zavirovaný počítač

[horus921]

dobrý den,
prosím o kontrolu logu z RSIT. Celý minulý týden jsem se pokoušel odvirovat počítač klasickými antivirovými programy, ale nejsem si jist, jestli to zabralo.
Moc děkuji!

Logfile of random's system information tool 1.08 (written by random/random)
Run by Honza at 2010-07-28 15:50:56
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 42 GB (40%) free of 104 GB
Total RAM: 1023 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:51:09, on 28.7.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\csrss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWASER.EXE
C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWAgent.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\windows\system32\svchost.exe
D:\programy\Spyware Terminator\sp_rsser.exe
D:\programy\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\windows\System32\alg.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\TuneUp Utilities 2010\OneClickStarter.exe
C:\windows\system32\svchost.exe
C:\windows\Explorer.EXE
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
D:\programy\Internet Download Manager\IDMan.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
D:\programy\Orb\bin\OrbTray.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
D:\programy\Internet Download Manager\IEMonitor.exe
D:\programy\Orb\bin\Orb.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\TuneUp Utilities 2010\OneClickStarter.exe
C:\Documents and Settings\Honza\Plocha\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60076
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\programy\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "D:\programy\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IObit Security 360] "C:\Program Files\IObit\IObit Security 360\IS360tray.exe" /autostart
O4 - HKLM\..\Run: [SpywareTerminator] "D:\programy\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [combofix] C:\ComboFix\CF15963.cfxxe /c C:\ComboFix\Combobatch.bat
O4 - HKCU\..\Run: [IDMan] D:\programy\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKCU\..\Run: [Orb] "D:\programy\Orb\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKCU\..\Run: [uTorrent] "D:\programy\stahování\upTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "D:\programy\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-2000478354-879983540-839522115-1003\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe (User 'Romana')
O4 - HKUS\S-1-5-21-2000478354-879983540-839522115-1003\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (User 'Romana')
O4 - HKUS\S-1-5-21-2000478354-879983540-839522115-1003\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup (User 'Romana')
O4 - HKUS\S-1-5-21-2000478354-879983540-839522115-1003\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m (User 'Romana')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe (User 'Default user')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout s IDM - D:\programy\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - D:\programy\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - D:\programy\Internet Download Manager\IEGetAll.htm
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\programy\OFFICE~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\programy\OFFICE~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\windows\system32\shdocvw.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\programy\OFFICE~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\programy\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\programy\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5431665828
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\programy\OFFICE2007\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\windows\System32\appdrvrem01.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
O23 - Service: Služba Google Update (gupdate1ca5b0cba469fea) (gupdate1ca5b0cba469fea) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: MWAgent - MicroWorld Technologies Inc. - C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWASER.EXE
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\programy\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\programy\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 13657 bytes

======Scheduled tasks folder======

C:\windows\tasks\Ad-Aware Update (Daily 1).job
C:\windows\tasks\Ad-Aware Update (Daily 2).job
C:\windows\tasks\Ad-Aware Update (Daily 3).job
C:\windows\tasks\Ad-Aware Update (Daily 4).job
C:\windows\tasks\Ad-Aware Update (Weekly).job
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\Automatic troubleshooting.job
C:\windows\tasks\AWC AutoSweep.job
C:\windows\tasks\AWC Update.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\WGASetup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - D:\programy\Internet Download Manager\IDMIECC.dll [2009-09-09 173488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2010-07-23 1241448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2009-04-02 333192]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\ctbr.dll [2010-07-23 1241448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2009-10-02 90112]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2008-11-20 178688]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"QuickTime Task"=D:\programy\QuickTime\qttask.exe [2010-03-17 421888]
"IObit Security 360"=C:\Program Files\IObit\IObit Security 360\IS360tray.exe [2010-06-11 1280344]
"SpywareTerminator"=D:\programy\Spyware Terminator\SpywareTerminatorShield.exe [2010-07-27 2166784]
"combofix"=C:\ComboFix\CF15963.cfxxe /c C:\ComboFix\Combobatch.bat []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=D:\programy\Internet Download Manager\IDMan.exe [2009-10-17 3118512]
"SmartRAM"=C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe [2010-07-02 198864]
"Orb"=D:\programy\Orb\bin\OrbTray.exe [2009-03-17 510416]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2009-03-11 2912256]
"uTorrent"=D:\programy\stahování\upTorrent\uTorrent.exe [2010-07-24 327472]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2010-07-02 2347216]
"SpybotSD TeaTimer"=D:\programy\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"SpywareTerminatorUpdate"=D:\programy\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-07-27 3037696]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\windows\system32\klogon.dll [2009-10-20 219664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{32CD708B-60A7-4C00-9377-D73EAA495F0F}"= []
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\programy\OFFICE2007\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avas_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avmgma_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avss_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\gozer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpavdrw_service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoResolveSearch"=1
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\InterVideo\DVD6\WinDVD.exe"="C:\Program Files\InterVideo\DVD6\WinDVD.exe:*:Enabled:WinDVD"
"C:\Program Files\Common Files\InstallShield\Driver\10\Intel 32\IDriver.exe"="C:\Program Files\Common Files\InstallShield\Driver\10\Intel 32\IDriver.exe:*:Enabled:ENABLE"
"C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32Info.exe"="C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32Info.exe:*:Enabled:ENABLE"
"I:\autorun.exe"="I:\autorun.exe:*:Enabled:ENABLE"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\wiaacmgr.exe"="C:\WINDOWS\system32\wiaacmgr.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\drwtsn32.exe"="C:\WINDOWS\system32\drwtsn32.exe:*:Enabled:ENABLE"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\wuauclt.exe"="C:\WINDOWS\system32\wuauclt.exe:*:Enabled:ENABLE"
"C:\Documents and Settings\Honza\Local Settings\Temp\~e5.0001"="C:\Documents and Settings\Honza\Local Settings\Temp\~e5.0001:*:Enabled:ENABLE"
"C:\WINDOWS\system32\netsh.exe"="C:\WINDOWS\system32\netsh.exe:*:Enabled:ENABLE"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ENABLE"
"C:\WINDOWS\system32\wscntfy.exe"="C:\WINDOWS\system32\wscntfy.exe:*:Enabled:ENABLE"
"D:\HRY\Counter-Strike Source\hl2.exe"="D:\HRY\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\CSP2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\CSP2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"D:\programy\stahování\upTorrent\uTorrent.exe"="D:\programy\stahování\upTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"D:\programy\Orb\bin\Orb.exe"="D:\programy\Orb\bin\Orb.exe:*:Enabled:Orb"
"D:\programy\Orb\bin\OrbTray.exe"="D:\programy\Orb\bin\OrbTray.exe:*:Enabled:OrbTray"
"D:\programy\Orb\bin\OrbStreamerClient.exe"="D:\programy\Orb\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"D:\programy\Orb\bin\OrbChannelScan.exe"="D:\programy\Orb\bin\OrbChannelScan.exe:*:Enabled:OrbChannelScan"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\programy\OFFICE2007\Office12\OUTLOOK.EXE"="D:\programy\OFFICE2007\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\programy\OFFICE2007\Office12\GROOVE.EXE"="D:\programy\OFFICE2007\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\programy\OFFICE2007\Office12\ONENOTE.EXE"="D:\programy\OFFICE2007\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWAGENT.EXE"="C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWAGENT.EXE:*:Enabled:MicroWorld Management Agent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWAGENT.EXE"="C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWAGENT.EXE:*:Enabled:MicroWorld Management Agent"

======List of files/folders created in the last 1 months======

2010-07-28 15:50:56 ----D---- C:\rsit
2010-07-28 15:50:56 ----D---- C:\Program Files\trend micro
2010-07-28 14:07:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2010-07-28 13:34:38 ----A---- C:\Zástupce - ComboFix.exe.lnk
2010-07-28 13:00:00 ----A---- C:\windows\zip.exe
2010-07-28 13:00:00 ----A---- C:\windows\SWXCACLS.exe
2010-07-28 13:00:00 ----A---- C:\windows\SWSC.exe
2010-07-28 13:00:00 ----A---- C:\windows\SWREG.exe
2010-07-28 13:00:00 ----A---- C:\windows\sed.exe
2010-07-28 13:00:00 ----A---- C:\windows\PEV.exe
2010-07-28 13:00:00 ----A---- C:\windows\NIRCMD.exe
2010-07-28 13:00:00 ----A---- C:\windows\MBR.exe
2010-07-28 13:00:00 ----A---- C:\windows\grep.exe
2010-07-28 11:32:22 ----D---- C:\Program Files\Crawler
2010-07-28 11:29:17 ----D---- C:\Program Files\WinClamAVShield
2010-07-27 17:51:20 ----A---- C:\windows\system32\drivers\sp_rsdrv2.sys
2010-07-27 17:51:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-07-27 17:51:17 ----D---- C:\Documents and Settings\Honza\Data aplikací\Spyware Terminator
2010-07-27 17:04:39 ----A---- C:\windows\system32\lsdelete.exe
2010-07-27 15:03:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microworld
2010-07-27 14:55:36 ----A---- C:\windows\system32\drivers\Lbd.sys
2010-07-27 14:53:03 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-07-27 14:52:37 ----D---- C:\Program Files\Lavasoft
2010-07-27 14:52:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-07-27 10:57:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-07-27 10:19:25 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-07-27 00:11:28 ----D---- C:\windows\ERDNT
2010-07-26 23:47:44 ----D---- C:\Qoobox
2010-07-26 23:25:11 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2010-07-26 23:25:10 ----D---- C:\Program Files\SDHelper (Spybot - Search & Destroy)
2010-07-26 23:25:10 ----D---- C:\Program Files\Misc. Support Library (Spybot - Search & Destroy)
2010-07-26 23:25:10 ----D---- C:\Program Files\File Scanner Library (Spybot - Search & Destroy)
2010-07-26 23:23:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-07-26 23:03:39 ----D---- C:\Program Files\Ultimate Process Manager
2010-07-24 08:24:51 ----A---- C:\windows\system32\drivers\pavboot.sys
2010-07-24 08:23:51 ----D---- C:\Program Files\Panda Security
2010-07-23 15:53:41 ----D---- C:\windows\BDOSCAN8
2010-07-23 15:49:55 ----D---- C:\Documents and Settings\Honza\Data aplikací\QuickScan
2010-07-23 15:48:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2010-07-23 15:48:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2010-07-23 15:48:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\OrbNetworks
2010-07-23 12:41:42 ----D---- C:\Program Files\ESET
2010-07-22 22:12:56 ----N---- C:\windows\system32\MpSigStub.exe
2010-07-22 20:09:10 ----D---- C:\Program Files\AVG
2010-07-22 09:24:16 ----D---- C:\Documents and Settings\Honza\Data aplikací\ESET
2010-07-22 00:54:38 ----D---- C:\FBackup
2010-07-22 00:54:27 ----AD---- C:\windows\VDLL.DLL
2010-07-22 00:54:27 ----AD---- C:\windows\system32\runouce.exe
2010-07-22 00:54:27 ----AD---- C:\windows\system32\regsvr.exe
2010-07-22 00:54:27 ----AD---- C:\windows\RUNDL132.EXE
2010-07-22 00:54:27 ----AD---- C:\windows\logo_1.exe
2010-07-22 00:49:06 ----A---- C:\windows\system32\msvcr80.dll
2010-07-22 00:49:05 ----A---- C:\windows\system32\msvcp80.dll
2010-07-22 00:48:57 ----N---- C:\windows\system32\drivers\bdfsfltr.sys
2010-07-22 00:48:20 ----A---- C:\windows\system32\T.COM
2010-07-22 00:48:20 ----A---- C:\windows\R.COM
2010-07-22 00:48:11 ----A---- C:\windows\killproc.exe
2010-07-22 00:47:57 ----A---- C:\windows\system32\mwnsp.dll
2010-07-22 00:47:57 ----A---- C:\windows\system32\contfilt.dll
2010-07-22 00:47:57 ----A---- C:\windows\system32\BACKUP.93359438.contfilt.dll
2010-07-22 00:47:57 ----A---- C:\windows\system32\BACKUP.12235621.mwnsp.dll
2010-07-22 00:47:56 ----A---- C:\windows\system32\ZIPDLL.DLL
2010-07-22 00:47:56 ----A---- C:\windows\system32\UNZDLL.DLL
2010-07-22 00:47:56 ----A---- C:\windows\system32\sporder.dll
2010-07-22 00:47:56 ----A---- C:\windows\system32\mwtsp.dll
2010-07-22 00:47:56 ----A---- C:\windows\system32\BACKUP.16738740.mwtsp.dll
2010-07-22 00:47:56 ----A---- C:\windows\sporder.exe
2010-07-22 00:47:56 ----A---- C:\windows\sporder.dll
2010-07-22 00:47:56 ----A---- C:\windows\inst_tspx.exe
2010-07-22 00:47:56 ----A---- C:\windows\inst_tsp.exe
2010-07-22 00:47:55 ----D---- C:\Program Files\eScan
2010-07-22 00:47:55 ----D---- C:\Program Files\Common Files\MicroWorld
2010-07-21 18:44:09 ----D---- C:\Documents and Settings\Honza\Data aplikací\f-secure
2010-07-21 14:39:07 ----D---- C:\Program Files\F-Secure
2010-07-21 13:13:44 ----D---- C:\windows\system32\NtmsData
2010-07-21 00:57:36 ----A---- C:\windows\system32\drivers\GRD.sys
2010-07-21 00:47:59 ----A---- C:\windows\system32\drivers\GDNdisIc.sys
2010-07-20 23:45:19 ----A---- C:\windows\system32\drivers\GDTdiIcpt.sys
2010-07-20 23:44:56 ----A---- C:\windows\system32\drivers\MiniIcpt.sys
2010-07-20 23:44:56 ----A---- C:\windows\system32\drivers\GDBehave.sys
2010-07-20 23:44:02 ----D---- C:\Program Files\G Data
2010-07-20 23:44:02 ----D---- C:\Program Files\Common Files\G Data
2010-07-20 13:11:46 ----D---- C:\Program Files\Alwil Software
2010-07-18 02:28:17 ----A---- C:\windows\system32\phversion.txt
2010-07-17 13:56:46 ----A---- C:\windows\system32\drivers\bdhv.sys.upd
2010-07-17 13:56:46 ----A---- C:\windows\system32\drivers\bdfm.sys.upd
2010-07-17 13:56:44 ----A---- C:\windows\system32\drivers\bdfsfltr.sys.upd
2010-07-17 13:56:27 ----A---- C:\windows\system32\drivers\bdfndisf.sys.upd
2010-07-17 12:59:32 ----D---- C:\Program Files\BitDefender
2010-07-17 12:58:02 ----D---- C:\Program Files\Common Files\BitDefender
2010-07-14 08:23:56 ----HDC---- C:\windows\$NtUninstallKB2229593$
2010-07-13 13:40:50 ----D---- C:\Program Files\TrustPort
2010-07-13 13:40:50 ----D---- C:\Program Files\Common Files\TrustPort
2010-07-06 17:08:58 ----A---- C:\windows\system32\TURegOpt.exe
2010-07-06 17:08:57 ----A---- C:\windows\system32\uxtuneup.dll
2010-07-06 16:50:05 ----D---- C:\windows\fonts\AdvUninstal
2010-07-06 16:50:02 ----D---- C:\Program Files\Common Files\Innovative Solutions
2010-07-06 00:15:03 ----D---- C:\Program Files\DrWeb

======List of files/folders modified in the last 1 months======

2010-07-28 15:50:56 ----D---- C:\Program Files
2010-07-28 15:50:49 ----D---- C:\windows\Prefetch
2010-07-28 15:41:53 ----D---- C:\windows\system32
2010-07-28 15:05:43 ----D---- C:\windows\system32\drivers
2010-07-28 14:50:27 ----D---- C:\windows\system32\CatRoot2
2010-07-28 14:46:26 ----D---- C:\Documents and Settings\Honza\Data aplikací\uTorrent
2010-07-28 14:46:00 ----D---- C:\windows\Temp
2010-07-28 14:46:00 ----D---- C:\Documents and Settings\Honza\Data aplikací\DMCache
2010-07-28 14:45:52 ----A---- C:\windows\SchedLgU.Txt
2010-07-28 13:47:14 ----SD---- C:\windows\Tasks
2010-07-28 13:39:17 ----D---- C:\windows\AppPatch
2010-07-28 13:39:17 ----D---- C:\WINDOWS
2010-07-28 13:39:15 ----D---- C:\Program Files\Common Files
2010-07-28 13:10:52 ----D---- C:\windows\system32\1029
2010-07-28 13:07:45 ----D---- C:\windows\system32\config
2010-07-28 13:07:29 ----D---- C:\windows\system32\drivers\etc
2010-07-28 13:07:06 ----RSHDC---- C:\windows\system32\dllcache
2010-07-28 11:58:25 ----D---- C:\windows\Debug
2010-07-27 14:55:48 ----HD---- C:\windows\inf
2010-07-27 14:55:36 ----DC---- C:\windows\system32\DRVSTORE
2010-07-27 14:53:03 ----SHD---- C:\windows\Installer
2010-07-27 00:05:51 ----D---- C:\Documents and Settings\Honza\Data aplikací\IDM
2010-07-26 23:24:33 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-07-24 08:29:53 ----SD---- C:\windows\Downloaded Program Files
2010-07-23 12:14:15 ----A---- C:\windows\system32\PerfStringBackup.INI
2010-07-22 20:09:01 ----D---- C:\windows\WinSxS
2010-07-22 18:45:24 ----SHD---- C:\System Volume Information
2010-07-22 09:10:17 ----A---- C:\windows\win.ini
2010-07-22 09:10:16 ----A---- C:\windows\system.ini
2010-07-22 00:53:51 ----A---- C:\windows\system32\unrar.dll
2010-07-22 00:48:20 ----D---- C:\Documents and Settings
2010-07-21 13:13:44 ----D---- C:\windows\repair
2010-07-21 13:13:41 ----D---- C:\windows\Registration
2010-07-21 00:46:53 ----D---- C:\windows\system32\CatRoot
2010-07-19 02:19:34 ----SD---- C:\Documents and Settings\Honza\Data aplikací\Microsoft
2010-07-16 00:52:08 ----D---- C:\Program Files\The KMPlayer
2010-07-15 15:10:53 ----D---- C:\Documents and Settings\Honza\Data aplikací\ICQ
2010-07-14 08:23:42 ----HD---- C:\windows\$hf_mig$
2010-07-10 20:12:01 ----D---- C:\Program Files\IObit
2010-07-10 20:01:52 ----D---- C:\windows\system32\MsDtc
2010-07-10 20:01:52 ----D---- C:\windows\Logs
2010-07-10 20:01:52 ----D---- C:\Program Files\Torrent Master
2010-07-10 20:01:52 ----D---- C:\Program Files\Syncrosoft
2010-07-10 20:01:52 ----D---- C:\Program Files\Mozilla Firefox
2010-07-10 20:01:52 ----D---- C:\Documents and Settings\Honza\Data aplikací\Nero
2010-07-10 20:01:52 ----D---- C:\Documents and Settings\Honza\Data aplikací\HpUpdate
2010-07-10 20:01:51 ----D---- C:\windows\twain_32
2010-07-10 20:01:51 ----D---- C:\Program Files\Windows Media Player
2010-07-10 19:20:36 ----A---- C:\windows\wincmd.ini
2010-07-09 23:20:46 ----A---- C:\windows\NeroDigital.ini
2010-07-06 17:08:53 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-07-06 16:50:05 ----RSD---- C:\windows\Fonts
2010-07-03 22:32:48 ----A---- C:\windows\AviSplitter.INI
2010-07-02 21:39:05 ----A---- C:\windows\system32\MRT.exe
2010-06-29 14:21:11 ----HDC---- C:\windows\$NtUninstallKB939683$
2010-06-29 14:21:11 ----HDC---- C:\windows\$NtUninstallKB923561$
2010-06-29 14:21:10 ----HDC---- C:\windows\$NtUninstallKB960859$
2010-06-29 14:21:10 ----HDC---- C:\windows\$NtUninstallKB960803$
2010-06-29 14:21:10 ----HDC---- C:\windows\$NtUninstallKB958869$
2010-06-29 14:21:10 ----HDC---- C:\windows\$NtUninstallKB956844$
2010-06-29 14:21:10 ----HDC---- C:\windows\$NtUninstallKB954600$
2010-06-29 14:21:10 ----HDC---- C:\windows\$NtUninstallKB954155_WM9$
2010-06-29 14:21:10 ----HDC---- C:\windows\$NtUninstallKB954154_WM11$
2010-06-29 14:21:09 ----HDC---- C:\windows\$NtUninstallKB971468$
2010-06-29 14:21:09 ----HDC---- C:\windows\$NtUninstallKB969947$
2010-06-29 14:21:09 ----HDC---- C:\windows\$NtUninstallKB968816_WM9$
2010-06-29 14:21:08 ----HDC---- C:\windows\$NtUninstallKB973540_WM9$
2010-06-29 14:21:08 ----HDC---- C:\windows\$NtUninstallKB971961$
2010-06-29 14:21:08 ----HDC---- C:\windows\$NtUninstallKB971737$
2010-06-29 14:21:08 ----HDC---- C:\windows\$NtUninstallKB971657$
2010-06-29 14:21:07 ----HDC---- C:\windows\$NtUninstallKB974112$
2010-06-29 14:21:06 ----HDC---- C:\windows\$NtUninstallKB979559$
2010-06-29 14:21:06 ----HDC---- C:\windows\$NtUninstallKB978695_WM9$
2010-06-29 14:21:06 ----HDC---- C:\windows\$NtUninstallKB978601$
2010-06-29 14:21:05 ----HDC---- C:\windows\$NtUninstallMSCompPackV1$
2010-06-29 14:21:05 ----HDC---- C:\windows\$NtUninstallKB981349$
2010-06-29 14:21:04 ----HDC---- C:\windows\$NtUninstallXPSEPSCLP$
2010-06-29 14:21:04 ----HDC---- C:\windows\$NtUninstallWudf01000$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 CSCrySec;InfoWatch Encrypt Sector Library driver; C:\windows\system32\DRIVERS\CSCrySec.sys [2009-12-14 88632]
R0 Lbd;Lbd; C:\windows\system32\DRIVERS\Lbd.sys [2009-12-02 64288]
R0 pavboot;pavboot; C:\windows\system32\drivers\pavboot.sys [2009-06-30 28552]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\windows\System32\drivers\prohlp02.sys [2003-09-06 62656]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\windows\System32\drivers\prosync1.sys [2003-09-06 6944]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2009-09-25 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp01;StarForce Protection Helper Driver; C:\windows\System32\drivers\sfhlp01.sys [2003-09-06 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\windows\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x); C:\windows\System32\drivers\sfsync03.sys [2005-12-06 35328]
R1 appdrv01;Application Driver (01); C:\windows\System32\Drivers\appdrv01.sys [2010-05-03 2911848]
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 intelppm;Řadič procesoru Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\D:\programy\UltraISO\drivers\ISODrive.sys []
R1 kl1;Kl1; \??\C:\windows\system32\drivers\kl1.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\windows\System32\drivers\prodrv06.sys [2003-09-06 51744]
R1 SCDEmu;SCDEmu; C:\windows\system32\drivers\SCDEmu.sys [2009-11-09 59388]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\windows\system32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\windows\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R3 Afc;PPdus ASPI Shell; C:\windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\windows\system32\drivers\ALCXWDM.SYS [2010-05-01 4122368]
R3 CLEDX;Team H2O CLEDX service; C:\windows\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 ElbyCDFL;ElbyCDFL; C:\windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 esihdrv;esihdrv; \??\C:\DOCUME~1\Honza\LOCALS~1\Temp\esihdrv.sys []
R3 hidusb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\windows\system32\DRIVERS\HPZid412.sys [2009-08-26 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\windows\system32\DRIVERS\HPZipr12.sys [2009-08-26 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\windows\system32\DRIVERS\HPZius12.sys [2009-08-26 21568]
R3 mouhid;Ovladač myši standardu HID; C:\windows\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2010-04-03 10232128]
R3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2010-03-27 47360]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-05-23 189784]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\windows\system32\DRIVERS\Rtnicxp.sys [2006-10-13 81664]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 ULCDRHlp;ULCDRHlp; C:\windows\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 WFLR6654;WinFast DTV1800 H (XC3028); C:\windows\system32\drivers\wfeaglxt.sys [2009-10-21 433920]
S3 bdfsfltr;bdfsfltr; C:\windows\system32\DRIVERS\bdfsfltr.sys [2009-05-08 270472]
S3 catchme;catchme; \??\C:\DOCUME~1\Honza\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 econceal;MicroWorld Technologies Network Service; C:\windows\system32\DRIVERS\econceal.sys []
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 MPE;Filtr MPE BDA; C:\windows\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nm;Ovladač programu Sledování sítě; C:\windows\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2008-12-23 50704]
S3 NTACCESS;NTACCESS; \??\I:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\I:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 vaxscsi;vaxscsi; C:\windows\System32\Drivers\vaxscsi.sys [2009-10-16 223128]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2009-11-07 691696]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-11-19 109056]
R2 CSObjectsSrv;CryptoStorage control service; C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [2009-12-21 743992]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-07-27 1181328]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2006-10-26 335872]
R2 MWAgent;MWAgent; C:\PROGRA~1\COMMON~1\MICROW~1\Agent\MWASER.EXE [2009-07-31 422408]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2010-04-03 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-02-21 73728]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-01-02 75064]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; D:\programy\Spyware Terminator\sp_rsser.exe [2010-07-27 488960]
R2 StarWindService;StarWind iSCSI Service; D:\programy\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 UxTuneUp;TuneUp Theme Extension; C:\windows\System32\svchost.exe [2008-04-14 14336]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\windows\System32\appdrvrem01.exe [2010-05-03 304528]
S2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-04-02 234888]
S2 gupdate1ca5b0cba469fea;Služba Google Update (gupdate1ca5b0cba469fea); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-01 133104]
S2 IS360service;IS360service; C:\Program Files\IObit\IObit Security 360\IS360srv.exe [2010-06-11 312152]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\programy\OFFICE2007\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2008-12-23 117264]
S3 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-07-06 435016]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WSearch;Windows Search; C:\windows\system32\SearchIndexer.exe [2008-05-26 439808]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

[horus921]

přikládám log. dále bych vás chtěl poprosit o radu, co mám dělat, když mi nejde přehlašování uživatelů, nejde stáhnout konzola pro zotavení a dlouho trvá restart nebo vypínání pc.
moc děkuji za pomoc.

ComboFix 10-07-27.04 - Honza 28.07.2010 17:09:14.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.505 [GMT 2:00]
Spuštěný z: c:\documents and settings\Honza\Plocha\ComboFix.exe
AV: Norton 360 *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Doctor Web Firewall *enabled* {3454C8F1-ECBC-4181-A7F4-04632FBA762B}
FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ATI64SI


((((((((((((((((((((((((( Soubory vytvořené od 2010-06-28 do 2010-07-28 )))))))))))))))))))))))))))))))
.

2010-07-28 13:50 . 2010-07-28 13:51 -------- d-----w- C:\rsit
2010-07-28 13:50 . 2010-07-28 13:51 -------- d-----w- c:\program files\trend micro
2010-07-28 09:32 . 2010-07-28 12:58 -------- d-----w- c:\program files\Crawler
2010-07-28 09:29 . 2010-07-28 09:30 -------- d-----w- c:\program files\WinClamAVShield
2010-07-27 15:51 . 2010-07-27 15:51 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-07-27 15:04 . 2010-07-27 12:55 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-07-27 13:03 . 2010-07-28 15:01 54 ----a-w- c:\windows\system32\rp_stats.dat
2010-07-27 13:03 . 2010-07-28 15:01 39 ----a-w- c:\windows\system32\rp_rules.dat
2010-07-27 12:55 . 2009-12-02 13:19 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-07-27 12:52 . 2010-07-27 12:52 -------- d-----w- c:\program files\Lavasoft
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2010-07-26 21:03 . 2010-07-26 21:16 -------- d-----w- c:\program files\Ultimate Process Manager
2010-07-24 06:24 . 2009-06-30 07:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-07-24 06:23 . 2010-07-24 06:23 -------- d-----w- c:\program files\Panda Security
2010-07-23 13:53 . 2010-07-23 19:32 -------- d-----w- c:\windows\BDOSCAN8
2010-07-23 10:41 . 2010-07-23 10:41 -------- d-----w- c:\program files\ESET
2010-07-22 20:12 . 2010-06-01 17:37 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-07-22 18:09 . 2010-07-22 18:09 -------- d-----w- c:\program files\AVG
2010-07-21 22:54 . 2010-07-22 07:08 -------- d-----w- C:\FBackup
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\VDLL.DLL
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\system32\runouce.exe
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\system32\regsvr.exe
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\logo_1.exe
2010-07-21 22:49 . 2010-07-21 22:49 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-07-21 22:49 . 2010-07-21 22:49 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-07-21 22:47 . 2010-07-21 22:54 1161736 ----a-w- c:\windows\system32\contfilt.dll
2010-07-21 12:39 . 2010-07-21 18:51 -------- d-----w- c:\program files\F-Secure
2010-07-21 11:13 . 2010-07-21 11:57 -------- d-----w- c:\windows\system32\NtmsData
2010-07-20 22:57 . 2010-07-20 22:57 68976 ----a-w- c:\windows\system32\drivers\GRD.sys
2010-07-20 22:47 . 2010-07-20 22:47 22528 ----a-w- c:\windows\system32\drivers\GDNdisIc.sys
2010-07-20 21:45 . 2010-07-20 21:45 51784 ----a-w- c:\windows\system32\drivers\GDTdiIcpt.sys
2010-07-20 21:44 . 2010-07-20 21:44 61512 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2010-07-20 21:44 . 2010-07-20 21:44 33480 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2010-07-20 21:44 . 2010-07-21 10:30 -------- d-----w- c:\program files\G Data
2010-07-20 21:44 . 2010-07-21 10:30 -------- d-----w- c:\program files\Common Files\G Data
2010-07-20 11:11 . 2010-07-20 11:11 -------- d-----w- c:\program files\Alwil Software
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\wsbl.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\ph_white.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\ph_summ.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\ph_black.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\pcwords2.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\pcwords.dat
2010-07-17 11:21 . 2010-07-19 19:51 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2010-07-17 10:59 . 2010-07-19 19:53 -------- d-----w- c:\program files\BitDefender
2010-07-17 10:58 . 2010-07-19 19:53 -------- d-----w- c:\program files\Common Files\BitDefender
2010-07-14 05:31 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-13 11:40 . 2010-07-17 10:43 -------- d-----w- c:\program files\Common Files\TrustPort
2010-07-13 11:40 . 2010-07-13 11:40 -------- d-----w- c:\program files\TrustPort
2010-07-06 16:41 . 2010-07-06 16:41 -------- d-----w- c:\documents and settings\NetworkService\Plocha
2010-07-06 15:08 . 2009-10-30 13:08 29512 ----a-w- c:\windows\system32\TURegOpt.exe
2010-07-06 15:08 . 2009-10-30 13:01 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-07-06 14:50 . 2010-07-06 14:50 -------- d-----w- c:\program files\Common Files\Innovative Solutions
2010-07-05 22:15 . 2010-07-06 11:19 -------- d-----w- c:\program files\DrWeb
2010-06-29 22:57 . 2010-07-10 18:01 -------- d-----w- c:\documents and settings\Honza\DoctorWeb

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-26 21:24 . 2008-09-24 19:02 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-07-23 10:14 . 2001-10-25 14:00 93040 ----a-w- c:\windows\system32\perfc005.dat
2010-07-23 10:14 . 2001-10-25 14:00 463744 ----a-w- c:\windows\system32\perfh005.dat
2010-07-22 07:10 . 2010-07-21 22:47 -------- d-----w- c:\program files\eScan
2010-07-21 22:54 . 2010-07-21 22:47 178696 ----a-w- c:\windows\system32\mwnsp.dll
2010-07-21 22:54 . 2010-07-21 22:47 539144 ----a-w- c:\windows\system32\mwtsp.dll
2010-07-21 22:53 . 2008-09-24 18:59 172040 ----a-w- c:\windows\system32\unrar.dll
2010-07-21 22:48 . 2010-07-21 22:47 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-07-20 11:12 . 2010-07-10 18:03 526181 ----a-w- c:\windows\system32\drivers\LightLogger.log
2010-07-17 11:56 . 2010-07-17 11:56 153448 ----a-w- c:\windows\system32\drivers\bdfm.sys.upd
2010-07-17 11:56 . 2010-07-17 11:56 106464 ----a-w- c:\windows\system32\drivers\bdhv.sys.upd
2010-07-17 11:56 . 2010-07-17 11:56 291352 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys.upd
2010-07-17 11:56 . 2010-07-17 11:56 111312 ----a-w- c:\windows\system32\drivers\bdfndisf.sys.upd
2010-07-15 22:52 . 2009-09-06 07:51 -------- d-----w- c:\program files\The KMPlayer
2010-07-10 18:12 . 2009-10-28 12:18 -------- d-----w- c:\program files\IObit
2010-07-10 18:01 . 2010-03-22 15:35 -------- d-----w- c:\program files\Syncrosoft
2010-07-10 18:01 . 2009-02-07 18:40 -------- d-----w- c:\program files\Torrent Master
2010-07-06 15:08 . 2010-01-08 17:53 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-07-06 14:50 . 2010-07-06 14:50 -------- d-----w- c:\windows\Fonts\AdvUninstal
2010-06-23 17:51 . 2010-06-23 17:51 -------- d-----w- c:\program files\Common Files\Apple
2010-06-23 17:51 . 2010-06-23 17:51 -------- d-----w- c:\program files\Apple Software Update
2010-06-17 19:15 . 2010-06-17 18:57 -------- d-----w- c:\program files\Microsoft Works
2010-06-17 18:56 . 2010-05-26 01:04 -------- d-----w- c:\program files\MSBuild
2010-06-17 18:55 . 2010-06-17 18:55 -------- d-----w- c:\program files\Microsoft.NET
2010-06-17 18:53 . 2010-06-17 18:52 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-06-15 18:23 . 2010-03-20 10:07 -------- d-----w- c:\program files\ICQ7.0
2010-06-14 14:31 . 2008-09-23 19:52 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-06 12:54 . 2008-09-24 18:53 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-02 12:34 . 2010-06-02 12:34 -------- d-----w- c:\program files\Common Files\InfoWatch
2010-06-02 12:03 . 2010-06-02 12:03 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-06-01 23:05 . 2010-06-01 23:05 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-06-01 23:04 . 2010-06-01 23:04 -------- d-----w- c:\program files\Microsoft
2010-06-01 23:04 . 2010-06-01 23:04 -------- d-----w- c:\program files\Windows Live
2010-06-01 23:04 . 2010-06-01 23:04 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-06-01 23:03 . 2010-06-01 23:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-06-01 22:58 . 2010-06-01 22:58 -------- d-----w- c:\program files\Common Files\Windows Live
2010-06-01 22:57 . 2010-06-01 22:57 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-05-23 14:15 . 2010-05-23 14:15 9112096 ----a-w- c:\windows\system32\RtsUStoricon.dll
2010-05-23 14:15 . 2010-05-23 14:15 313888 ----a-w- c:\windows\system32\RtsUStor.dll
2010-05-23 14:15 . 2010-05-23 14:15 189784 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2010-05-21 12:52 . 2010-05-21 12:51 24 --sh--w- c:\windows\S069DF5C9.tmp
2010-05-06 10:35 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-03 18:09 . 2010-05-03 18:09 304528 ----a-w- c:\windows\system32\appdrvrem01.exe
2010-05-03 18:09 . 2010-05-03 18:09 2911848 ----a-w- c:\windows\system32\drivers\appdrv01.sys
2010-05-02 12:58 . 2010-05-02 12:58 7780 ----a-w- c:\documents and settings\Honza\FMCodec.dat
2010-05-02 08:09 . 2004-08-17 13:44 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-05-01 20:23 . 2008-09-24 19:13 147456 ----a-w- c:\windows\system32\RTLCPAPI.dll
2010-05-01 20:23 . 2008-09-24 19:13 10528768 ----a-w- c:\windows\system32\RTLCPL.EXE
2010-05-01 20:23 . 2008-09-24 19:13 4122368 ----a-w- c:\windows\system32\drivers\ALCXWDM.SYS
2010-05-01 20:23 . 2008-09-24 19:13 217088 ----a-w- c:\windows\Alcrmv.exe
2010-05-01 20:23 . 2008-09-24 18:41 577536 ----a-w- c:\windows\SOUNDMAN.EXE
2010-05-01 20:22 . 2004-08-03 23:07 28776 ----a-w- c:\windows\system32\drivers\mssmbios.sys
2010-05-01 20:22 . 2001-10-24 12:25 22632 ----a-w- c:\windows\system32\streamci.dll
2010-05-01 20:22 . 2008-09-23 19:50 50792 ----a-w- c:\windows\system32\drivers\termdd.sys
2010-05-01 20:22 . 2008-09-23 19:50 242688 ----a-w- c:\windows\system32\drivers\rdpdr.sys
2009-09-06 07:48 . 2009-09-06 07:48 9111 ----a-w- c:\program files\satsukidecoderdetect.ini
2009-09-06 07:48 . 2009-09-06 07:48 3996 ----a-w- c:\program files\satsukidecodersettings.ini
2008-10-03 18:23 . 2008-10-03 18:23 7332280 ----a-w- c:\program files\Firefox Setup 3.0.exe
2009-10-19 16:59 . 2010-07-17 11:09 47104 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="d:\programy\Internet Download Manager\IDMan.exe" [2009-10-17 3118512]
"SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2010-07-02 198864]
"Orb"="d:\programy\Orb\bin\OrbTray.exe" [2009-03-17 510416]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2009-03-11 2912256]
"uTorrent"="d:\programy\stahování\upTorrent\uTorrent.exe" [2010-07-24 327472]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-07-02 2347216]
"SpybotSD TeaTimer"="d:\programy\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"SpywareTerminatorUpdate"="d:\programy\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-07-27 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2009-10-02 90112]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2008-11-20 178688]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"QuickTime Task"="d:\programy\QuickTime\qttask.exe" [2010-03-17 421888]
"IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2010-06-11 1280344]
"SpywareTerminator"="d:\programy\Spyware Terminator\SpywareTerminatorShield.exe" [2010-07-27 2166784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Orb"="d:\programy\Orb\bin\OrbTray.exe" /background
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"uTorrent"="d:\programy\stahování\upTorrent\uTorrent.exe"
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"DAEMON Tools Lite"="d:\programy\DAEMON Tools Lite\DTLite.exe" -autorun
"QIP Internet Guardian"=c:\documents and settings\Honza\Data aplikací\QipGuard\QipGuard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"WinFastDTV"=c:\program files\WinFast\WFDTV\DTVSchdl.exe
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"SweetIM"=c:\program files\SweetIM\Messenger\SweetIM.exe
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"H2O"=c:\program files\SyncroSoft\Pos\H2O\cledx.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"CloneCDTray"="d:\programy\CloneCD\CloneCDTray.exe" /s
"PWRISOVM.EXE"=d:\programy\PowerISO\PWRISOVM.EXE
"QuickTime Task"="d:\programy\QuickTime\qttask.exe" -atboottime
"SoundMan"=SOUNDMAN.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Program Files\\Common Files\\InstallShield\\Driver\\10\\Intel 32\\IDriver.exe"=
"c:\\Program Files\\Adobe\\Reader 8.0\\Reader\\AcroRd32Info.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\wiaacmgr.exe"=
"c:\\WINDOWS\\system32\\drwtsn32.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\WINDOWS\\system32\\netsh.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\wscntfy.exe"=
"d:\\HRY\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\CSP2009.exe"=
"d:\\programy\\stahování\\upTorrent\\uTorrent.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"d:\\programy\\Orb\\bin\\Orb.exe"=
"d:\\programy\\Orb\\bin\\OrbTray.exe"=
"d:\\programy\\Orb\\bin\\OrbStreamerClient.exe"=
"d:\\programy\\Orb\\bin\\OrbChannelScan.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\programy\\OFFICE2007\\Office12\\OUTLOOK.EXE"=
"d:\\programy\\OFFICE2007\\Office12\\GROOVE.EXE"=
"d:\\programy\\OFFICE2007\\Office12\\ONENOTE.EXE"=
"c:\\PROGRA~1\\COMMON~1\\MICROW~1\\Agent\\MWAGENT.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\drivers\CSCrySec.sys [15.5.2010 16:13 88632]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [27.7.2010 14:55 64288]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [24.7.2010 8:24 28552]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [6.12.2005 17:11 35328]
R1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [3.5.2010 20:09 2911848]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [27.7.2010 17:51 142592]
R2 CSObjectsSrv;CryptoStorage control service;c:\program files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [21.12.2009 17:34 743992]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [29.9.2008 10:18 246520]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2.12.2009 15:19 1181328]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.10.2009 15:05 1021256]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [26.3.2010 14:04 33792]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [23.5.2010 16:15 189784]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
R3 WFLR6654;WinFast DTV1800 H (XC3028);c:\windows\system32\drivers\wfeaglxt.sys [24.9.2008 21:38 433920]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [7.2.2009 11:56 234888]
S2 gupdate1ca5b0cba469fea;Služba Google Update (gupdate1ca5b0cba469fea);c:\program files\Google\Update\GoogleUpdate.exe [1.11.2009 18:02 133104]
S2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [10.7.2010 20:14 312152]
S3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\DRIVERS\econceal.sys --> c:\windows\system32\DRIVERS\econceal.sys [?]
S3 esihdrv;esihdrv;\??\c:\docume~1\Honza\LOCALS~1\Temp\esihdrv.sys --> c:\docume~1\Honza\LOCALS~1\Temp\esihdrv.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [23.12.2008 17:35 50704]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\i:\ntglm7x.sys --> i:\NTGLM7X.sys [?]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [16.10.2009 19:19 223128]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24.2.2009 15:09 691696]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-07-28 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-28 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-28 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-28 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-28 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-07-28 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-10-30 13:12]

2010-07-28 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-07-25 12:11]

2010-07-28 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-07-25 14:18]

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-01 16:02]

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-01 16:02]

2010-07-28 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-05-25 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.crawler.com/homepage.aspx?tbid=60076
uInternet Connection Wizard,ShellNext = iexplore
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout s IDM - d:\programy\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - d:\programy\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - d:\programy\Internet Download Manager\IEGetAll.htm
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Get Styles\ct.htm
LSP: c:\windows\system32\idmmbc.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath - c:\documents and settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\c657gqhc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - QIP Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: d:\programy\DivX\DivX Player\npDivxPlayerPlugin.dll
FF - plugin: d:\programy\DivX\DivX Web Player\npdivx32.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

ShellIconOverlayIdentifiers-{dd230880-495a-11d1-b064-008048ec2fc5} - (no file)
ShellExecuteHooks-{32CD708B-60A7-4C00-9377-D73EAA495F0F} - (no file)
AddRemove-QipGuard - c:\documents and settings\Honza\Data aplikací\QipGuard\QipGuard.exe



**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\.Default\Software\SetID\Internal]
@Denied: (A 2) (LocalSystem)
"DATA"="<settings expireTime=\"0\" productStatus=\"1\" obSize=\"0\" InstallTS=\"2145870353\" isSubsc=\"0\" version=\"12.0.1\" timeDiff=\"1\" oldDevice=\"\" authStatus_ts=\"0\" />"
"Device"="yM29zbvPzMnLvrm+x8fPzce+zro="
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(1104)
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-07-28 17:17:39
ComboFix-quarantined-files.txt 2010-07-28 15:17

Před spuštěním: Volných bajtů: 44 048 044 032
Po spuštění: Volných bajtů: 44 016 697 344

- - End Of File - - 0D5F4C7D66FA268E75CE4AAE901D0DDF

[horus921]

a ještě jedna věc, combofix hlásí, že je spuštěn Norton 360, ale já ho nikde nevidím. už jsem ho dávno odinstaloval a ani v registrech ani v programech není...
děkuji

[horus921]

prosím odpověděl by mi někdo. počítač je totiž synátora mé drahé polovičky a už na mě tlačí, abych to dal dohromady...
moc děkuji za pomoc.
PS: jinak jsem zase bez večeře...

[Rudy]

Na vymazání zbytků po Norton 360 použijte Symnrt: http://www.symantec.com/norton/support/ ... N&ln=en_US . Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Collect::
c:\windows\system32\rezumatenoi.dat
c:\windows\S069DF5C9.tmp

Folder::
c:\program files\AskBarDis

Driver::
ASKUpgrade

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=-
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"KernelFaultCheck"=-

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[horus921]

tak jsem provedl, co jste napsal. norton odstraněn, do combofixu jsem vložil ten log a při restartu to ukázalo hlášku: "systém windows nemůže nalézt c:/combofix/CF18649.CFXXE.
- dále když jsem chtěl spustit combofix podruhé, tak mi při pokusu o stažení konzole pro zotavení napsal: "chyba, spouštěcí oddíl se nepodařilo správně načíst"
-stále se velmi pomalu restartuje pc
-nejde přepínání uživatelů
-při startu pc hláška: "soubor boot.ini je neplatný - spouštění z c:/WINDOWS"
-pro kontrolu přikládám nový log z combofix
-PROSÍM POMOC, OPRAVDU NETUŠÍM, CO S TÍMTO MÁM DĚLAT, MOC DĚKUJI

ComboFix 10-07-27.05 - Honza 28.07.2010 19:59:47.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.334 [GMT 2:00]
Spuštěný z: c:\documents and settings\Honza\Plocha\ComboFix.exe
FW: Doctor Web Firewall *enabled* {3454C8F1-ECBC-4181-A7F4-04632FBA762B}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-06-28 do 2010-07-28 )))))))))))))))))))))))))))))))
.

2010-07-28 13:50 . 2010-07-28 13:51 -------- d-----w- C:\rsit
2010-07-28 13:50 . 2010-07-28 13:51 -------- d-----w- c:\program files\trend micro
2010-07-28 09:32 . 2010-07-28 12:58 -------- d-----w- c:\program files\Crawler
2010-07-28 09:29 . 2010-07-28 09:30 -------- d-----w- c:\program files\WinClamAVShield
2010-07-27 15:51 . 2010-07-27 15:51 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-07-27 15:04 . 2010-07-27 12:55 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-07-27 13:03 . 2010-07-28 16:54 54 ----a-w- c:\windows\system32\rp_stats.dat
2010-07-27 13:03 . 2010-07-28 16:54 39 ----a-w- c:\windows\system32\rp_rules.dat
2010-07-27 12:55 . 2009-12-02 13:19 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-07-27 12:52 . 2010-07-27 12:52 -------- d-----w- c:\program files\Lavasoft
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2010-07-26 21:03 . 2010-07-26 21:16 -------- d-----w- c:\program files\Ultimate Process Manager
2010-07-24 06:24 . 2009-06-30 07:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-07-24 06:23 . 2010-07-24 06:23 -------- d-----w- c:\program files\Panda Security
2010-07-23 13:53 . 2010-07-23 19:32 -------- d-----w- c:\windows\BDOSCAN8
2010-07-23 10:41 . 2010-07-23 10:41 -------- d-----w- c:\program files\ESET
2010-07-22 20:12 . 2010-06-01 17:37 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-07-22 18:09 . 2010-07-22 18:09 -------- d-----w- c:\program files\AVG
2010-07-21 22:54 . 2010-07-22 07:08 -------- d-----w- C:\FBackup
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\VDLL.DLL
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\system32\runouce.exe
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\system32\regsvr.exe
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\logo_1.exe
2010-07-21 22:49 . 2010-07-21 22:49 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-07-21 22:49 . 2010-07-21 22:49 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-07-21 22:47 . 2010-07-21 22:54 1161736 ----a-w- c:\windows\system32\contfilt.dll
2010-07-21 12:39 . 2010-07-21 18:51 -------- d-----w- c:\program files\F-Secure
2010-07-21 11:13 . 2010-07-21 11:57 -------- d-----w- c:\windows\system32\NtmsData
2010-07-20 22:57 . 2010-07-20 22:57 68976 ----a-w- c:\windows\system32\drivers\GRD.sys
2010-07-20 22:47 . 2010-07-20 22:47 22528 ----a-w- c:\windows\system32\drivers\GDNdisIc.sys
2010-07-20 21:45 . 2010-07-20 21:45 51784 ----a-w- c:\windows\system32\drivers\GDTdiIcpt.sys
2010-07-20 21:44 . 2010-07-20 21:44 61512 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2010-07-20 21:44 . 2010-07-20 21:44 33480 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2010-07-20 21:44 . 2010-07-21 10:30 -------- d-----w- c:\program files\G Data
2010-07-20 21:44 . 2010-07-21 10:30 -------- d-----w- c:\program files\Common Files\G Data
2010-07-20 11:11 . 2010-07-20 11:11 -------- d-----w- c:\program files\Alwil Software
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\wsbl.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\ph_white.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\ph_summ.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\ph_black.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\pcwords2.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\pcwords.dat
2010-07-17 11:21 . 2010-07-19 19:51 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2010-07-17 10:59 . 2010-07-19 19:53 -------- d-----w- c:\program files\BitDefender
2010-07-17 10:58 . 2010-07-19 19:53 -------- d-----w- c:\program files\Common Files\BitDefender
2010-07-14 05:31 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-13 11:40 . 2010-07-17 10:43 -------- d-----w- c:\program files\Common Files\TrustPort
2010-07-13 11:40 . 2010-07-13 11:40 -------- d-----w- c:\program files\TrustPort
2010-07-06 16:41 . 2010-07-06 16:41 -------- d-----w- c:\documents and settings\NetworkService\Plocha
2010-07-06 15:08 . 2009-10-30 13:08 29512 ----a-w- c:\windows\system32\TURegOpt.exe
2010-07-06 15:08 . 2009-10-30 13:01 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-07-06 14:50 . 2010-07-06 14:50 -------- d-----w- c:\program files\Common Files\Innovative Solutions
2010-07-05 22:15 . 2010-07-06 11:19 -------- d-----w- c:\program files\DrWeb
2010-06-29 22:57 . 2010-07-10 18:01 -------- d-----w- c:\documents and settings\Honza\DoctorWeb

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-26 21:24 . 2008-09-24 19:02 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-07-23 10:14 . 2001-10-25 14:00 93040 ----a-w- c:\windows\system32\perfc005.dat
2010-07-23 10:14 . 2001-10-25 14:00 463744 ----a-w- c:\windows\system32\perfh005.dat
2010-07-22 07:10 . 2010-07-21 22:47 -------- d-----w- c:\program files\eScan
2010-07-21 22:54 . 2010-07-21 22:47 178696 ----a-w- c:\windows\system32\mwnsp.dll
2010-07-21 22:54 . 2010-07-21 22:47 539144 ----a-w- c:\windows\system32\mwtsp.dll
2010-07-21 22:53 . 2008-09-24 18:59 172040 ----a-w- c:\windows\system32\unrar.dll
2010-07-21 22:48 . 2010-07-21 22:47 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-07-20 11:12 . 2010-07-10 18:03 526181 ----a-w- c:\windows\system32\drivers\LightLogger.log
2010-07-17 11:56 . 2010-07-17 11:56 153448 ----a-w- c:\windows\system32\drivers\bdfm.sys.upd
2010-07-17 11:56 . 2010-07-17 11:56 106464 ----a-w- c:\windows\system32\drivers\bdhv.sys.upd
2010-07-17 11:56 . 2010-07-17 11:56 291352 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys.upd
2010-07-17 11:56 . 2010-07-17 11:56 111312 ----a-w- c:\windows\system32\drivers\bdfndisf.sys.upd
2010-07-15 22:52 . 2009-09-06 07:51 -------- d-----w- c:\program files\The KMPlayer
2010-07-10 18:12 . 2009-10-28 12:18 -------- d-----w- c:\program files\IObit
2010-07-10 18:01 . 2010-03-22 15:35 -------- d-----w- c:\program files\Syncrosoft
2010-07-10 18:01 . 2009-02-07 18:40 -------- d-----w- c:\program files\Torrent Master
2010-07-06 15:08 . 2010-01-08 17:53 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-07-06 14:50 . 2010-07-06 14:50 -------- d-----w- c:\windows\Fonts\AdvUninstal
2010-06-23 17:51 . 2010-06-23 17:51 -------- d-----w- c:\program files\Common Files\Apple
2010-06-23 17:51 . 2010-06-23 17:51 -------- d-----w- c:\program files\Apple Software Update
2010-06-17 19:15 . 2010-06-17 18:57 -------- d-----w- c:\program files\Microsoft Works
2010-06-17 18:56 . 2010-05-26 01:04 -------- d-----w- c:\program files\MSBuild
2010-06-17 18:55 . 2010-06-17 18:55 -------- d-----w- c:\program files\Microsoft.NET
2010-06-17 18:53 . 2010-06-17 18:52 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-06-15 18:23 . 2010-03-20 10:07 -------- d-----w- c:\program files\ICQ7.0
2010-06-14 14:31 . 2008-09-23 19:52 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-06 12:54 . 2008-09-24 18:53 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-02 12:34 . 2010-06-02 12:34 -------- d-----w- c:\program files\Common Files\InfoWatch
2010-06-02 12:03 . 2010-06-02 12:03 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-06-01 23:05 . 2010-06-01 23:05 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-06-01 23:04 . 2010-06-01 23:04 -------- d-----w- c:\program files\Microsoft
2010-06-01 23:04 . 2010-06-01 23:04 -------- d-----w- c:\program files\Windows Live
2010-06-01 23:04 . 2010-06-01 23:04 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-06-01 23:03 . 2010-06-01 23:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-06-01 22:58 . 2010-06-01 22:58 -------- d-----w- c:\program files\Common Files\Windows Live
2010-06-01 22:57 . 2010-06-01 22:57 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-05-23 14:15 . 2010-05-23 14:15 9112096 ----a-w- c:\windows\system32\RtsUStoricon.dll
2010-05-23 14:15 . 2010-05-23 14:15 313888 ----a-w- c:\windows\system32\RtsUStor.dll
2010-05-23 14:15 . 2010-05-23 14:15 189784 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2010-05-21 12:52 . 2010-05-21 12:51 24 --sh--w- c:\windows\S069DF5C9.tmp
2010-05-06 10:35 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-03 18:09 . 2010-05-03 18:09 304528 ----a-w- c:\windows\system32\appdrvrem01.exe
2010-05-03 18:09 . 2010-05-03 18:09 2911848 ----a-w- c:\windows\system32\drivers\appdrv01.sys
2010-05-02 12:58 . 2010-05-02 12:58 7780 ----a-w- c:\documents and settings\Honza\FMCodec.dat
2010-05-02 08:09 . 2004-08-17 13:44 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-05-01 20:23 . 2008-09-24 19:13 147456 ----a-w- c:\windows\system32\RTLCPAPI.dll
2010-05-01 20:23 . 2008-09-24 19:13 10528768 ----a-w- c:\windows\system32\RTLCPL.EXE
2010-05-01 20:23 . 2008-09-24 19:13 4122368 ----a-w- c:\windows\system32\drivers\ALCXWDM.SYS
2010-05-01 20:23 . 2008-09-24 19:13 217088 ----a-w- c:\windows\Alcrmv.exe
2010-05-01 20:23 . 2008-09-24 18:41 577536 ----a-w- c:\windows\SOUNDMAN.EXE
2010-05-01 20:22 . 2004-08-03 23:07 28776 ----a-w- c:\windows\system32\drivers\mssmbios.sys
2010-05-01 20:22 . 2001-10-24 12:25 22632 ----a-w- c:\windows\system32\streamci.dll
2010-05-01 20:22 . 2008-09-23 19:50 50792 ----a-w- c:\windows\system32\drivers\termdd.sys
2010-05-01 20:22 . 2008-09-23 19:50 242688 ----a-w- c:\windows\system32\drivers\rdpdr.sys
2009-09-06 07:48 . 2009-09-06 07:48 9111 ----a-w- c:\program files\satsukidecoderdetect.ini
2009-09-06 07:48 . 2009-09-06 07:48 3996 ----a-w- c:\program files\satsukidecodersettings.ini
2008-10-03 18:23 . 2008-10-03 18:23 7332280 ----a-w- c:\program files\Firefox Setup 3.0.exe
2009-10-19 16:59 . 2010-07-17 11:09 47104 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-07-28_15.15.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-07-28 17:56 . 2010-07-28 17:56 16384 c:\windows\Temp\Perflib_Perfdata_11c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="d:\programy\Internet Download Manager\IDMan.exe" [2009-10-17 3118512]
"SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2010-07-02 198864]
"Orb"="d:\programy\Orb\bin\OrbTray.exe" [2009-03-17 510416]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2009-03-11 2912256]
"uTorrent"="d:\programy\stahování\upTorrent\uTorrent.exe" [2010-07-24 327472]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-07-02 2347216]
"SpybotSD TeaTimer"="d:\programy\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"SpywareTerminatorUpdate"="d:\programy\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-07-27 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2009-10-02 90112]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2008-11-20 178688]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"QuickTime Task"="d:\programy\QuickTime\qttask.exe" [2010-03-17 421888]
"IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2010-06-11 1280344]
"SpywareTerminator"="d:\programy\Spyware Terminator\SpywareTerminatorShield.exe" [2010-07-27 2166784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Orb"="d:\programy\Orb\bin\OrbTray.exe" /background
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"uTorrent"="d:\programy\stahování\upTorrent\uTorrent.exe"
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"DAEMON Tools Lite"="d:\programy\DAEMON Tools Lite\DTLite.exe" -autorun
"QIP Internet Guardian"=c:\documents and settings\Honza\Data aplikací\QipGuard\QipGuard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"WinFastDTV"=c:\program files\WinFast\WFDTV\DTVSchdl.exe
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"SweetIM"=c:\program files\SweetIM\Messenger\SweetIM.exe
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"H2O"=c:\program files\SyncroSoft\Pos\H2O\cledx.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"CloneCDTray"="d:\programy\CloneCD\CloneCDTray.exe" /s
"PWRISOVM.EXE"=d:\programy\PowerISO\PWRISOVM.EXE
"QuickTime Task"="d:\programy\QuickTime\qttask.exe" -atboottime
"SoundMan"=SOUNDMAN.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Program Files\\Common Files\\InstallShield\\Driver\\10\\Intel 32\\IDriver.exe"=
"c:\\Program Files\\Adobe\\Reader 8.0\\Reader\\AcroRd32Info.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\wiaacmgr.exe"=
"c:\\WINDOWS\\system32\\drwtsn32.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\WINDOWS\\system32\\netsh.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\wscntfy.exe"=
"d:\\HRY\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\CSP2009.exe"=
"d:\\programy\\stahování\\upTorrent\\uTorrent.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"d:\\programy\\Orb\\bin\\Orb.exe"=
"d:\\programy\\Orb\\bin\\OrbTray.exe"=
"d:\\programy\\Orb\\bin\\OrbStreamerClient.exe"=
"d:\\programy\\Orb\\bin\\OrbChannelScan.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\programy\\OFFICE2007\\Office12\\OUTLOOK.EXE"=
"d:\\programy\\OFFICE2007\\Office12\\GROOVE.EXE"=
"d:\\programy\\OFFICE2007\\Office12\\ONENOTE.EXE"=
"c:\\PROGRA~1\\COMMON~1\\MICROW~1\\Agent\\MWAGENT.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\drivers\CSCrySec.sys [15.5.2010 16:13 88632]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [27.7.2010 14:55 64288]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [24.7.2010 8:24 28552]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [6.12.2005 17:11 35328]
R1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [3.5.2010 20:09 2911848]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [27.7.2010 17:51 142592]
R2 CSObjectsSrv;CryptoStorage control service;c:\program files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [21.12.2009 17:34 743992]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [29.9.2008 10:18 246520]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2.12.2009 15:19 1181328]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.10.2009 15:05 1021256]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [26.3.2010 14:04 33792]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [23.5.2010 16:15 189784]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
R3 WFLR6654;WinFast DTV1800 H (XC3028);c:\windows\system32\drivers\wfeaglxt.sys [24.9.2008 21:38 433920]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [7.2.2009 11:56 234888]
S2 gupdate1ca5b0cba469fea;Služba Google Update (gupdate1ca5b0cba469fea);c:\program files\Google\Update\GoogleUpdate.exe [1.11.2009 18:02 133104]
S2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [10.7.2010 20:14 312152]
S3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\DRIVERS\econceal.sys --> c:\windows\system32\DRIVERS\econceal.sys [?]
S3 esihdrv;esihdrv;\??\c:\docume~1\Honza\LOCALS~1\Temp\esihdrv.sys --> c:\docume~1\Honza\LOCALS~1\Temp\esihdrv.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [23.12.2008 17:35 50704]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\i:\ntglm7x.sys --> i:\NTGLM7X.sys [?]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [16.10.2009 19:19 223128]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24.2.2009 15:09 691696]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-07-28 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-28 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-28 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-28 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-28 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-07-28 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-10-30 13:12]

2010-07-28 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-07-25 12:11]

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-01 16:02]

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-01 16:02]

2010-07-28 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-05-25 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.crawler.com/homepage.aspx?tbid=60076
uInternet Connection Wizard,ShellNext = iexplore
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout s IDM - d:\programy\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - d:\programy\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - d:\programy\Internet Download Manager\IEGetAll.htm
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Get Styles\ct.htm
LSP: c:\windows\system32\idmmbc.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath - c:\documents and settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\c657gqhc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - QIP Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: d:\programy\DivX\DivX Player\npDivxPlayerPlugin.dll
FF - plugin: d:\programy\DivX\DivX Web Player\npdivx32.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-28 20:04
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\.Default\Software\SetID\Internal]
@Denied: (A 2) (LocalSystem)
"DATA"="<settings expireTime=\"0\" productStatus=\"1\" obSize=\"0\" InstallTS=\"2145870353\" isSubsc=\"0\" version=\"12.0.1\" timeDiff=\"1\" oldDevice=\"\" authStatus_ts=\"0\" />"
"Device"="yM29zbvPzMnLvrm+x8fPzce+zro="
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3536)
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-07-28 20:06:48
ComboFix-quarantined-files.txt 2010-07-28 18:06

Před spuštěním: Volných bajtů: 40 339 886 080
Po spuštění: Volných bajtů: 40 327 991 296

- - End Of File - - 5E98088D8C49986572734EAD957AF0F5

[Rudy]

Zkuste to znovu, ale v nouz. režimu.

[horus921]

Zdravím,
tak jsem to udělal. Spustil jsem ComboFix v nouzovém režimu v profilu správce. Log přikládám. Bohužel problémy stále přetrvávají. Stále nejde stáhnout a spustit konzola pro zotavení - "spouštěcí oddíl se nepodařilo správně načíst", stále se velmi pomalu vypíná a restartuje pc, nejde přehlašování uživatelů, při startu systému se vždy vypíše hláška "soubor boot.ini je neplatný, spouštění z c:/windows".
Prosím, pomohl by mi s tím někdo? Opravdu netuším co s tím, už jsem vyzkoušel skoro všechno a přeinstalovat systém nemohu.
Moc děkuji!

ComboFix 10-07-28.04 - Administrator 29.07.2010 17:29:13.7.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.457 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
FW: Doctor Web Firewall *enabled* {3454C8F1-ECBC-4181-A7F4-04632FBA762B}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-06-28 do 2010-07-29 )))))))))))))))))))))))))))))))
.

2010-07-29 15:22 . 2010-07-29 15:22 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-07-28 13:50 . 2010-07-28 13:51 -------- d-----w- C:\rsit
2010-07-28 13:50 . 2010-07-28 13:51 -------- d-----w- c:\program files\trend micro
2010-07-28 09:32 . 2010-07-29 13:45 -------- d-----w- c:\program files\Crawler
2010-07-28 09:29 . 2010-07-28 09:30 -------- d-----w- c:\program files\WinClamAVShield
2010-07-27 15:51 . 2010-07-27 15:51 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-07-27 15:04 . 2010-07-27 12:55 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-07-27 13:03 . 2010-07-29 15:08 54 ----a-w- c:\windows\system32\rp_stats.dat
2010-07-27 13:03 . 2010-07-29 15:08 39 ----a-w- c:\windows\system32\rp_rules.dat
2010-07-27 12:55 . 2009-12-02 13:19 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-07-27 12:52 . 2010-07-27 12:52 -------- d-----w- c:\program files\Lavasoft
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2010-07-26 21:03 . 2010-07-26 21:16 -------- d-----w- c:\program files\Ultimate Process Manager
2010-07-24 06:24 . 2009-06-30 07:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-07-24 06:23 . 2010-07-24 06:23 -------- d-----w- c:\program files\Panda Security
2010-07-23 13:53 . 2010-07-23 19:32 -------- d-----w- c:\windows\BDOSCAN8
2010-07-23 10:41 . 2010-07-23 10:41 -------- d-----w- c:\program files\ESET
2010-07-22 20:12 . 2010-06-01 17:37 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-07-22 18:09 . 2010-07-22 18:09 -------- d-----w- c:\program files\AVG
2010-07-21 22:54 . 2010-07-22 07:08 -------- d-----w- C:\FBackup
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\VDLL.DLL
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\system32\runouce.exe
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\system32\regsvr.exe
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\logo_1.exe
2010-07-21 22:49 . 2010-07-21 22:49 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-07-21 22:49 . 2010-07-21 22:49 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-07-21 22:47 . 2010-07-21 22:54 1161736 ----a-w- c:\windows\system32\contfilt.dll
2010-07-21 12:39 . 2010-07-21 18:51 -------- d-----w- c:\program files\F-Secure
2010-07-21 11:13 . 2010-07-21 11:57 -------- d-----w- c:\windows\system32\NtmsData
2010-07-20 22:57 . 2010-07-20 22:57 68976 ----a-w- c:\windows\system32\drivers\GRD.sys
2010-07-20 22:47 . 2010-07-20 22:47 22528 ----a-w- c:\windows\system32\drivers\GDNdisIc.sys
2010-07-20 21:45 . 2010-07-20 21:45 51784 ----a-w- c:\windows\system32\drivers\GDTdiIcpt.sys
2010-07-20 21:44 . 2010-07-20 21:44 61512 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2010-07-20 21:44 . 2010-07-20 21:44 33480 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2010-07-20 21:44 . 2010-07-21 10:30 -------- d-----w- c:\program files\G Data
2010-07-20 21:44 . 2010-07-21 10:30 -------- d-----w- c:\program files\Common Files\G Data
2010-07-20 11:11 . 2010-07-20 11:11 -------- d-----w- c:\program files\Alwil Software
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\wsbl.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\ph_white.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\ph_summ.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\ph_black.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\pcwords2.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\pcwords.dat
2010-07-17 11:21 . 2010-07-19 19:51 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2010-07-17 10:59 . 2010-07-19 19:53 -------- d-----w- c:\program files\BitDefender
2010-07-17 10:58 . 2010-07-19 19:53 -------- d-----w- c:\program files\Common Files\BitDefender
2010-07-14 05:31 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-13 11:40 . 2010-07-17 10:43 -------- d-----w- c:\program files\Common Files\TrustPort
2010-07-13 11:40 . 2010-07-13 11:40 -------- d-----w- c:\program files\TrustPort
2010-07-06 16:41 . 2010-07-06 16:41 -------- d-----w- c:\documents and settings\NetworkService\Plocha
2010-07-06 15:08 . 2009-10-30 13:08 29512 ----a-w- c:\windows\system32\TURegOpt.exe
2010-07-06 15:08 . 2009-10-30 13:01 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-07-06 14:50 . 2010-07-06 14:50 -------- d-----w- c:\program files\Common Files\Innovative Solutions
2010-07-05 22:15 . 2010-07-06 11:19 -------- d-----w- c:\program files\DrWeb

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-26 21:24 . 2008-09-24 19:02 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-07-23 10:14 . 2001-10-25 14:00 93040 ----a-w- c:\windows\system32\perfc005.dat
2010-07-23 10:14 . 2001-10-25 14:00 463744 ----a-w- c:\windows\system32\perfh005.dat
2010-07-22 07:10 . 2010-07-21 22:47 -------- d-----w- c:\program files\eScan
2010-07-21 22:54 . 2010-07-21 22:47 178696 ----a-w- c:\windows\system32\mwnsp.dll
2010-07-21 22:54 . 2010-07-21 22:47 539144 ----a-w- c:\windows\system32\mwtsp.dll
2010-07-21 22:53 . 2008-09-24 18:59 172040 ----a-w- c:\windows\system32\unrar.dll
2010-07-21 22:48 . 2010-07-21 22:47 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-07-20 11:12 . 2010-07-10 18:03 526181 ----a-w- c:\windows\system32\drivers\LightLogger.log
2010-07-17 11:56 . 2010-07-17 11:56 153448 ----a-w- c:\windows\system32\drivers\bdfm.sys.upd
2010-07-17 11:56 . 2010-07-17 11:56 106464 ----a-w- c:\windows\system32\drivers\bdhv.sys.upd
2010-07-17 11:56 . 2010-07-17 11:56 291352 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys.upd
2010-07-17 11:56 . 2010-07-17 11:56 111312 ----a-w- c:\windows\system32\drivers\bdfndisf.sys.upd
2010-07-15 22:52 . 2009-09-06 07:51 -------- d-----w- c:\program files\The KMPlayer
2010-07-10 18:12 . 2009-10-28 12:18 -------- d-----w- c:\program files\IObit
2010-07-10 18:01 . 2010-03-22 15:35 -------- d-----w- c:\program files\Syncrosoft
2010-07-10 18:01 . 2009-02-07 18:40 -------- d-----w- c:\program files\Torrent Master
2010-07-06 15:08 . 2010-01-08 17:53 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-07-06 14:50 . 2010-07-06 14:50 -------- d-----w- c:\windows\Fonts\AdvUninstal
2010-06-23 17:51 . 2010-06-23 17:51 -------- d-----w- c:\program files\Common Files\Apple
2010-06-23 17:51 . 2010-06-23 17:51 -------- d-----w- c:\program files\Apple Software Update
2010-06-17 19:15 . 2010-06-17 18:57 -------- d-----w- c:\program files\Microsoft Works
2010-06-17 18:56 . 2010-05-26 01:04 -------- d-----w- c:\program files\MSBuild
2010-06-17 18:55 . 2010-06-17 18:55 -------- d-----w- c:\program files\Microsoft.NET
2010-06-17 18:53 . 2010-06-17 18:52 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-06-15 18:23 . 2010-03-20 10:07 -------- d-----w- c:\program files\ICQ7.0
2010-06-14 14:31 . 2008-09-23 19:52 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-06 12:54 . 2008-09-24 18:53 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-02 12:34 . 2010-06-02 12:34 -------- d-----w- c:\program files\Common Files\InfoWatch
2010-06-02 12:03 . 2010-06-02 12:03 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-06-01 23:05 . 2010-06-01 23:05 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-06-01 23:04 . 2010-06-01 23:04 -------- d-----w- c:\program files\Microsoft
2010-06-01 23:04 . 2010-06-01 23:04 -------- d-----w- c:\program files\Windows Live
2010-06-01 23:04 . 2010-06-01 23:04 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-06-01 23:03 . 2010-06-01 23:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-06-01 22:58 . 2010-06-01 22:58 -------- d-----w- c:\program files\Common Files\Windows Live
2010-06-01 22:57 . 2010-06-01 22:57 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-05-23 14:15 . 2010-05-23 14:15 9112096 ----a-w- c:\windows\system32\RtsUStoricon.dll
2010-05-23 14:15 . 2010-05-23 14:15 313888 ----a-w- c:\windows\system32\RtsUStor.dll
2010-05-23 14:15 . 2010-05-23 14:15 189784 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2010-05-21 12:52 . 2010-05-21 12:51 24 --sh--w- c:\windows\S069DF5C9.tmp
2010-05-06 10:35 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-03 18:09 . 2010-05-03 18:09 304528 ----a-w- c:\windows\system32\appdrvrem01.exe
2010-05-03 18:09 . 2010-05-03 18:09 2911848 ----a-w- c:\windows\system32\drivers\appdrv01.sys
2010-05-02 08:09 . 2004-08-17 13:44 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-05-01 20:23 . 2008-09-24 19:13 147456 ----a-w- c:\windows\system32\RTLCPAPI.dll
2010-05-01 20:23 . 2008-09-24 19:13 10528768 ----a-w- c:\windows\system32\RTLCPL.EXE
2010-05-01 20:23 . 2008-09-24 19:13 4122368 ----a-w- c:\windows\system32\drivers\ALCXWDM.SYS
2010-05-01 20:23 . 2008-09-24 19:13 217088 ----a-w- c:\windows\Alcrmv.exe
2010-05-01 20:23 . 2008-09-24 18:41 577536 ----a-w- c:\windows\SOUNDMAN.EXE
2010-05-01 20:22 . 2004-08-03 23:07 28776 ----a-w- c:\windows\system32\drivers\mssmbios.sys
2010-05-01 20:22 . 2001-10-24 12:25 22632 ----a-w- c:\windows\system32\streamci.dll
2010-05-01 20:22 . 2008-09-23 19:50 50792 ----a-w- c:\windows\system32\drivers\termdd.sys
2010-05-01 20:22 . 2008-09-23 19:50 242688 ----a-w- c:\windows\system32\drivers\rdpdr.sys
2009-09-06 07:48 . 2009-09-06 07:48 9111 ----a-w- c:\program files\satsukidecoderdetect.ini
2009-09-06 07:48 . 2009-09-06 07:48 3996 ----a-w- c:\program files\satsukidecodersettings.ini
2008-10-03 18:23 . 2008-10-03 18:23 7332280 ----a-w- c:\program files\Firefox Setup 3.0.exe
2009-10-19 16:59 . 2010-07-17 11:09 47104 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-07-28_15.15.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-17 18:59 . 2010-07-29 13:46 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2009-04-02 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2009-10-02 90112]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2008-11-20 178688]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"QuickTime Task"="d:\programy\QuickTime\qttask.exe" [2010-03-17 421888]
"IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2010-06-11 1280344]
"SpywareTerminator"="d:\programy\Spyware Terminator\SpywareTerminatorShield.exe" [2010-07-27 2166784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"WinFastDTV"=c:\program files\WinFast\WFDTV\DTVSchdl.exe
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"SweetIM"=c:\program files\SweetIM\Messenger\SweetIM.exe
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"H2O"=c:\program files\SyncroSoft\Pos\H2O\cledx.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"CloneCDTray"="d:\programy\CloneCD\CloneCDTray.exe" /s
"PWRISOVM.EXE"=d:\programy\PowerISO\PWRISOVM.EXE
"QuickTime Task"="d:\programy\QuickTime\qttask.exe" -atboottime
"SoundMan"=SOUNDMAN.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Program Files\\Common Files\\InstallShield\\Driver\\10\\Intel 32\\IDriver.exe"=
"c:\\Program Files\\Adobe\\Reader 8.0\\Reader\\AcroRd32Info.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\wiaacmgr.exe"=
"c:\\WINDOWS\\system32\\drwtsn32.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\WINDOWS\\system32\\netsh.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\wscntfy.exe"=
"d:\\HRY\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\CSP2009.exe"=
"d:\\programy\\stahování\\upTorrent\\uTorrent.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"d:\\programy\\Orb\\bin\\Orb.exe"=
"d:\\programy\\Orb\\bin\\OrbTray.exe"=
"d:\\programy\\Orb\\bin\\OrbStreamerClient.exe"=
"d:\\programy\\Orb\\bin\\OrbChannelScan.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\programy\\OFFICE2007\\Office12\\OUTLOOK.EXE"=
"d:\\programy\\OFFICE2007\\Office12\\GROOVE.EXE"=
"d:\\programy\\OFFICE2007\\Office12\\ONENOTE.EXE"=
"c:\\PROGRA~1\\COMMON~1\\MICROW~1\\Agent\\MWAGENT.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\drivers\CSCrySec.sys [15.5.2010 16:13 88632]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [27.7.2010 14:55 64288]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [6.12.2005 17:11 35328]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2.12.2009 15:19 1181328]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [26.3.2010 14:04 33792]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [23.5.2010 16:15 189784]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [24.7.2010 8:24 28552]
S1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [3.5.2010 20:09 2911848]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [27.7.2010 17:51 142592]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [7.2.2009 11:56 234888]
S2 CSObjectsSrv;CryptoStorage control service;c:\program files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [21.12.2009 17:34 743992]
S2 gupdate1ca5b0cba469fea;Služba Google Update (gupdate1ca5b0cba469fea);c:\program files\Google\Update\GoogleUpdate.exe [1.11.2009 18:02 133104]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [29.9.2008 10:18 246520]
S2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [10.7.2010 20:14 312152]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.10.2009 15:05 1021256]
S3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\DRIVERS\econceal.sys --> c:\windows\system32\DRIVERS\econceal.sys [?]
S3 esihdrv;esihdrv;\??\c:\docume~1\Honza\LOCALS~1\Temp\esihdrv.sys --> c:\docume~1\Honza\LOCALS~1\Temp\esihdrv.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [23.12.2008 17:35 50704]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\i:\ntglm7x.sys --> i:\NTGLM7X.sys [?]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [16.10.2009 19:19 223128]
S3 WFLR6654;WinFast DTV1800 H (XC3028);c:\windows\system32\drivers\wfeaglxt.sys [24.9.2008 21:38 433920]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24.2.2009 15:09 691696]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-07-29 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-29 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-29 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-29 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-29 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-07-29 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-10-30 13:12]

2010-07-29 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-07-25 12:11]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-01 16:02]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-01 16:02]

2010-07-29 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-05-25 20:18]
.
.
------- Doplňkový sken -------
.
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Get Styles\ct.htm
LSP: c:\windows\system32\idmmbc.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-29 17:33
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\.Default\Software\SetID\Internal]
@Denied: (A 2) (LocalSystem)
"DATA"="<settings expireTime=\"0\" productStatus=\"1\" obSize=\"0\" InstallTS=\"2145870353\" isSubsc=\"0\" version=\"12.0.1\" timeDiff=\"1\" oldDevice=\"\" authStatus_ts=\"0\" />"
"Device"="yM29zbvPzMnLvrm+x8fPzce+zro="

[HKEY_USERS\S-1-5-21-2000478354-879983540-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,15,87,9c,e1,4f,25,b7,4a,8e,f0,d6,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,15,87,9c,e1,4f,25,b7,4a,8e,f0,d6,\
.
Celkový čas: 2010-07-29 17:34:34
ComboFix-quarantined-files.txt 2010-07-29 15:34

Před spuštěním: Volných bajtů: 44 685 787 136
Po spuštění: Volných bajtů: 44 674 568 192

- - End Of File - - F43BC39F0E79ECF45E5A661D8A42A858

[Rudy]

To je v pořádku, nespustil jste jej ale pomocí skriptu. Takto CF mazat nebude.

[horus921]

aha, a ten skript je stále ten samý? nebo se něco změnilo?

[Rudy]

Stále ten, který je uveden výše.

[horus921]

Tak jsem to udělal, problémy stále přetrvávají. Přikládám log.
Co teď? Prosím o radu.
Děkuji!

ComboFix 10-07-28.04 - Honza 29.07.2010 18:43:30.9.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.691 [GMT 2:00]
Spuštěný z: c:\documents and settings\Honza\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Honza\Plocha\CFScript.txt
FW: Doctor Web Firewall *enabled* {3454C8F1-ECBC-4181-A7F4-04632FBA762B}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!

file zipped: c:\windows\S069DF5C9.tmp
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\S069DF5C9.tmp
.
---- Předchozí spuštění -------
.
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\AskSplash.exe
c:\program files\AskBarDis\bar\bin\AskTBApp.exe
c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Cache\00060E89
c:\program files\AskBarDis\bar\Cache\01CF9108
c:\program files\AskBarDis\bar\Cache\01CF956D.bin
c:\program files\AskBarDis\bar\Cache\01CF987B.bin
c:\program files\AskBarDis\bar\Cache\01CF9BA7.bin
c:\program files\AskBarDis\bar\Cache\01CF9CE0.bin
c:\program files\AskBarDis\bar\Cache\01CF9DF9.bin
c:\program files\AskBarDis\bar\Cache\01CF9F12.bin
c:\program files\AskBarDis\bar\Cache\files.ini
c:\program files\AskBarDis\bar\History\search
c:\program files\AskBarDis\bar\Settings\AskLogo.ico
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\bar\Settings\prevcfg.htm
c:\program files\AskBarDis\bar\Settings\prevCfg2.htm
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
c:\windows\S069DF5C9.tmp
c:\windows\system32\rezumatenoi.dat

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ASKUPGRADE
-------\Service_ASKUpgrade


((((((((((((((((((((((((( Soubory vytvořené od 2010-06-28 do 2010-07-29 )))))))))))))))))))))))))))))))
.

2010-07-28 13:50 . 2010-07-28 13:51 -------- d-----w- C:\rsit
2010-07-28 13:50 . 2010-07-28 13:51 -------- d-----w- c:\program files\trend micro
2010-07-28 09:32 . 2010-07-29 13:45 -------- d-----w- c:\program files\Crawler
2010-07-28 09:29 . 2010-07-28 09:30 -------- d-----w- c:\program files\WinClamAVShield
2010-07-27 15:51 . 2010-07-27 15:51 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-07-27 15:04 . 2010-07-27 12:55 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-07-27 13:03 . 2010-07-29 15:40 54 ----a-w- c:\windows\system32\rp_stats.dat
2010-07-27 13:03 . 2010-07-29 15:40 39 ----a-w- c:\windows\system32\rp_rules.dat
2010-07-27 12:55 . 2009-12-02 13:19 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-07-27 12:52 . 2010-07-27 12:52 -------- d-----w- c:\program files\Lavasoft
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2010-07-26 21:25 . 2010-07-26 21:25 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)
2010-07-26 21:03 . 2010-07-26 21:16 -------- d-----w- c:\program files\Ultimate Process Manager
2010-07-24 06:24 . 2009-06-30 07:37 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2010-07-24 06:23 . 2010-07-24 06:23 -------- d-----w- c:\program files\Panda Security
2010-07-23 13:53 . 2010-07-23 19:32 -------- d-----w- c:\windows\BDOSCAN8
2010-07-23 10:41 . 2010-07-23 10:41 -------- d-----w- c:\program files\ESET
2010-07-22 20:12 . 2010-06-01 17:37 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-07-22 18:09 . 2010-07-22 18:09 -------- d-----w- c:\program files\AVG
2010-07-21 22:54 . 2010-07-22 07:08 -------- d-----w- C:\FBackup
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\VDLL.DLL
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\system32\runouce.exe
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\system32\regsvr.exe
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-07-21 22:54 . 2010-07-21 22:54 -------- d---a-w- c:\windows\logo_1.exe
2010-07-21 22:49 . 2010-07-21 22:49 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-07-21 22:49 . 2010-07-21 22:49 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-07-21 22:47 . 2010-07-21 22:54 1161736 ----a-w- c:\windows\system32\contfilt.dll
2010-07-21 12:39 . 2010-07-21 18:51 -------- d-----w- c:\program files\F-Secure
2010-07-21 11:13 . 2010-07-21 11:57 -------- d-----w- c:\windows\system32\NtmsData
2010-07-20 22:57 . 2010-07-20 22:57 68976 ----a-w- c:\windows\system32\drivers\GRD.sys
2010-07-20 22:47 . 2010-07-20 22:47 22528 ----a-w- c:\windows\system32\drivers\GDNdisIc.sys
2010-07-20 21:45 . 2010-07-20 21:45 51784 ----a-w- c:\windows\system32\drivers\GDTdiIcpt.sys
2010-07-20 21:44 . 2010-07-20 21:44 61512 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2010-07-20 21:44 . 2010-07-20 21:44 33480 ----a-w- c:\windows\system32\drivers\GDBehave.sys
2010-07-20 21:44 . 2010-07-21 10:30 -------- d-----w- c:\program files\G Data
2010-07-20 21:44 . 2010-07-21 10:30 -------- d-----w- c:\program files\Common Files\G Data
2010-07-20 11:11 . 2010-07-20 11:11 -------- d-----w- c:\program files\Alwil Software
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\wsbl.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\ph_white.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\ph_summ.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\ph_black.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\pcwords2.dat
2010-07-18 00:28 . 2010-07-18 00:28 0 ----a-w- c:\windows\system32\pcwords.dat
2010-07-17 10:59 . 2010-07-19 19:53 -------- d-----w- c:\program files\BitDefender
2010-07-17 10:58 . 2010-07-19 19:53 -------- d-----w- c:\program files\Common Files\BitDefender
2010-07-14 05:31 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-13 11:40 . 2010-07-17 10:43 -------- d-----w- c:\program files\Common Files\TrustPort
2010-07-13 11:40 . 2010-07-13 11:40 -------- d-----w- c:\program files\TrustPort
2010-07-06 16:41 . 2010-07-06 16:41 -------- d-----w- c:\documents and settings\NetworkService\Plocha
2010-07-06 15:08 . 2009-10-30 13:08 29512 ----a-w- c:\windows\system32\TURegOpt.exe
2010-07-06 15:08 . 2009-10-30 13:01 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-07-06 14:50 . 2010-07-06 14:50 -------- d-----w- c:\program files\Common Files\Innovative Solutions
2010-07-05 22:15 . 2010-07-06 11:19 -------- d-----w- c:\program files\DrWeb
2010-06-29 22:57 . 2010-07-10 18:01 -------- d-----w- c:\documents and settings\Honza\DoctorWeb

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-26 21:24 . 2008-09-24 19:02 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-07-23 10:14 . 2001-10-25 14:00 93040 ----a-w- c:\windows\system32\perfc005.dat
2010-07-23 10:14 . 2001-10-25 14:00 463744 ----a-w- c:\windows\system32\perfh005.dat
2010-07-22 07:10 . 2010-07-21 22:47 -------- d-----w- c:\program files\eScan
2010-07-21 22:54 . 2010-07-21 22:47 178696 ----a-w- c:\windows\system32\mwnsp.dll
2010-07-21 22:54 . 2010-07-21 22:47 539144 ----a-w- c:\windows\system32\mwtsp.dll
2010-07-21 22:53 . 2008-09-24 18:59 172040 ----a-w- c:\windows\system32\unrar.dll
2010-07-21 22:48 . 2010-07-21 22:47 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-07-20 11:12 . 2010-07-10 18:03 526181 ----a-w- c:\windows\system32\drivers\LightLogger.log
2010-07-17 11:56 . 2010-07-17 11:56 153448 ----a-w- c:\windows\system32\drivers\bdfm.sys.upd
2010-07-17 11:56 . 2010-07-17 11:56 106464 ----a-w- c:\windows\system32\drivers\bdhv.sys.upd
2010-07-17 11:56 . 2010-07-17 11:56 291352 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys.upd
2010-07-17 11:56 . 2010-07-17 11:56 111312 ----a-w- c:\windows\system32\drivers\bdfndisf.sys.upd
2010-07-15 22:52 . 2009-09-06 07:51 -------- d-----w- c:\program files\The KMPlayer
2010-07-10 18:12 . 2009-10-28 12:18 -------- d-----w- c:\program files\IObit
2010-07-10 18:01 . 2010-03-22 15:35 -------- d-----w- c:\program files\Syncrosoft
2010-07-10 18:01 . 2009-02-07 18:40 -------- d-----w- c:\program files\Torrent Master
2010-07-06 15:08 . 2010-01-08 17:53 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-07-06 14:50 . 2010-07-06 14:50 -------- d-----w- c:\windows\Fonts\AdvUninstal
2010-06-23 17:51 . 2010-06-23 17:51 -------- d-----w- c:\program files\Common Files\Apple
2010-06-23 17:51 . 2010-06-23 17:51 -------- d-----w- c:\program files\Apple Software Update
2010-06-17 19:15 . 2010-06-17 18:57 -------- d-----w- c:\program files\Microsoft Works
2010-06-17 18:56 . 2010-05-26 01:04 -------- d-----w- c:\program files\MSBuild
2010-06-17 18:55 . 2010-06-17 18:55 -------- d-----w- c:\program files\Microsoft.NET
2010-06-17 18:53 . 2010-06-17 18:52 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-06-15 18:23 . 2010-03-20 10:07 -------- d-----w- c:\program files\ICQ7.0
2010-06-14 14:31 . 2008-09-23 19:52 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-06 12:54 . 2008-09-24 18:53 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-02 12:34 . 2010-06-02 12:34 -------- d-----w- c:\program files\Common Files\InfoWatch
2010-06-02 12:03 . 2010-06-02 12:03 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-06-01 23:05 . 2010-06-01 23:05 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-06-01 23:04 . 2010-06-01 23:04 -------- d-----w- c:\program files\Microsoft
2010-06-01 23:04 . 2010-06-01 23:04 -------- d-----w- c:\program files\Windows Live
2010-06-01 23:04 . 2010-06-01 23:04 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-06-01 23:03 . 2010-06-01 23:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-06-01 22:58 . 2010-06-01 22:58 -------- d-----w- c:\program files\Common Files\Windows Live
2010-06-01 22:57 . 2010-06-01 22:57 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-05-23 14:15 . 2010-05-23 14:15 9112096 ----a-w- c:\windows\system32\RtsUStoricon.dll
2010-05-23 14:15 . 2010-05-23 14:15 313888 ----a-w- c:\windows\system32\RtsUStor.dll
2010-05-23 14:15 . 2010-05-23 14:15 189784 ----a-w- c:\windows\system32\drivers\RtsUStor.sys
2010-05-06 10:35 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-03 18:09 . 2010-05-03 18:09 304528 ----a-w- c:\windows\system32\appdrvrem01.exe
2010-05-03 18:09 . 2010-05-03 18:09 2911848 ----a-w- c:\windows\system32\drivers\appdrv01.sys
2010-05-02 12:58 . 2010-05-02 12:58 7780 ----a-w- c:\documents and settings\Honza\FMCodec.dat
2010-05-02 08:09 . 2004-08-17 13:44 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-05-01 20:23 . 2008-09-24 19:13 147456 ----a-w- c:\windows\system32\RTLCPAPI.dll
2010-05-01 20:23 . 2008-09-24 19:13 10528768 ----a-w- c:\windows\system32\RTLCPL.EXE
2010-05-01 20:23 . 2008-09-24 19:13 4122368 ----a-w- c:\windows\system32\drivers\ALCXWDM.SYS
2010-05-01 20:23 . 2008-09-24 19:13 217088 ----a-w- c:\windows\Alcrmv.exe
2010-05-01 20:23 . 2008-09-24 18:41 577536 ----a-w- c:\windows\SOUNDMAN.EXE
2010-05-01 20:22 . 2004-08-03 23:07 28776 ----a-w- c:\windows\system32\drivers\mssmbios.sys
2010-05-01 20:22 . 2001-10-24 12:25 22632 ----a-w- c:\windows\system32\streamci.dll
2010-05-01 20:22 . 2008-09-23 19:50 50792 ----a-w- c:\windows\system32\drivers\termdd.sys
2010-05-01 20:22 . 2008-09-23 19:50 242688 ----a-w- c:\windows\system32\drivers\rdpdr.sys
2009-09-06 07:48 . 2009-09-06 07:48 9111 ----a-w- c:\program files\satsukidecoderdetect.ini
2009-09-06 07:48 . 2009-09-06 07:48 3996 ----a-w- c:\program files\satsukidecodersettings.ini
2008-10-03 18:23 . 2008-10-03 18:23 7332280 ----a-w- c:\program files\Firefox Setup 3.0.exe
2009-10-19 16:59 . 2010-07-17 11:09 47104 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-07-28_15.15.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-17 18:59 . 2010-07-29 13:46 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2010-06-17 18:59 . 2010-07-29 13:46 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2010-06-17 18:59 . 2010-07-14 06:21 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="d:\programy\Internet Download Manager\IDMan.exe" [2009-10-17 3118512]
"SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2010-07-02 198864]
"Orb"="d:\programy\Orb\bin\OrbTray.exe" [2009-03-17 510416]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2009-03-11 2912256]
"uTorrent"="d:\programy\stahování\upTorrent\uTorrent.exe" [2010-07-24 327472]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-07-02 2347216]
"SpybotSD TeaTimer"="d:\programy\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"SpywareTerminatorUpdate"="d:\programy\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-07-27 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2009-10-02 90112]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2008-11-20 178688]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"QuickTime Task"="d:\programy\QuickTime\qttask.exe" [2010-03-17 421888]
"IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2010-06-11 1280344]
"SpywareTerminator"="d:\programy\Spyware Terminator\SpywareTerminatorShield.exe" [2010-07-27 2166784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Orb"="d:\programy\Orb\bin\OrbTray.exe" /background
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"uTorrent"="d:\programy\stahování\upTorrent\uTorrent.exe"
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"DAEMON Tools Lite"="d:\programy\DAEMON Tools Lite\DTLite.exe" -autorun
"QIP Internet Guardian"=c:\documents and settings\Honza\Data aplikací\QipGuard\QipGuard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"WinFastDTV"=c:\program files\WinFast\WFDTV\DTVSchdl.exe
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"SweetIM"=c:\program files\SweetIM\Messenger\SweetIM.exe
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"H2O"=c:\program files\SyncroSoft\Pos\H2O\cledx.exe
"CloneCDTray"="d:\programy\CloneCD\CloneCDTray.exe" /s
"PWRISOVM.EXE"=d:\programy\PowerISO\PWRISOVM.EXE
"QuickTime Task"="d:\programy\QuickTime\qttask.exe" -atboottime
"SoundMan"=SOUNDMAN.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"=
"c:\\Program Files\\Common Files\\InstallShield\\Driver\\10\\Intel 32\\IDriver.exe"=
"c:\\Program Files\\Adobe\\Reader 8.0\\Reader\\AcroRd32Info.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\wiaacmgr.exe"=
"c:\\WINDOWS\\system32\\drwtsn32.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\WINDOWS\\system32\\wuauclt.exe"=
"c:\\WINDOWS\\system32\\netsh.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\wscntfy.exe"=
"d:\\HRY\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\CSP2009.exe"=
"d:\\programy\\stahování\\upTorrent\\uTorrent.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"d:\\programy\\Orb\\bin\\Orb.exe"=
"d:\\programy\\Orb\\bin\\OrbTray.exe"=
"d:\\programy\\Orb\\bin\\OrbStreamerClient.exe"=
"d:\\programy\\Orb\\bin\\OrbChannelScan.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\programy\\OFFICE2007\\Office12\\OUTLOOK.EXE"=
"d:\\programy\\OFFICE2007\\Office12\\GROOVE.EXE"=
"d:\\programy\\OFFICE2007\\Office12\\ONENOTE.EXE"=
"c:\\PROGRA~1\\COMMON~1\\MICROW~1\\Agent\\MWAGENT.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\drivers\CSCrySec.sys [15.5.2010 16:13 88632]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [27.7.2010 14:55 64288]
R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);c:\windows\system32\drivers\sfsync03.sys [6.12.2005 17:11 35328]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2.12.2009 15:19 1181328]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [26.3.2010 14:04 33792]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [23.5.2010 16:15 189784]
S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [24.7.2010 8:24 28552]
S1 appdrv01;Application Driver (01);c:\windows\system32\drivers\appdrv01.sys [3.5.2010 20:09 2911848]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [27.7.2010 17:51 142592]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]
S2 CSObjectsSrv;CryptoStorage control service;c:\program files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [21.12.2009 17:34 743992]
S2 gupdate1ca5b0cba469fea;Služba Google Update (gupdate1ca5b0cba469fea);c:\program files\Google\Update\GoogleUpdate.exe [1.11.2009 18:02 133104]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [29.9.2008 10:18 246520]
S2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [10.7.2010 20:14 312152]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.10.2009 15:05 1021256]
S3 econceal;MicroWorld Technologies Network Service;c:\windows\system32\DRIVERS\econceal.sys --> c:\windows\system32\DRIVERS\econceal.sys [?]
S3 esihdrv;esihdrv;\??\c:\docume~1\Honza\LOCALS~1\Temp\esihdrv.sys --> c:\docume~1\Honza\LOCALS~1\Temp\esihdrv.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [23.12.2008 17:35 50704]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\i:\ntglm7x.sys --> i:\NTGLM7X.sys [?]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [16.10.2009 19:19 223128]
S3 WFLR6654;WinFast DTV1800 H (XC3028);c:\windows\system32\drivers\wfeaglxt.sys [24.9.2008 21:38 433920]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24.2.2009 15:09 691696]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-07-29 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-29 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-29 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-29 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-29 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 12:55]

2010-07-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-07-29 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-10-30 13:12]

2010-07-29 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-07-25 12:11]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-01 16:02]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-01 16:02]

2010-07-29 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-05-25 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.crawler.com/homepage.aspx?tbid=60076
uInternet Connection Wizard,ShellNext = iexplore
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Stáhnout s IDM - d:\programy\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - d:\programy\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - d:\programy\Internet Download Manager\IEGetAll.htm
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\Get Styles\ct.htm
LSP: c:\windows\system32\idmmbc.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath - c:\documents and settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\c657gqhc.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - QIP Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13925&gct=&gc=1&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: d:\programy\DivX\DivX Player\npDivxPlayerPlugin.dll
FF - plugin: d:\programy\DivX\DivX Web Player\npdivx32.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: d:\programy\QuickTime\Plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-29 18:50
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\.Default\Software\SetID\Internal]
@Denied: (A 2) (LocalSystem)
"DATA"="<settings expireTime=\"0\" productStatus=\"1\" obSize=\"0\" InstallTS=\"2145870353\" isSubsc=\"0\" version=\"12.0.1\" timeDiff=\"1\" oldDevice=\"\" authStatus_ts=\"0\" />"
"Device"="yM29zbvPzMnLvrm+x8fPzce+zro="
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(788)
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\progra~1\WINDOW~2\wmpband.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2010-07-29 18:55:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-29 16:55

Před spuštěním: Volných bajtů: 44 897 980 416
Po spuštění: Volných bajtů: 44 887 437 312

- - End Of File - - D1641E07921AA7CC46E17665CCA63574

[Rudy]

PC je nyní odvirován. Pokud problémy trvají, znamená to, že vir poškodil systém. Opravit jej můžete buď pomocí XPManageru: http://www.viry.cz/forum/viewtopic.php?f=46&t=17549 , nebo z instal. CD.

[horus921]

Moc děkuji!
Přeji hodně štěstí v boji se šmejdy!