48:03 ----D---- C:\Program Files\Adobe
2010-06-18 22:11:32 ----D---- C:\Documents and Settings
2010-06-18 19:12:17 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2010-06-18 08:10:52 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-18 02:43:14 ----D---- C:\WINDOWS\system32\NtmsData
2010-06-18 02:16:34 ----D---- C:\WINDOWS\system32\wbem
2010-06-18 02:16:33 ----D---- C:\WINDOWS\Registration
2010-06-18 02:15:43 ----D---- C:\WINDOWS\system32\Restore
2010-06-17 07:58:13 ----D---- C:\WINDOWS\system32\CatRoot
2010-06-16 17:17:57 ----A---- C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem.txt
2010-06-16 17:14:58 ----D---- C:\WINDOWS\network diagnostic
2010-06-15 14:54:46 ----D---- C:\Program Files\Common Files
2010-06-15 14:54:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-06-14 21:13:37 ----A---- C:\WINDOWS\ODBC.INI
2010-06-12 19:31:07 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-12 14:50:07 ----D---- C:\Program Files\ICQ6Toolbar
2010-06-07 22:27:00 ----A---- C:\WINDOWS\WINTRAN.INI
2010-06-07 22:27:00 ----A---- C:\WINDOWS\STXKBDTS.INI
2010-06-03 10:48:23 ----A---- C:\WINDOWS\NeroDigital.ini
2010-05-28 21:37:34 ----A---- C:\WINDOWS\system32\MRT.exe
2010-05-28 18:32:41 ----D---- C:\WINDOWS\system32\DirectX
2010-05-28 17:57:57 ----D---- C:\Program Files\PageRage
2010-05-20 22:05:09 ----A---- C:\WINDOWS\cdplayer.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-08 35840]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 CmdMon;Comodo Application Engine; C:\WINDOWS\System32\DRIVERS\cmdmon.sys [2009-05-01 75520]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-01-30 23976]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-08-23 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-08-23 55936]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2009-01-30 103488]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-09-20 25280]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-06-21 78976]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-09-23 80896]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 PAC207;Trust WB-1200p Mini Webcam; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 162176]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-23 5888]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S3 b57w2k;BCM5701 Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2001-08-17 96640]
S3 BRGSp50;BRGSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\BRGSp50.sys [2005-06-08 20608]
S3 CAM1210;HAMA WEBCAM AC-100; C:\WINDOWS\System32\Drivers\cam1210.sys [2007-03-15 93952]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2006-11-19 223128]
S3 FileObjInfo;STFileDriver; \??\C:\Documents and Settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys []
S3 ggsemc;Sony Ericsson USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2006-03-01 8704]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-04 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\WINDOWS\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\WINDOWS\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\WINDOWS\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 100488]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 98696]
S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-04-04 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-04-04 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-04-04 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-04-04 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-04-04 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-04-04 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-04-04 98952]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 stusb2ir;USB 2.0 IrDA Bridge; C:\WINDOWS\system32\DRIVERS\stusb2ir.sys [2004-09-07 40856]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys [2007-11-02 223128]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 60800]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 9264]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 96352]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 85696]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-08-24 477696]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program\Avast4\ashServ.exe [2009-02-05 138680]
R2 CmdAgent;Comodo Application Agent; C:\Programy\Comodo Firewall\Comodo\Firewall\cmdagent.exe [2009-05-01 361040]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 ioloFileInfoList;iolo FileInfoList Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-03-31 578408]
R2 ioloSystemService;iolo System Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-03-31 578408]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 NWCWorkstation;Client Service for NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 NwSapAgent;SAP Agent; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-01-17 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-01-17 103736]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 gupdate1c9cb602040571a;Služba Google Update (gupdate1c9cb602040571a); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-02 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-02 183280]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-11-01 72704]
S3 AresChatServer;Ares Chatroom server; C:\Programy\Ares\chatServer.exe [2007-01-30 253440]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 Boonty Games;Boonty Games; C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2006-07-23 69120]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-18 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-05-02 306432]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 Sflt_daaaaata;Sflt_daaaaata; C:\WINDOWS\system32\drivers\nv_agp.SYS [2002-09-06 13568]

-----------------EOF-----------------

[1danab]

zdravím
stáhněte a uložte nejlépe na plochu ComboFix

spusťte aplikaci pod účtem s administrátorským oprávněním
po startu se zobrazí obrazovka s licenčními podmínkami, klikněte na tlačítko Ano:



může dojít k varování ohledně rezidentního štítu Vašeho antiviru a upozornění na nenainstalovanou konzoli pro zotavení; zatím jí neinstalujte

sken trvá cca 10 minut (může trvat i déle, podle množství souborů a rychlosti pc); během skenu nespouštějte žádné aplikace

během skenování může být Vaše pc restartováno, proto nepropadejte panice

upozornění: pokud používate antispyware s rezidentním štítem, deaktivujte jeho rezidentní štít, protože dochází při skenu a výmazu případného malware k nežádoucím kolizím Combofixu s rezidentem antispyware

po restartování vytvoří aplikace log, uložený na C:/Combofix.txt jeho obsah vložte sem

[Pa3ot]

Tu je:

ComboFix 10-06-18.03 - Bošanský . 06. 2010 13:42:49.2.1 - x86
Running from: c:\documents and settings\BoÜanskř.HOME-26B49DF8A9.012\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\MSVCP71.DLL
c:\program files\RelevantKnowledge\MSVCR71.DLL
c:\program files\RelevantKnowledge\rlservice.exe
c:\program files\RelevantKnowledge\rlvknlg.exe
C:\Windows Update
c:\windows\k.txt
c:\windows\system\QTIM32.DLL
c:\windows\system32\dumphive.exe
c:\windows\system32\Process.exe
c:\windows\system32\ReadMe.txt
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Legacy_SSHNAS
-------\Service_Boonty Games


((((((((((((((((((((((((( Files Created from 2010-05-19 to 2010-06-19 )))))))))))))))))))))))))))))))
.

2010-06-19 02:16 . 2010-06-19 02:28 -------- d-----w- c:\program files\trend micro
2010-06-19 02:16 . 2010-06-19 02:17 -------- d-----w- C:\rsit
2010-06-19 02:12 . 2010-06-19 02:12 -------- d-----w- C:\VundoFix Backups
2010-06-18 19:44 . 2010-06-18 19:48 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC
2010-06-18 00:44 . 2007-05-08 23:10 237552 ----a-w- c:\windows\system32\tpuninst.exe
2010-06-18 00:16 . 2010-06-18 00:16 -------- d-----w- c:\windows\system32\wbem\Repository
2010-06-16 13:59 . 2010-06-16 13:59 -------- d-----w- c:\windows\Profiles
2010-06-16 13:57 . 2010-06-19 02:04 -------- d-----w- c:\documents and settings\Bošanský.HOME-26B49DF8A9.012
2010-06-16 12:08 . 2010-06-16 12:08 -------- d-----w- c:\windows\Application Data
2010-06-16 11:09 . 2010-06-16 11:09 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2010-06-16 11:07 . 2010-06-16 11:19 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Orbit
2010-06-16 11:07 . 2010-06-16 11:07 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-06-16 11:07 . 2010-06-16 11:07 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Comodo
2010-06-14 15:01 . 2010-06-14 15:01 -------- d-----w- c:\program files\Ask.com
2010-06-12 18:15 . 2010-05-06 10:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-18 17:12 . 2009-05-02 19:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-06-12 17:31 . 2009-11-13 15:54 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-12 12:50 . 2009-07-06 05:45 -------- d-----w- c:\program files\ICQ6Toolbar
2010-05-28 15:57 . 2009-10-16 18:43 -------- d-----w- c:\program files\PageRage
2010-05-17 21:16 . 2007-01-20 15:32 -------- d-----w- c:\program files\Google
2010-05-15 10:41 . 2010-05-15 10:41 34 ---ha-w- c:\windows\system32\VideoConverter_sysquict.dat
2010-05-14 14:43 . 2010-05-14 14:43 -------- d-----w- c:\program files\Xvid
2010-05-08 19:41 . 2009-04-13 16:25 304160 ----a-w- C:\StiImg.dat
2010-05-06 10:41 . 2004-08-03 22:56 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 17:04 . 2006-06-28 09:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-02 05:22 . 2004-08-03 21:17 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:30 . 2004-08-03 22:56 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-12 17:07 . 2010-04-12 17:07 4950 ----a-w- c:\windows\system32\SpoonUninstall-Action Battlefield B1.0.dat
2010-04-12 17:07 . 2010-04-12 17:07 164352 ----a-w- c:\windows\system32\SpoonUninstall.exe
2010-04-11 20:10 . 2008-12-26 19:02 729088 ----a-w- c:\windows\iun6002.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9565115d-c7d6-46d3-bd63-b67b481a4368}]
2010-05-28 15:58 2393184 ----a-w- c:\program files\PageRage\tbPag1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-09-02 12:56 1175944 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{9565115d-c7d6-46d3-bd63-b67b481a4368}"= "c:\program files\PageRage\tbPag1.dll" [2010-05-28 2393184]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{9565115d-c7d6-46d3-bd63-b67b481a4368}]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\program\Avast4\ashDisp.exe" [2009-02-05 81000]
"COMODO Firewall Pro"="c:\programy\Comodo Firewall\Comodo\Firewall\CPF.exe" [2009-05-01 1115728]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"QuickTime Task"="c:\programy\QuickTime\qttask.exe" [2007-06-29 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0autocheck smrgdf c:\documents and settings\Bošanský\Application Data\iolo

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"PCSuiteTrayApplication"=c:\programy\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
"UnlockerAssistant"="e:\unlocker\UnlockerAssistant.exe"
"Adobe Photo Downloader"="c:\programy\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe"
"DmwClient"="e:\program games\GamePark\DMW Client 3\dmwclient.exe"
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"SMSystemAnalyzer"="c:\programy\System Mechanic 7\SMSystemAnalyzer.exe"
"Rapget"=e:\stahovace\Rapget 1.41\rapget.exe
"Sony Ericsson PC Suite"="f:\programs\Sony Ericsson PC Suite\Application Launcher\Application Launcher.exe" /startoptions
"nwiz"=nwiz.exe /install
"REGSHAVE"=c:\program files\REGSHAVE\REGSHAVE.EXE /AUTORUN
"SpyHunter Security Suite"=c:\program files\Enigma Software Group\SpyHunter\SpyHunter3.exe
"QuickTime Task"="c:\programy\QuickTime\qttask.exe" -atboottime
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"WinUpdate"=c:\documents and settings\Bošanský\Local Settings\Application Data\Windows Update\svchost.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programy\\3D Max 9\\monitor.exe"=
"c:\\Programy\\3D Max 9\\manager.exe"=
"c:\\Programy\\3D Max 9\\server.exe"=
"e:\\Program Games\\The Settlers V\\bin\\settlershok.exe"=
"e:\\utorrent.exe"=
"f:\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"f:\\Skype\\Phone\\Skype.exe"=
"f:\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5000:TCP"= 5000:TCP:AresChatServer

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2007-03-24 639224]
R2 gupdate1c9cb602040571a;Služba Google Update (gupdate1c9cb602040571a);c:\program files\Google\Update\GoogleUpdate.exe [2009-05-02 133104]
R3 FileObjInfo;STFileDriver;c:\documents and settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys [2007-09-09 5632]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
R3 stusb2ir;USB 2.0 IrDA Bridge;c:\windows\system32\DRIVERS\stusb2ir.sys [2004-09-07 40856]
R3 vaxscsi;vaxscsi;c:\windows\System32\Drivers\vaxscsi.sys [2007-11-02 223128]
R3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824]
R3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\w300obex.sys [2006-03-13 85696]
R3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC);c:\windows\system32\DRIVERS\zd1211Bu.sys [2006-08-24 477696]
S0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\System32\drivers\sfsync03.sys [2005-12-06 35328]
S1 aswSP;avast! Self Protection; [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2008-01-23 501560]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
S2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2008-03-31 578408]
S2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2008-03-31 578408]
S3 PAC207;Trust WB-1200p Mini Webcam;c:\windows\system32\DRIVERS\pfc027.sys [2005-02-24 162176]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-06-18 c:\windows\Tasks\1-Click Maintenance.job
- c:\programy\Tune Up\OneClick.exe [2008-01-08 11:31]

2010-06-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 12:42]

2009-08-22 c:\windows\Tasks\FRU Task 2002-12-03 04:38ewlett-Packard2002-12-03 04:38p psc 1200 series84887B468ABA3F57D76752217D5938688025EB21245596034.job
- f:\programs\HP Photo and Imaging\Digital Imaging\Bin\hpqfrucl.exe [2002-12-02 18:38]

2010-06-19 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-03-16 19:49]

2010-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-02 19:54]

2010-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-02 19:54]

2010-06-19 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-09-02 12:56]

2010-06-18 c:\windows\Tasks\SpeedyPC Program Check.job
- f:\programs\SpeedyPC\SpeedyPC.exe [2010-05-19 23:10]

2010-06-18 c:\windows\Tasks\SpeedyPC.job
- f:\programs\SpeedyPC\SpeedyPC.exe [2010-05-19 23:10]

2010-06-19 c:\windows\Tasks\User_Feed_Synchronization-{AFCAC836-695A-49CA-AAD6-61A0F92BED86}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Supplementary Scan -------
.
IE: E&xportovať do programu Microsoft Excel - c:\programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} -
LSP: c:\windows\system32\idmmbc.dll
DPF: {A4735C9C-6626-4386-9B93-2D9B79047AB8} - hxxp://www.joj.sk/fileadmin/joj_player/JOJ_Explorer_Player.cab
DPF: {CE40C3F1-3DF5-4461-A521-810923235628} - hxxp://www.joj.sk/fileadmin/joj_player/JOJ_Explorer_Player.cab
FF - ProfilePath - c:\docume~1\BOANSK~1.012\APPLIC~1\Mozilla\Firefox\Profiles\oqhsz4iw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2418376&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{9565115d-c7d6-46d3-bd63-b67b481a4368}\components\FFExternalAlert.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: c:\programy\QuickTime\Plugins\npqtplugin.dll
FF - plugin: c:\programy\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: c:\programy\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: c:\programy\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: c:\programy\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: c:\programy\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: c:\programy\QuickTime\Plugins\npqtplugin7.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -

BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
AddRemove-Bink and Smacker - c:\programy\RADVID~1\UNWISE.EXE
AddRemove-Characterizer_is1 - c:\programy\Characterizer (text obrazok)\unins000.exe
AddRemove-Image2Ico_is1 - c:\programy\Image2Ico (ikony)\unins000.exe
AddRemove-Internet Download Manager - c:\programy\Internet Download Manager\Uninstall.exe
AddRemove-Nero - Burning Rom!UninstallKey - c:\programy\Nero (napalovačka)\nero\uninstall\UNNERO.exe
AddRemove-Orbit_is1 - c:\programy\Orbitdownloader\unins000.exe
AddRemove-Password Agent 2 - c:\programy\Password Agent (kody)\Uninstall.exe
AddRemove-PowerISO - c:\programy\PowerISO\uninstall.exe
AddRemove-Ultra Video Converter_is1 - c:\programy\Ultra Video Converter (media)\unins000.exe
AddRemove-Ultra Video Joiner_is1 - c:\programy\Ultra Video Joiner (media)\unins000.exe
AddRemove-{d08d9f98-1c78-4704-87e6-368b0023d831} - c:\program files\RelevantKnowledge\rlvknlg.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-19 13:49
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):ae,65,29,ca,95,e8,da,c1,8e,ca,f6,94,7a,0c,fa,f7,2b,3f,f2,6a,4b,
ca,18,fd,9d,f8,e9,b1,04,1d,a3,e2,6e,31,7b,34,a3,56,96,37,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{d68dabd8-f8a6-4ae0-ab1c-92fd10360034}]
@Denied: (Full) (Everyone)
"Model"=dword:00000003
"Therad"=dword:0000000f
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|˙˙˙˙¤•€|ů•A~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OOCC06.00.00.01WSSV"="F6ABCEE9698F2E6F21813F6E4F2434C9A5238EA4099CBF096DB1423A43384A2851CC727AF324FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667A6171C11EC38DE3DA2D97226D213B5555D575E7D6A3B9808081F578D0092D9116F969E7919D41089F943C4DFCEA6B7629E84532EB342508DA49CB405D7B5EB1A16D9CAE527CE70ED03C0D9051395A49597553E9895579323806B76C2F33B3F1CA0057B03E2761978104DE746EF805CB0F8137471BEDD27DD34DFBA1117FBEE644419D18DBC1CBD381432B6ED9F4E46A391EE81B35AF7442F0B37F13EF8F129866AF9C44119349F7F361C5F4DD60C5A22E4FD4562066B394B860FDF1CC43DB1D7326D9D62505618E65099523637EC27242C39F201D3A1682C5AE8207F199EE0F1EBA07A38ADBD934870A15102DB424C6751FE9298C9A9480E702C1CC28800A1B49CA04D0D71CA9144DA8AF20BD0888069758F80B461B5627363A296C21BE8F2BF7FE35B2E5001A83C8412A33317590B6F6A916CE68899D6A0857B24E14B8B687B803FBDEE710AFD58975820DA24F8CB83380ED9C4A251D51FDAC72D0508B82891C16E63A6712FCF83F360FBEB61C9B16E1A7121E484F8A6BA1CFEED9635E7ED6F18920E305F626E6DAB949ED12CD5C343800E6C66F754A306B47BF784A7B20AC60FAD53E8C036BD0806C0427B53499AD38E1ABCE7BCC63AD6C5FA313FAD5ADE0F62A79B340CE3B48BFB9475DC1EF4E3BA9BACE50E035D6E4424A050BC83C06482844BA7782F4661F3BC259B6E44CE5FD1B3451003714454AD58F1E178DD6CA41E1AC8062188DD63FD2B6AEAAAF370E33A95C33672224D97339EDA49EC6209BF257DB29E1B6C4D6F2FDC426E11CC145B58356F270DA3ED7639E7A8B81F2E64699C3B022B5BA35ECD4C1EEA0526E51CC0D43AEF8808F64142E8570D3A924D73E7CF168F3757E8FBDAE2EB8960F1C58D279AFED3D11B930563B0489FAA50C44A97CC829C28896EB50540F9A60AFE6B11B35A160C4E04E19A51C1C3DA3AE78C2566E4AA4D30F05541D2F8ACAF59DDC6749E083F6C1E03C0889C8F0D1D6EEA8C64D92E6CA65B1038F35BE2A0F27FA1BCA6B55CF431345C81F766D497A71F6D280886835816076D224BCB1AA4277E62A7BEDA53E077D9D7EBB6650E0D227A8AADB9198334E8E493126664FD39632D3A537303ACE33E29453837E2FCC696FEDE664250107A55F912FD8AF7B01623B54B0124B7EB8FEC137194103FA6D9F2830D8E12804D57F0A1F9CC9D6F9A26C897B7665094DAADCBD933A479EAD2070BAF39D33B8FA82DB608E35AAC486587972527AB9BCD05390918637CD26C10C813810F58F3F9CD1287AF6977E712818CB806466E51263A61B6B65E279CDE2FCAA6C73B3519CEAF4E26"
"OODEFRAG10.00.00.01WORKSTATION"="5BA56E849827EEF073D629BD94F7E881F61268DA288720BC6B809563E816E9EEFCD848FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933BA7FD869164D67949DB7CE019D40AA5CA6A0AC4980AC793350529272BCFA9B504A462DE25684CA84F7C315BB122214FA7973AA4CAF91DF8F7CAAD817E6E42A3C5121EFB6B4C33ED4573AD65EE038CFC4315780DFE28E60E3D0BFBE48944070D44E1A5C092EF787808E6E88B2999B848B41C19442936BC57623B481F618349C341AC3D9C0A80991679D8560B85913781A6D070AAAB0F154999B2FCF35D82B10D463B3C3EAA2217BCC56258514D1ABA61C4C01F5F9423005843656CBB952525E152C05EBB52B30165ADFF9168F48B5C0234C8AE1AEE175845044DB0DDE949B53394A589477E6E96A9C34B2A29796452826AA854DF13F58B3FB6B6E9E25423E6BE866CCF5A50D443083248431BCA9B1F47C7C57298C9AB025EAA345802E92B4D8AE008CBDDE6CF95863CFA6B934821873E5A9665B6ACC1DA3E2B998244150BB7F7AE6BF0AE0E20C047430D32A56B559A2026CA03FA03D7D2A8C4FA7F0C95B56FB9F4295EF1065BC0A530FCBE2206D97B5D5D6F6A1636C77EA7857B2C1D5A74A98550C4177F4FB1375818B53B83367BB154CCADD448C6A75C8981C00E6993BA2D83711F81B3A445A04E098B1F4D474735BB201CEDD9A6022DC433A5A22E9B2ACF0C5F2F8CD31EC21A9BBFBB155EB78AB583905C3982F06F07431220DAA433BFA4B6228FC70CC3BBB8A3FD0240A86EF9C8F76B5C09210AA150F8319EAACC41B6206D5FACA5D25074103F8075CB756E4BBB8E249C7DDA7B089E0BBB6C9C5AF270071CA08265FF53D8BA1606031F8AE7AC43F5C45637E030F0A533FE883096C4B2E1351425CB620DD3AA74BF37E598A65B9C324061F7154CD98035AF0F4FE050692A55C6FB99827FB328CF72CA45A04ED5E18DF3C8AA3720E79403961012129EC1095C227122BB1C117FB86C88771DEF3B94498EABDF6D500B6106F258CDEAB255484C1593C8B0E6AD751FA5B8D077E661983BCE9CE419CEA9D29F2F8011C02EA4BC7F64713C929C5A1223CCAA3786C4B0C469C64D94C8AA7BEF99F6BCBAE498DA66AE607F3E999B8E63399D13816533CE6AFECDA81D583276FA2B1635F61BE70DEA9F701C2E2163CE000C101402687664196C9A0689191E848764D9931F4468AAB74767565A2F9DA89B5C9B832E1FB8AF708ADDE39256306A700771ABA1A66660C7311F3470846B69FB92A318A744AFE2BC2FB1020A84B26ADFA9BC4F9F9C92443FD5BE256661E03261F3EF4C880AFABBF3979034CACBD09BF5688516FAF3FF7D6A24D7C85864A09E6B247E2701A0B0FDB154F5D7431D57F08B86E45A2C83BA60FA3C24D4C25B523"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(1024)
c:\windows\system32\idmmbc.dll

- - - - - - - > 'explorer.exe'(616)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\idmmbc.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-06-19 13:53:23
ComboFix-quarantined-files.txt 2010-06-19 11:53

Pre-Run: 1 606 594 560 bytes free
Post-Run: 1 588 629 504 bytes free

- - End Of File - - 9325044E2052DD41A0A883971553CDE1

[1danab]

pokud jste tak ještě neučinil, přesuňte Combofix na plochu

otevřete si Poznámkový blok

do něj zkopírujte skript z následujícího okna:

Kód: Vybrat vše

Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"UserInit"="C:\\WINDOWS\\system32\\userinit.exe,"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WinUpdate"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"WinUpdate"=-

uložte vámi vytvořený textový soubor jako CFScript.txt na plochu

po uložení uchopte vámi vytvořený skript levým tlačítkem myši a přesuňte jej nad ikonu Combofixu, nad níž skript upusťte:



po aplikaci by se měl zobrazit další log, vložte jej sem

Upozornění: je možné, že po aplikaci skriptu a restartu nenaběhnou Windows, v takovém případě znovu restartujte, po restartu mačkejte F8 a zvolte Poslední známou funkční konfiguraci

[Pa3ot]

ComboFix 10-06-18.03 - Bošanský . 06. 2010 14:51:50.3.1 - x86
Running from: c:\documents and settings\Bošanský.HOME-26B49DF8A9.012\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Bošanský.HOME-26B49DF8A9.012\Desktop\CFScript.txt
.

((((((((((((((((((((((((( Files Created from 2010-05-19 to 2010-06-19 )))))))))))))))))))))))))))))))
.

2010-06-19 02:16 . 2010-06-19 02:28 -------- d-----w- c:\program files\trend micro
2010-06-19 02:16 . 2010-06-19 02:17 -------- d-----w- C:\rsit
2010-06-19 02:12 . 2010-06-19 02:12 -------- d-----w- C:\VundoFix Backups
2010-06-18 19:44 . 2010-06-18 19:48 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC
2010-06-18 00:44 . 2007-05-08 23:10 237552 ----a-w- c:\windows\system32\tpuninst.exe
2010-06-18 00:16 . 2010-06-18 00:16 -------- d-----w- c:\windows\system32\wbem\Repository
2010-06-16 13:59 . 2010-06-16 13:59 -------- d-----w- c:\windows\Profiles
2010-06-16 13:57 . 2010-06-19 02:04 -------- d-----w- c:\documents and settings\Bošanský.HOME-26B49DF8A9.012
2010-06-16 12:08 . 2010-06-16 12:08 -------- d-----w- c:\windows\Application Data
2010-06-16 11:09 . 2010-06-16 11:09 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2010-06-16 11:07 . 2010-06-16 11:19 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Orbit
2010-06-16 11:07 . 2010-06-16 11:07 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-06-16 11:07 . 2010-06-16 11:07 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Comodo
2010-06-14 15:01 . 2010-06-14 15:01 -------- d-----w- c:\program files\Ask.com
2010-06-12 18:15 . 2010-05-06 10:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-18 17:12 . 2009-05-02 19:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-06-12 17:31 . 2009-11-13 15:54 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-12 12:50 . 2009-07-06 05:45 -------- d-----w- c:\program files\ICQ6Toolbar
2010-05-28 15:57 . 2009-10-16 18:43 -------- d-----w- c:\program files\PageRage
2010-05-17 21:16 . 2007-01-20 15:32 -------- d-----w- c:\program files\Google
2010-05-15 10:41 . 2010-05-15 10:41 34 ---ha-w- c:\windows\system32\VideoConverter_sysquict.dat
2010-05-14 14:43 . 2010-05-14 14:43 -------- d-----w- c:\program files\Xvid
2010-05-08 19:41 . 2009-04-13 16:25 304160 ----a-w- C:\StiImg.dat
2010-05-06 10:41 . 2004-08-03 22:56 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 17:04 . 2006-06-28 09:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-02 05:22 . 2004-08-03 21:17 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:30 . 2004-08-03 22:56 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-12 17:07 . 2010-04-12 17:07 4950 ----a-w- c:\windows\system32\SpoonUninstall-Action Battlefield B1.0.dat
2010-04-12 17:07 . 2010-04-12 17:07 164352 ----a-w- c:\windows\system32\SpoonUninstall.exe
2010-04-11 20:10 . 2008-12-26 19:02 729088 ----a-w- c:\windows\iun6002.exe
.

((((((((((((((((((((((((((((( SnapShot@2010-06-19_11.49.57 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-19 12:57 . 2010-06-19 12:57 53248 c:\windows\Temp\catchme.dll
- 2010-06-19 11:49 . 2010-06-19 11:49 53248 c:\windows\Temp\catchme.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9565115d-c7d6-46d3-bd63-b67b481a4368}]
2010-05-28 15:58 2393184 ----a-w- c:\program files\PageRage\tbPag1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-09-02 12:56 1175944 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{9565115d-c7d6-46d3-bd63-b67b481a4368}"= "c:\program files\PageRage\tbPag1.dll" [2010-05-28 2393184]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{9565115d-c7d6-46d3-bd63-b67b481a4368}]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\program\Avast4\ashDisp.exe" [2009-02-05 81000]
"COMODO Firewall Pro"="c:\programy\Comodo Firewall\Comodo\Firewall\CPF.exe" [2009-05-01 1115728]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"QuickTime Task"="c:\programy\QuickTime\qttask.exe" [2007-06-29 286720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0autocheck smrgdf c:\documents and settings\Bošanský\Application Data\iolo

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"PCSuiteTrayApplication"=c:\programy\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
"UnlockerAssistant"="e:\unlocker\UnlockerAssistant.exe"
"Adobe Photo Downloader"="c:\programy\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe"
"DmwClient"="e:\program games\GamePark\DMW Client 3\dmwclient.exe"
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"SMSystemAnalyzer"="c:\programy\System Mechanic 7\SMSystemAnalyzer.exe"
"Rapget"=e:\stahovace\Rapget 1.41\rapget.exe
"Sony Ericsson PC Suite"="f:\programs\Sony Ericsson PC Suite\Application Launcher\Application Launcher.exe" /startoptions
"nwiz"=nwiz.exe /install
"REGSHAVE"=c:\program files\REGSHAVE\REGSHAVE.EXE /AUTORUN
"SpyHunter Security Suite"=c:\program files\Enigma Software Group\SpyHunter\SpyHunter3.exe
"QuickTime Task"="c:\programy\QuickTime\qttask.exe" -atboottime
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programy\\3D Max 9\\monitor.exe"=
"c:\\Programy\\3D Max 9\\manager.exe"=
"c:\\Programy\\3D Max 9\\server.exe"=
"e:\\Program Games\\The Settlers V\\bin\\settlershok.exe"=
"e:\\utorrent.exe"=
"f:\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"f:\\Skype\\Phone\\Skype.exe"=
"f:\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5000:TCP"= 5000:TCP:AresChatServer

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2007-03-24 639224]
R2 gupdate1c9cb602040571a;Služba Google Update (gupdate1c9cb602040571a);c:\program files\Google\Update\GoogleUpdate.exe [2009-05-02 133104]
R3 FileObjInfo;STFileDriver;c:\documents and settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys [2007-09-09 5632]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
R3 stusb2ir;USB 2.0 IrDA Bridge;c:\windows\system32\DRIVERS\stusb2ir.sys [2004-09-07 40856]
R3 vaxscsi;vaxscsi;c:\windows\System32\Drivers\vaxscsi.sys [2007-11-02 223128]
R3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824]
R3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\w300obex.sys [2006-03-13 85696]
R3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC);c:\windows\system32\DRIVERS\zd1211Bu.sys [2006-08-24 477696]
S0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\System32\drivers\sfsync03.sys [2005-12-06 35328]
S1 aswSP;avast! Self Protection; [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2008-01-23 501560]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
S2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2008-03-31 578408]
S2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2008-03-31 578408]
S3 PAC207;Trust WB-1200p Mini Webcam;c:\windows\system32\DRIVERS\pfc027.sys [2005-02-24 162176]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-06-18 c:\windows\Tasks\1-Click Maintenance.job
- c:\programy\Tune Up\OneClick.exe [2008-01-08 11:31]

2010-06-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 12:42]

2009-08-22 c:\windows\Tasks\FRU Task 2002-12-03 04:38ewlett-Packard2002-12-03 04:38p psc 1200 series84887B468ABA3F57D76752217D5938688025EB21245596034.job
- f:\programs\HP Photo and Imaging\Digital Imaging\Bin\hpqfrucl.exe [2002-12-02 18:38]

2010-06-19 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-03-16 19:49]

2010-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-02 19:54]

2010-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-02 19:54]

2010-06-19 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-09-02 12:56]

2010-06-18 c:\windows\Tasks\SpeedyPC Program Check.job
- f:\programs\SpeedyPC\SpeedyPC.exe [2010-05-19 23:10]

2010-06-18 c:\windows\Tasks\SpeedyPC.job
- f:\programs\SpeedyPC\SpeedyPC.exe [2010-05-19 23:10]

2010-06-19 c:\windows\Tasks\User_Feed_Synchronization-{AFCAC836-695A-49CA-AAD6-61A0F92BED86}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Supplementary Scan -------
.
IE: E&xportovať do programu Microsoft Excel - c:\programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} -
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} -
LSP: c:\windows\system32\idmmbc.dll
DPF: {A4735C9C-6626-4386-9B93-2D9B79047AB8} - hxxp://www.joj.sk/fileadmin/joj_player/JOJ_Explorer_Player.cab
DPF: {CE40C3F1-3DF5-4461-A521-810923235628} - hxxp://www.joj.sk/fileadmin/joj_player/JOJ_Explorer_Player.cab
FF - ProfilePath - c:\docume~1\BOANSK~1.012\APPLIC~1\Mozilla\Firefox\Profiles\oqhsz4iw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2418376&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{9565115d-c7d6-46d3-bd63-b67b481a4368}\components\FFExternalAlert.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: c:\programy\QuickTime\Plugins\npqtplugin.dll
FF - plugin: c:\programy\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: c:\programy\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: c:\programy\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: c:\programy\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: c:\programy\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: c:\programy\QuickTime\Plugins\npqtplugin7.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-19 14:57
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):ae,65,29,ca,95,e8,da,c1,8e,ca,f6,94,7a,0c,fa,f7,2b,3f,f2,6a,4b,
ca,18,fd,9d,f8,e9,b1,04,1d,a3,e2,6e,31,7b,34,a3,56,96,37,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{d68dabd8-f8a6-4ae0-ab1c-92fd10360034}]
@Denied: (Full) (Everyone)
"Model"=dword:00000003
"Therad"=dword:0000000f
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|˙˙˙˙¤•€|ů•A~*]
"AB141C35E9F4BF344B9FC010BB17F68A"=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OOCC06.00.00.01WSSV"="F6ABCEE9698F2E6F21813F6E4F2434C9A5238EA4099CBF096DB1423A43384A2851CC727AF324FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667A6171C11EC38DE3DA2D97226D213B5555D575E7D6A3B9808081F578D0092D9116F969E7919D41089F943C4DFCEA6B7629E84532EB342508DA49CB405D7B5EB1A16D9CAE527CE70ED03C0D9051395A49597553E9895579323806B76C2F33B3F1CA0057B03E2761978104DE746EF805CB0F8137471BEDD27DD34DFBA1117FBEE644419D18DBC1CBD381432B6ED9F4E46A391EE81B35AF7442F0B37F13EF8F129866AF9C44119349F7F361C5F4DD60C5A22E4FD4562066B394B860FDF1CC43DB1D7326D9D62505618E65099523637EC27242C39F201D3A1682C5AE8207F199EE0F1EBA07A38ADBD934870A15102DB424C6751FE9298C9A9480E702C1CC28800A1B49CA04D0D71CA9144DA8AF20BD0888069758F80B461B5627363A296C21BE8F2BF7FE35B2E5001A83C8412A33317590B6F6A916CE68899D6A0857B24E14B8B687B803FBDEE710AFD58975820DA24F8CB83380ED9C4A251D51FDAC72D0508B82891C16E63A6712FCF83F360FBEB61C9B16E1A7121E484F8A6BA1CFEED9635E7ED6F18920E305F626E6DAB949ED12CD5C343800E6C66F754A306B47BF784A7B20AC60FAD53E8C036BD0806C0427B53499AD38E1ABCE7BCC63AD6C5FA313FAD5ADE0F62A79B340CE3B48BFB9475DC1EF4E3BA9BACE50E035D6E4424A050BC83C06482844BA7782F4661F3BC259B6E44CE5FD1B3451003714454AD58F1E178DD6CA41E1AC8062188DD63FD2B6AEAAAF370E33A95C33672224D97339EDA49EC6209BF257DB29E1B6C4D6F2FDC426E11CC145B58356F270DA3ED7639E7A8B81F2E64699C3B022B5BA35ECD4C1EEA0526E51CC0D43AEF8808F64142E8570D3A924D73E7CF168F3757E8FBDAE2EB8960F1C58D279AFED3D11B930563B0489FAA50C44A97CC829C28896EB50540F9A60AFE6B11B35A160C4E04E19A51C1C3DA3AE78C2566E4AA4D30F05541D2F8ACAF59DDC6749E083F6C1E03C0889C8F0D1D6EEA8C64D92E6CA65B1038F35BE2A0F27FA1BCA6B55CF431345C81F766D497A71F6D280886835816076D224BCB1AA4277E62A7BEDA53E077D9D7EBB6650E0D227A8AADB9198334E8E493126664FD39632D3A537303ACE33E29453837E2FCC696FEDE664250107A55F912FD8AF7B01623B54B0124B7EB8FEC137194103FA6D9F2830D8E12804D57F0A1F9CC9D6F9A26C897B7665094DAADCBD933A479EAD2070BAF39D33B8FA82DB608E35AAC486587972527AB9BCD05390918637CD26C10C813810F58F3F9CD1287AF6977E712818CB806466E51263A61B6B65E279CDE2FCAA6C73B3519CEAF4E26"
"OODEFRAG10.00.00.01WORKSTATION"="5BA56E849827EEF073D629BD94F7E881F61268DA288720BC6B809563E816E9EEFCD848FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933BA7FD869164D67949DB7CE019D40AA5CA6A0AC4980AC793350529272BCFA9B504A462DE25684CA84F7C315BB122214FA7973AA4CAF91DF8F7CAAD817E6E42A3C5121EFB6B4C33ED4573AD65EE038CFC4315780DFE28E60E3D0BFBE48944070D44E1A5C092EF787808E6E88B2999B848B41C19442936BC57623B481F618349C341AC3D9C0A80991679D8560B85913781A6D070AAAB0F154999B2FCF35D82B10D463B3C3EAA2217BCC56258514D1ABA61C4C01F5F9423005843656CBB952525E152C05EBB52B30165ADFF9168F48B5C0234C8AE1AEE175845044DB0DDE949B53394A589477E6E96A9C34B2A29796452826AA854DF13F58B3FB6B6E9E25423E6BE866CCF5A50D443083248431BCA9B1F47C7C57298C9AB025EAA345802E92B4D8AE008CBDDE6CF95863CFA6B934821873E5A9665B6ACC1DA3E2B998244150BB7F7AE6BF0AE0E20C047430D32A56B559A2026CA03FA03D7D2A8C4FA7F0C95B56FB9F4295EF1065BC0A530FCBE2206D97B5D5D6F6A1636C77EA7857B2C1D5A74A98550C4177F4FB1375818B53B83367BB154CCADD448C6A75C8981C00E6993BA2D83711F81B3A445A04E098B1F4D474735BB201CEDD9A6022DC433A5A22E9B2ACF0C5F2F8CD31EC21A9BBFBB155EB78AB583905C3982F06F07431220DAA433BFA4B6228FC70CC3BBB8A3FD0240A86EF9C8F76B5C09210AA150F8319EAACC41B6206D5FACA5D25074103F8075CB756E4BBB8E249C7DDA7B089E0BBB6C9C5AF270071CA08265FF53D8BA1606031F8AE7AC43F5C45637E030F0A533FE883096C4B2E1351425CB620DD3AA74BF37E598A65B9C324061F7154CD98035AF0F4FE050692A55C6FB99827FB328CF72CA45A04ED5E18DF3C8AA3720E79403961012129EC1095C227122BB1C117FB86C88771DEF3B94498EABDF6D500B6106F258CDEAB255484C1593C8B0E6AD751FA5B8D077E661983BCE9CE419CEA9D29F2F8011C02EA4BC7F64713C929C5A1223CCAA3786C4B0C469C64D94C8AA7BEF99F6BCBAE498DA66AE607F3E999B8E63399D13816533CE6AFECDA81D583276FA2B1635F61BE70DEA9F701C2E2163CE000C101402687664196C9A0689191E848764D9931F4468AAB74767565A2F9DA89B5C9B832E1FB8AF708ADDE39256306A700771ABA1A66660C7311F3470846B69FB92A318A744AFE2BC2FB1020A84B26ADFA9BC4F9F9C92443FD5BE256661E03261F3EF4C880AFABBF3979034CACBD09BF5688516FAF3FF7D6A24D7C85864A09E6B247E2701A0B0FDB154F5D7431D57F08B86E45A2C83BA60FA3C24D4C25B523"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(1024)
c:\windows\system32\idmmbc.dll

- - - - - - - > 'explorer.exe'(3160)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\idmmbc.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-06-19 15:01:03
ComboFix-quarantined-files.txt 2010-06-19 13:01
ComboFix2.txt 2010-06-19 11:53

Pre-Run: 1 604 579 328 bytes free
Post-Run: 1 587 097 600 bytes free

- - End Of File - - 90B16B55F33308FE5697CDBC6016C7CC

[1danab]

poprosím vás ještě o nový log z RSITu

[Pa3ot]

Tu je

Logfile of random's system information tool 1.07 (written by random/random)
Run by Bošanský at 2010-06-19 15:56:39
Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (11%) free of 14 GB
Total RAM: 511 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:56:54, on 19. 6. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Avast4\aswUpdSv.exe
C:\Program\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programy\Comodo Firewall\Comodo\Firewall\cmdagent.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Bošanský.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programy\Orbitdownloader\orbitcth.dll (file missing)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Programy\Internet Download Manager\IDMIECC.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programy\Spybot - Search & Destroy (antivirus)\SDHelper.dll
O2 - BHO: PageRage Toolbar - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPag1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programy\Orbitdownloader\GrabPro.dll (file missing)
O3 - Toolbar: PageRage Toolbar - {9565115d-c7d6-46d3-bd63-b67b481a4368} - C:\Program Files\PageRage\tbPag1.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\Program\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programy\Comodo Firewall\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programy\QuickTime\qttask.exe" -atboottime
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\Programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\Spybot - Search & Destroy (antivirus)\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\Spybot - Search & Destroy (antivirus)\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programy\ICQ6.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programy\ICQ6.5\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} - http://213.160.191.162:801//activex/AMC.cab
O16 - DPF: {A4735C9C-6626-4386-9B93-2D9B79047AB8} (MediaPlugin Control) - http://www.joj.sk/fileadmin/joj_player/ ... Player.cab
O16 - DPF: {CE40C3F1-3DF5-4461-A521-810923235628} - http://www.joj.sk/fileadmin/joj_player/ ... Player.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/ ... taller.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Programy\Ares\chatServer.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Avast4\ashServ.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Avast4\ashWebSv.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programy\Comodo Firewall\Comodo\Firewall\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1c9cb602040571a) (gupdate1c9cb602040571a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 10085 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1245596034.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\SpeedyPC Program Check.job
C:\WINDOWS\tasks\SpeedyPC.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{AFCAC836-695A-49CA-AAD6-61A0F92BED86}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Programy\Orbitdownloader\orbitcth.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Programy\Internet Download Manager\IDMIECC.dll [2009-05-07 169392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Programy\Spybot - Search & Destroy (antivirus)\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9565115d-c7d6-46d3-bd63-b67b481a4368}]
PageRage Toolbar - C:\Program Files\PageRage\tbPag1.dll [2010-05-28 2393184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2010-02-25 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - []
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - C:\Programy\Orbitdownloader\GrabPro.dll []
{9565115d-c7d6-46d3-bd63-b67b481a4368} - PageRage Toolbar - C:\Program Files\PageRage\tbPag1.dll [2010-05-28 2393184]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\Program\Avast4\ashDisp.exe [2009-02-05 81000]
"COMODO Firewall Pro"=C:\Programy\Comodo Firewall\Comodo\Firewall\CPF.exe [2009-05-01 1115728]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"QuickTime Task"=C:\Programy\QuickTime\qttask.exe [2007-06-29 286720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programy\3D Max 9\monitor.exe"="C:\Programy\3D Max 9\monitor.exe:*:Enabled:backburner 2.3 monitor"
"C:\Programy\3D Max 9\manager.exe"="C:\Programy\3D Max 9\manager.exe:*:Enabled:backburner 2.3 manager"
"C:\Programy\3D Max 9\server.exe"="C:\Programy\3D Max 9\server.exe:*:Enabled:backburner 2.3 server"
"E:\Program Games\The Settlers V\bin\settlershok.exe"="E:\Program Games\The Settlers V\bin\settlershok.exe:*:Enabled:THE SETTLERS - Heritage of Kings"
"E:\utorrent.exe"="E:\utorrent.exe:*:Enabled:µTorrent"
"F:\uTorrent\uTorrent.exe"="F:\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"F:\Skype\Phone\Skype.exe"="F:\Skype\Phone\Skype.exe:*:Enabled:Skype"
"F:\uTorrent.exe"="F:\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.reg - edit -
.reg - open -

======List of files/folders created in the last 1 months======

2010-06-19 15:01:04 ----A---- C:\ComboFix.txt
2010-06-19 13:22:16 ----A---- C:\Boot.bak
2010-06-19 13:22:12 ----RASHD---- C:\cmdcons
2010-06-19 13:10:39 ----A---- C:\WINDOWS\zip.exe
2010-06-19 13:10:39 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-06-19 13:10:39 ----A---- C:\WINDOWS\SWSC.exe
2010-06-19 13:10:39 ----A---- C:\WINDOWS\SWREG.exe
2010-06-19 13:10:39 ----A---- C:\WINDOWS\sed.exe
2010-06-19 13:10:39 ----A---- C:\WINDOWS\PEV.exe
2010-06-19 13:10:39 ----A---- C:\WINDOWS\NIRCMD.exe
2010-06-19 13:10:39 ----A---- C:\WINDOWS\MBR.exe
2010-06-19 13:10:39 ----A---- C:\WINDOWS\grep.exe
2010-06-19 13:09:59 ----D---- C:\WINDOWS\ERDNT
2010-06-19 13:03:31 ----D---- C:\Qoobox
2010-06-19 12:57:36 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Comodo
2010-06-19 04:16:38 ----D---- C:\Program Files\trend micro
2010-06-19 04:16:36 ----D---- C:\rsit
2010-06-19 04:12:20 ----D---- C:\VundoFix Backups
2010-06-19 04:12:20 ----A---- C:\VundoFix.txt
2010-06-19 03:01:41 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\DivX
2010-06-19 00:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-19 00:22:14 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-19 00:19:28 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-06-19 00:19:02 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-19 00:16:30 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-19 00:16:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-06-19 00:16:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-19 00:15:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-06-18 21:50:24 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Safer Networking
2010-06-18 21:44:57 ----D---- C:\Documents and Settings\All Users\Application Data\SpeedyPC
2010-06-18 18:15:36 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\uTorrent
2010-06-18 14:44:54 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Lavasoft
2010-06-18 14:27:41 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\iolo
2010-06-18 02:44:09 ----A---- C:\WINDOWS\system32\tpuninst.exe
2010-06-18 02:36:11 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\TuneUp Software
2010-06-18 02:31:45 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Apple Computer
2010-06-17 20:54:02 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Hamachi
2010-06-17 17:32:49 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Microsoft
2010-06-17 02:35:21 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Mozilla
2010-06-16 23:06:35 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Macromedia
2010-06-16 23:02:03 ----D---- C:\Documents and Settings\Bošanský.HOME-26B49DF8A9.012\Application Data\Adobe
2010-06-16 15:59:29 ----D---- C:\WINDOWS\Profiles
2010-06-16 14:08:18 ----D---- C:\WINDOWS\Application Data
2010-06-16 13:06:36 ----ASH---- C:\ntuser.ini
2010-06-14 17:01:49 ----D---- C:\Program Files\Ask.com
2010-06-13 07:24:20 ----A---- C:\WINDOWS\OEWABLog.txt

======List of files/folders modified in the last 1 months======

2010-06-19 15:56:46 ----D---- C:\WINDOWS\Temp
2010-06-19 15:05:29 ----D---- C:\Program Files\Mozilla Firefox
2010-06-19 15:05:02 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-19 15:04:53 ----SD---- C:\WINDOWS\Tasks
2010-06-19 15:03:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-19 14:58:02 ----AD---- C:\WINDOWS
2010-06-19 14:58:02 ----A---- C:\WINDOWS\system.ini
2010-06-19 14:55:19 ----D---- C:\WINDOWS\system32\drivers
2010-06-19 14:55:19 ----D---- C:\WINDOWS\system32
2010-06-19 14:55:19 ----D---- C:\WINDOWS\AppPatch
2010-06-19 14:55:17 ----D---- C:\Program Files\Common Files
2010-06-19 13:30:59 ----D---- C:\WINDOWS\system32\config
2010-06-19 13:30:09 ----AD---- C:\Program Files
2010-06-19 13:30:07 ----D---- C:\WINDOWS\system
2010-06-19 13:22:16 ----RASH---- C:\boot.ini
2010-06-19 13:03:38 ----D---- C:\WINDOWS\Prefetch
2010-06-19 01:16:24 ----D---- C:\WINDOWS\SxsCaPendDel
2010-06-19 01:16:24 ----D---- C:\Config.Msi
2010-06-19 01:13:16 ----SHD---- C:\WINDOWS\Installer
2010-06-19 01:12:48 ----HD---- C:\WINDOWS\inf
2010-06-19 01:12:46 ----D---- C:\Program Files\Internet Explorer
2010-06-19 01:12:41 ----RSD---- C:\WINDOWS\assembly
2010-06-19 01:10:48 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-19 01:10:46 ----RSD---- C:\WINDOWS\Fonts
2010-06-19 01:10:46 ----D---- C:\WINDOWS\system32\en-US
2010-06-19 01:09:44 ----D---- C:\WINDOWS\WinSxS
2010-06-19 01:00:16 ----A---- C:\WINDOWS\wincmd.ini
2010-06-19 00:25:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-19 00:23:54 ----A---- C:\WINDOWS\win.ini
2010-06-19 00:22:19 ----A---- C:\WINDOWS\imsins.BAK
2010-06-19 00:17:23 ----D---- C:\WINDOWS\ie8updates
2010-06-19 00:16:26 ----D---- C:\Program Files\Outlook Express
2010-06-19 00:14:06 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-18 23:10:04 ----D---- C:\Programy
2010-06-18 22:48:03 ----D---- C:\Program Files\Adobe
2010-06-18 22:11:32 ----D---- C:\Documents and Settings
2010-06-18 19:12:17 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2010-06-18 08:10:52 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-18 02:43:14 ----D---- C:\WINDOWS\system32\NtmsData
2010-06-18 02:16:34 ----D---- C:\WINDOWS\system32\wbem
2010-06-18 02:16:33 ----D---- C:\WINDOWS\Registration
2010-06-18 02:15:43 ----D---- C:\WINDOWS\system32\Restore
2010-06-17 07:58:13 ----D---- C:\WINDOWS\system32\CatRoot
2010-06-16 17:17:57 ----A---- C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem.txt
2010-06-16 17:14:58 ----D---- C:\WINDOWS\network diagnostic
2010-06-15 14:54:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-06-14 21:13:37 ----A---- C:\WINDOWS\ODBC.INI
2010-06-12 19:31:07 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-12 14:50:07 ----D---- C:\Program Files\ICQ6Toolbar
2010-06-07 22:27:00 ----A---- C:\WINDOWS\WINTRAN.INI
2010-06-07 22:27:00 ----A---- C:\WINDOWS\STXKBDTS.INI
2010-06-03 10:48:23 ----A---- C:\WINDOWS\NeroDigital.ini
2010-05-28 21:37:34 ----A---- C:\WINDOWS\system32\MRT.exe
2010-05-28 18:32:41 ----D---- C:\WINDOWS\system32\DirectX
2010-05-28 17:57:57 ----D---- C:\Program Files\PageRage
2010-05-20 22:05:09 ----A---- C:\WINDOWS\cdplayer.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-08 35840]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 CmdMon;Comodo Application Engine; C:\WINDOWS\System32\DRIVERS\cmdmon.sys [2009-05-01 75520]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-01-30 23976]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-08-23 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-08-23 55936]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2009-01-30 103488]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-09-20 25280]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-06-21 78976]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2002-12-05 13056]
R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-09-23 80896]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2002-12-05 241664]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 PAC207;Trust WB-1200p Mini Webcam; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 162176]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-23 5888]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S3 b57w2k;BCM5701 Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2001-08-17 96640]
S3 BRGSp50;BRGSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\BRGSp50.sys [2005-06-08 20608]
S3 CAM1210;HAMA WEBCAM AC-100; C:\WINDOWS\System32\Drivers\cam1210.sys [2007-03-15 93952]
S3 catchme;catchme; \??\C:\WINDOWS\TEMP\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2006-11-19 223128]
S3 FileObjInfo;STFileDriver; \??\C:\Documents and Settings\All Users\Application Data\Spyware Terminator\FileObjInfo.sys []
S3 ggsemc;Sony Ericsson USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2006-03-01 8704]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-04 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2008-02-01 138112]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\WINDOWS\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\WINDOWS\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\WINDOWS\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s125mgmt.sys [2007-04-24 100488]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s125obex.sys [2007-04-24 98696]
S3 s716bus;Sony Ericsson Device 716 driver (WDM); C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-04-04 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-04-04 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-04-04 108552]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-04-04 100360]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS); C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-04-04 23176]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-04-04 98568]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM); C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-04-04 98952]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 stusb2ir;USB 2.0 IrDA Bridge; C:\WINDOWS\system32\DRIVERS\stusb2ir.sys [2004-09-07 40856]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys [2007-11-02 223128]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 60800]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 9264]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 96352]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 85696]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S3 ZD1211BU(SMC);802.11g Wireless USB2.0 Adapter Driver(SMC); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-08-24 477696]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2004-10-25 17664]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program\Avast4\ashServ.exe [2009-02-05 138680]
R2 CmdAgent;Comodo Application Agent; C:\Programy\Comodo Firewall\Comodo\Firewall\cmdagent.exe [2009-05-01 361040]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 ioloFileInfoList;iolo FileInfoList Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-03-31 578408]
R2 ioloSystemService;iolo System Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-03-31 578408]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 NWCWorkstation;Client Service for NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 NwSapAgent;SAP Agent; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-01-17 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-01-17 103736]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program\Avast4\ashWebSv.exe [2009-02-05 352920]
S2 gupdate1c9cb602040571a;Služba Google Update (gupdate1c9cb602040571a); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-02 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-02 183280]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-11-01 72704]
S3 AresChatServer;Ares Chatroom server; C:\Programy\Ares\chatServer.exe [2007-01-30 253440]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-18 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-05-02 306432]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 Sflt_daaaaata;Sflt_daaaaata; C:\WINDOWS\system32\drivers\nv_agp.SYS [2002-09-06 13568]

-----------------EOF-----------------

[1danab]

problémy s pc stále přetrvávají?

[Pa3ot]

Stale je to to iste. Podla mna sa stalo nieco pri tom update, koli tomu ze bolo malo miesta na C. Ale neviem najst co to moze byt.

[1danab]

zkuste obnovu systému k datu, kdy systém fungoval korektně

[Pa3ot]

Nemam urobene ziadne zachytne body koli nedostatku miesta. Vyzera to tak ze budem musiet preinstalovat cely windows. Predpokladam ze virus tam nebude takze by to potom malo byt v poriadku. Dakujem za pomoc...ak by vas este napadlo nejake riesenie dajte vediet

[1danab]

máte opravdu málo místa na disku, řekla bych, že máte nějaké starší pc...no, napadla mě ještě oprava xp managerem, ale vidím to spíš na ten reinstal
tady je návod na xp managera, kdybyste se to rozhodl zkusit http://www.viry.cz/forum/viewtopic.php?f=46&t=17549