Problém s archlp

[otulka]

TuneUp mi hlásí chybu kterou nemůžu podle toho návodu najít, viz screen zde:


V logu z ComboFixu jsem něco k tomu našel :
R1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [x]

ale v c:\windows\system32\drivers\ žádný archlp.sys není

Celý log je tady

ComboFix 10-08-15.04 - otulka 20.08.2010 7:32.1.1 - x86
Spuštěný z: C:\ComboFix.exe
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\otulka\AppData\Roaming\inst.exe
c:\windows\system32\vbzlib1.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_osppsvc


((((((((((((((((((((((((( Soubory vytvořené od 2010-07-20 do 2010-08-20 )))))))))))))))))))))))))))))))
.

2010-08-20 05:42 . 2010-08-20 05:42 -------- d-----w- C:\Device
2010-08-20 05:41 . 2010-08-20 05:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-20 04:07 . 2010-08-20 04:07 -------- d-----w- c:\program files\Classic Menu for Office
2010-08-20 03:03 . 2010-08-20 03:03 472576 ----a-w- c:\windows\AutoKMS.exe
2010-08-19 19:55 . 2010-08-19 19:55 -------- d-----w- c:\program files\xp-AntiSpy
2010-08-19 19:24 . 2010-08-19 19:24 -------- d-----w- c:\program files\Axesstel
2010-08-19 17:03 . 2010-08-19 17:03 28672 ----a-w- c:\windows\system32\AF15BDAEX.dll
2010-08-19 17:03 . 2010-08-19 17:03 126 ----a-w- c:\windows\system32\AF15IRTBL.bin
2010-08-19 17:03 . 2010-08-19 17:03 306816 ----a-w- c:\windows\system32\drivers\AF15BDA.sys
2010-08-19 16:06 . 2010-08-19 16:06 -------- d-----w- c:\users\otulka\AppData\Local\ArcSoft
2010-08-19 16:04 . 2006-11-10 13:05 18688 ----a-w- c:\windows\system32\drivers\afc.sys
2010-08-19 16:04 . 2010-08-19 16:04 -------- d-----w- c:\program files\MSI
2010-08-19 16:04 . 2005-04-27 14:36 245408 ----a-w- c:\windows\system32\unicows.dll
2010-08-19 16:04 . 2010-08-19 16:04 -------- d-----w- c:\program files\Common Files\ArcSoft
2010-08-19 15:58 . 2010-08-19 16:05 -------- d-----w- c:\users\otulka\AppData\Roaming\ArcSoft
2010-08-19 15:52 . 2010-08-19 15:52 -------- d-----w- c:\windows\VMUVC
2010-08-19 15:52 . 2008-07-01 09:12 398720 ----a-w- c:\windows\system32\drivers\vvftUVC.sys
2010-08-19 15:52 . 2008-09-02 15:47 94208 ----a-w- c:\windows\system32\VvFtCtrl.dll
2010-08-19 15:51 . 2010-08-19 15:51 -------- d-----w- c:\program files\Vimicro Corporation
2010-08-19 15:51 . 2009-05-25 15:31 252416 ----a-w- c:\windows\system32\drivers\VMUVC.sys
2010-08-19 15:51 . 2008-02-29 08:11 11776 ----a-w- c:\windows\system32\VMUVC.dll
2010-08-19 15:30 . 2010-08-19 15:31 -------- d-----w- c:\program files\mp3DC203
2010-08-19 15:30 . 2010-08-19 15:30 -------- d-----w- c:\users\otulka\AppData\Roaming\Media Player Classic
2010-08-19 15:29 . 2010-08-19 15:29 -------- d-----w- c:\program files\Real Alternative
2010-08-19 15:29 . 2010-08-19 15:29 -------- d-----w- c:\users\otulka\AppData\Local\Real
2010-08-19 15:23 . 2010-08-19 15:23 -------- d-----w- c:\program files\WinPcap
2010-08-19 15:20 . 2010-08-19 15:20 -------- d-----w- c:\program files\DsNET Corp
2010-08-19 15:17 . 2010-08-19 15:17 -------- d-----w- c:\program files\GIF Movie Gear
2010-08-19 15:10 . 2003-11-04 17:08 1032192 ----a-w- c:\windows\AquaReal.scr
2010-08-19 15:10 . 2010-08-19 15:10 -------- d-----w- c:\program files\Formosoft
2010-08-19 15:10 . 2002-11-15 15:56 131072 ----a-w- c:\windows\SNVerifyDLL.dll
2010-08-19 15:01 . 2010-08-19 15:01 -------- d-----w- c:\users\otulka\AppData\Local\Cosect
2010-08-19 14:59 . 2010-08-19 15:00 -------- d-----w- c:\program files\DisCryptor
2010-08-19 14:30 . 2010-08-19 16:05 -------- d-----w- c:\programdata\ArcSoft
2010-08-19 14:28 . 2010-08-19 16:24 -------- d-----w- c:\windows\Downloaded Installations
2010-08-19 13:51 . 2010-08-19 13:51 -------- d-----w- c:\program files\linguatec
2010-08-19 13:37 . 2010-08-19 13:37 -------- d-----w- c:\program files\Acapela Group
2010-08-19 13:37 . 2010-08-19 13:46 -------- d-----w- C:\Infovox2.lic
2010-08-19 13:36 . 2010-08-19 13:36 -------- d-----w- c:\users\otulka\AppData\Roaming\Balabolka
2010-08-19 13:35 . 2010-08-19 13:36 -------- d-----w- c:\program files\Balabolka
2010-08-19 13:19 . 2010-08-19 20:17 -------- d-----w- c:\program files\ABC Amber Palm Converter
2010-08-19 13:10 . 2010-08-19 13:11 -------- d-----w- c:\program files\ICE Book Reader Professional
2010-08-19 12:35 . 2010-08-19 12:35 -------- d-----w- c:\users\otulka\AppData\Roaming\EPSON
2010-08-19 12:30 . 2006-04-18 02:00 102400 ----a-w- c:\programdata\EPSON\EPW!3 SSRP\E_S30RP1.EXE
2010-08-19 12:28 . 2004-09-10 18:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2010-08-19 12:28 . 2006-08-10 00:02 75264 ----a-w- c:\windows\system32\E_FLBBEE.DLL
2010-08-19 12:28 . 2006-04-19 00:00 62976 ----a-w- c:\windows\system32\E_FD4BBEE.DLL
2010-08-19 12:28 . 2010-08-19 12:30 -------- d-----w- c:\programdata\EPSON
2010-08-19 12:23 . 2010-08-19 12:27 -------- d-----w- c:\program files\epson
2010-08-19 12:23 . 2006-10-12 22:00 61952 ----a-w- c:\windows\system32\escwiad.dll
2010-08-19 12:23 . 2005-02-24 22:00 46080 ----a-w- c:\windows\system32\escimgd.dll
2010-08-19 12:23 . 2005-02-24 22:00 22016 ----a-w- c:\windows\system32\esccmd.dll
2010-08-19 08:27 . 2010-08-19 08:27 -------- d-----w- c:\program files\Common Files\PCSuite
2010-08-19 08:27 . 2010-08-19 08:27 -------- d-----w- c:\program files\Common Files\Nokia
2010-08-19 08:26 . 2010-08-19 08:26 -------- d-----w- c:\program files\PC Connectivity Solution
2010-08-19 08:25 . 2010-08-19 07:07 36684048 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_cze_web.exe
2010-08-19 08:25 . 2010-08-19 08:25 95232 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\pcswpcsi.exe
2010-08-19 08:25 . 2010-08-19 08:25 8192 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstCCD.exe
2010-08-19 08:25 . 2010-08-19 08:25 61440 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-08-19 08:25 . 2010-08-19 08:25 10240 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCS.exe
2010-08-19 06:40 . 2010-08-19 06:40 -------- d-----w- c:\program files\Broadcom
2010-08-19 06:16 . 2007-08-29 17:38 99880 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2010-08-19 06:16 . 2007-05-17 16:38 28464 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2010-08-19 06:16 . 2007-08-29 17:38 17448 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2010-08-19 06:16 . 2007-08-29 17:38 81448 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2010-08-19 06:16 . 2007-08-28 16:22 233472 ----a-w- c:\windows\system32\BtwRSupport.dll
2010-08-19 06:16 . 2010-08-19 06:16 -------- d-----w- c:\windows\system32\es-MX
2010-08-19 06:16 . 2010-08-19 06:16 -------- d-----w- c:\windows\system32\es-AR
2010-08-19 06:03 . 2010-08-19 06:03 -------- d-----w- c:\users\otulka\Bluetooth Software
2010-08-19 06:02 . 2010-08-19 06:02 -------- d-----w- c:\program files\WIDCOMM
2010-08-19 05:34 . 2010-08-19 06:50 -------- d-----w- c:\users\otulka\AppData\Roaming\PC Suite
2010-08-19 05:34 . 2010-08-19 07:03 -------- d-----w- c:\users\otulka\AppData\Roaming\Nokia
2010-08-19 05:34 . 2010-08-20 05:02 -------- d-----w- c:\programdata\PC Suite
2010-08-19 05:34 . 2010-08-19 05:34 -------- d-----w- c:\program files\DIFX
2010-08-19 05:34 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-08-19 05:34 . 2010-08-19 08:26 -------- dc----w- c:\windows\system32\DRVSTORE
2010-08-19 05:33 . 2010-02-26 12:32 92672 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-08-19 05:33 . 2010-08-19 08:27 -------- d-----w- c:\program files\Nokia
2010-08-19 05:33 . 2010-02-17 21:19 34701512 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Nokia_PC_Suite_cze_web.exe
2010-08-19 05:32 . 2010-08-19 05:32 95232 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe
2010-08-19 05:32 . 2010-08-19 05:32 8192 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe
2010-08-19 05:32 . 2010-08-19 05:32 61440 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-08-19 05:32 . 2010-08-19 05:32 10240 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe
2010-08-19 05:32 . 2010-08-19 07:07 -------- d-----w- c:\programdata\Installations
2010-08-19 05:07 . 2010-08-19 05:07 -------- d---a-w- C:\CrystalDisk
2010-08-19 02:14 . 2010-08-19 02:14 -------- d-----w- c:\programdata\Nero
2010-08-19 02:14 . 2010-08-19 02:14 -------- d-----w- c:\program files\Nero
2010-08-19 02:14 . 2010-08-19 02:16 -------- d-----w- c:\program files\Common Files\Ahead
2010-08-19 01:07 . 2010-08-19 01:08 -------- d-----w- c:\users\otulka\AppData\Roaming\Myntry2010
2010-08-19 01:02 . 2010-08-19 01:08 -------- d-----w- c:\users\otulka\AppData\Local\Deployment
2010-08-19 00:55 . 2010-08-19 00:55 -------- d---a-w- c:\program files\ZvetsujeOkna
2010-08-19 00:11 . 2010-08-19 00:11 -------- d-----w- c:\windows\system32\Wat
2010-08-18 23:41 . 2010-08-18 23:51 -------- d-----w- C:\SMS
2010-08-18 23:14 . 2009-12-17 22:14 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-08-18 23:14 . 2009-12-17 22:09 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-08-18 23:14 . 2009-12-17 22:08 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-08-18 23:14 . 2010-08-18 23:14 -------- d-----w- c:\users\otulka\AppData\Roaming\TuneUp Software
2010-08-18 23:14 . 2010-08-18 23:14 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-08-18 23:13 . 2010-08-18 23:14 -------- d-----w- c:\programdata\TuneUp Software
2010-08-18 23:13 . 2010-08-18 23:13 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-08-18 22:25 . 2010-08-18 22:25 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-08-18 22:24 . 2010-08-18 22:24 -------- d-----w- c:\windows\PCHEALTH
2010-08-18 22:24 . 2010-08-18 22:24 -------- d-----w- c:\program files\Microsoft.NET
2010-08-18 22:24 . 2010-08-18 22:24 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-08-18 22:24 . 2010-08-18 22:24 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-08-18 22:17 . 2010-08-18 22:17 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-08-18 22:16 . 2010-08-18 22:16 -------- d-----w- c:\program files\Microsoft Analysis Services
2010-08-18 22:16 . 2010-08-18 22:16 -------- d-----w- c:\users\otulka\AppData\Local\Microsoft Help
2010-08-18 22:16 . 2010-08-20 03:48 -------- d-----w- c:\programdata\Microsoft Help
2010-08-18 21:46 . 2010-08-18 21:46 -------- d-----w- c:\windows\system32\Macromed
2010-08-18 20:38 . 2010-08-19 12:27 -------- d-----w- c:\program files\Common Files\InstallShield
2010-08-18 20:28 . 2010-08-18 20:28 -------- d-----w- c:\windows\tiinst
2010-08-18 20:27 . 2010-08-18 20:27 319488 ----a-w- c:\windows\HideWin.exe
2010-08-18 20:25 . 2007-10-02 08:17 53248 ----a-w- c:\windows\system32\CSVer.dll
2010-08-18 20:09 . 2010-08-18 20:09 -------- d-----w- c:\programdata\Martau
2010-08-18 20:09 . 2010-08-18 20:17 -------- d-----w- c:\program files\Total Uninstall 5
2010-08-18 20:06 . 2010-08-18 20:44 -------- d-----w- c:\windows\system32\RTCOM
2010-08-18 20:02 . 2010-08-18 20:02 -------- d-----w- c:\program files\Synaptics
2010-08-18 19:55 . 2006-03-09 07:58 1060424 ----a-w- c:\windows\system32\WdfCoInstaller01000.dll
2010-08-18 19:55 . 2007-09-07 09:56 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
2010-08-18 19:55 . 2007-09-07 09:28 147456 ----a-w- c:\windows\system32\SynTPAPI.dll
2010-08-18 19:55 . 2007-09-07 09:56 192816 ----a-w- c:\windows\system32\drivers\SynTP.sys
2010-08-18 19:55 . 2007-09-07 09:20 196608 ----a-w- c:\windows\system32\SynCtrl.dll
2010-08-18 19:55 . 2007-09-07 09:19 163840 ----a-w- c:\windows\system32\SynCOM.dll
2010-08-18 19:53 . 2010-08-18 20:27 319456 ----a-w- c:\windows\DIFxAPI.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-19 19:36 . 2009-07-14 08:44 625914 ----a-w- c:\windows\system32\perfh005.dat
2010-08-19 19:36 . 2009-07-14 08:44 120000 ----a-w- c:\windows\system32\perfc005.dat
2010-08-19 08:32 . 2010-08-19 08:32 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-08-19 06:50 . 2010-08-19 06:50 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-08-18 22:25 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-08-18 20:05 . 2010-08-18 20:05 -------- d-----w- c:\program files\Realtek
2010-08-18 20:05 . 2010-08-18 20:05 -------- d--h--w- c:\program files\Temp
2010-08-18 20:02 . 2010-08-18 20:02 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2010-08-18 10:44 . 2010-08-18 10:44 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
2010-08-18 10:01 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-08-18 06:49 . 2010-08-18 06:49 -------- d-sh--we c:\programdata\Plocha
2010-08-18 06:49 . 2010-08-18 06:49 -------- d-sh--we c:\programdata\Oblíbené položky
2010-08-18 06:49 . 2010-08-18 06:49 -------- d-sh--we c:\programdata\Šablony
2010-08-18 06:49 . 2010-08-18 06:49 -------- d-sh--we c:\programdata\Nabídka Start
2010-08-18 06:49 . 2010-08-18 06:49 -------- d-sh--we c:\programdata\Dokumenty
2010-08-18 06:49 . 2010-08-18 06:49 -------- d-sh--we c:\programdata\Data aplikací
2010-08-18 06:43 . 2010-08-18 06:43 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-08-16 12:01 . 2010-03-28 09:41 3818116 ----a-r- C:\ComboFix.exe
2010-06-30 06:25 . 2010-08-18 09:39 978432 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 07:04 . 2010-06-24 07:04 136120 ----a-w- c:\windows\system32\drivers\eamonm.sys
2010-06-22 02:47 . 2010-08-18 09:38 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-22 02:47 . 2010-08-18 09:38 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-06-22 02:47 . 2010-08-18 09:38 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-06-19 06:33 . 2010-08-18 09:38 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-19 06:33 . 2010-08-18 09:38 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-19 06:23 . 2010-08-18 09:38 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-06-08 06:02 . 2010-08-18 09:38 1233920 ----a-w- c:\windows\system32\msxml3.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2010-02-28 00:20 561552 ----a-w- c:\progra~1\MICROS~2\Office14\URLREDIR.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ClocX"="c:\program files\ClocX\ClocX.exe" [2007-07-26 270336]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-03-01 451224]
"TouchFreeze"="c:\program files\TouchFreeze\TouchFreeze.exe" [2005-04-29 45056]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-07-02 2202704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-10-13 6335008]

c:\users\otulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-8-28 739880]
proces_killer - z stupce.lnk - C:\proces_killer.exe [2010-8-18 26624]
procexp.lnk - c:\program files\procexp\procexp.exe [2010-8-18 1459776]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoSecCpl"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStartMenuSubFolders"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoPrinters"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoChangeAnimation"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
backup=c:\windows\pss\TMMonitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2007-05-10 21:46 624248 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2007-12-18 08:15 72192 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-01-22 09:13 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2009-01-29 22:20 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4000 Series]
2006-09-21 02:01 139264 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIBEE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-05-28 06:27 570664 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
2010-08-18 11:25 26624 ----a-w- c:\windows\OETRN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-05-14 08:32 1479680 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2]
2009-11-26 15:45 361976 ----a-w- c:\program files\Common Files\Acronis\Plán2\schedhlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2009-11-26 15:44 5129128 ----a-w- c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMonitorVMUVC]
2008-08-29 15:27 143360 ----a-w- c:\program files\Vimicro Corporation\VMUVC\VMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

R1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2007-05-17 28464]
R3 flash;flash;c:\windows\system32\drivers\flash.sys [2005-11-17 8064]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys [2009-05-25 252416]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2008-07-01 398720]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-19 1343400]
S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys [2010-08-18 911680]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-04-28 114984]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-08-18 2480048]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-06-24 136120]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-07-02 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-04-28 41312]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-17 1044808]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2010-08-18 160288]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]


--- Ostatní služby/ovladače v paměti ---

*Deregistered* - PROCEXP100

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\otulka\AppData\Roaming\Mozilla\Firefox\Profiles\q4dyx3eh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - plugin: c:\progra~1\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\users\otulka\AppData\Roaming\Mozilla\Firefox\Profiles\q4dyx3eh.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(1616)
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\taskhost.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Acronis\Plán2\schedul2.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\conhost.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\system32\igfxsrvc.exe
c:\users\otulka\AppData\Local\Temp\RtkBtMnt.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2010-08-20 07:49:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-08-20 05:49

Před spuštěním: Volných bajtů: 55 608 946 688
Po spuštění: Volných bajtů: 55 397 789 696

- - End Of File - - 7DD89E4C7843A944F454391E095D0C2C

[JaRon]

Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Driver::
archlp

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:



po aplikacii by mal vzniknut dalsi log, ten vloz sem

[otulka]

ComboFix 10-08-18.04 - otulka 20.08.2010 10:45:40.2.1 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.1014.351 [GMT 2:00]
Spuštěný z: c:\users\otulka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\otulka\Desktop\CFScript.txt
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ARCHLP
-------\Service_archlp


((((((((((((((((((((((((( Soubory vytvořené od 2010-07-20 do 2010-08-20 )))))))))))))))))))))))))))))))
.

2010-08-20 08:55 . 2010-08-20 08:55 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-20 08:55 . 2010-08-20 08:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-20 08:14 . 2010-08-20 08:14 -------- d-----w- c:\program files\FlashFire
2010-08-20 07:26 . 2010-08-20 07:26 3560 ------w- C:\bootsqm.dat
2010-08-20 06:30 . 2010-08-20 06:30 -------- d-----w- c:\users\otulka\AppData\Local\eSupport.com
2010-08-20 05:42 . 2010-08-20 05:42 -------- d-----w- C:\Device
2010-08-20 03:03 . 2010-08-20 03:03 472576 ----a-w- c:\windows\AutoKMS.exe
2010-08-19 19:55 . 2010-08-19 19:55 -------- d-----w- c:\program files\xp-AntiSpy
2010-08-19 19:24 . 2010-08-19 19:24 -------- d-----w- c:\program files\Axesstel
2010-08-19 17:03 . 2010-08-19 17:03 28672 ----a-w- c:\windows\system32\AF15BDAEX.dll
2010-08-19 17:03 . 2010-08-19 17:03 126 ----a-w- c:\windows\system32\AF15IRTBL.bin
2010-08-19 17:03 . 2010-08-19 17:03 306816 ----a-w- c:\windows\system32\drivers\AF15BDA.sys
2010-08-19 16:06 . 2010-08-19 16:06 -------- d-----w- c:\users\otulka\AppData\Local\ArcSoft
2010-08-19 16:04 . 2006-11-10 13:05 18688 ----a-w- c:\windows\system32\drivers\afc.sys
2010-08-19 16:04 . 2010-08-19 16:04 -------- d-----w- c:\program files\MSI
2010-08-19 16:04 . 2005-04-27 14:36 245408 ----a-w- c:\windows\system32\unicows.dll
2010-08-19 16:04 . 2010-08-19 16:04 -------- d-----w- c:\program files\Common Files\ArcSoft
2010-08-19 15:58 . 2010-08-19 16:05 -------- d-----w- c:\users\otulka\AppData\Roaming\ArcSoft
2010-08-19 15:52 . 2010-08-19 15:52 -------- d-----w- c:\windows\VMUVC
2010-08-19 15:52 . 2008-07-01 09:12 398720 ----a-w- c:\windows\system32\drivers\vvftUVC.sys
2010-08-19 15:52 . 2008-09-02 15:47 94208 ----a-w- c:\windows\system32\VvFtCtrl.dll
2010-08-19 15:51 . 2010-08-19 15:51 -------- d-----w- c:\program files\Vimicro Corporation
2010-08-19 15:51 . 2009-05-25 15:31 252416 ----a-w- c:\windows\system32\drivers\VMUVC.sys
2010-08-19 15:51 . 2008-02-29 08:11 11776 ----a-w- c:\windows\system32\VMUVC.dll
2010-08-19 15:30 . 2010-08-19 15:31 -------- d-----w- c:\program files\mp3DC203
2010-08-19 15:30 . 2010-08-19 15:30 -------- d-----w- c:\users\otulka\AppData\Roaming\Media Player Classic
2010-08-19 15:29 . 2010-08-19 15:29 -------- d-----w- c:\program files\Real Alternative
2010-08-19 15:29 . 2010-08-19 15:29 -------- d-----w- c:\users\otulka\AppData\Local\Real
2010-08-19 15:23 . 2010-08-19 15:23 -------- d-----w- c:\program files\WinPcap
2010-08-19 15:20 . 2010-08-19 15:20 -------- d-----w- c:\program files\DsNET Corp
2010-08-19 15:17 . 2010-08-19 15:17 -------- d-----w- c:\program files\GIF Movie Gear
2010-08-19 15:10 . 2003-11-04 17:08 1032192 ----a-w- c:\windows\AquaReal.scr
2010-08-19 15:10 . 2010-08-19 15:10 -------- d-----w- c:\program files\Formosoft
2010-08-19 15:10 . 2002-11-15 15:56 131072 ----a-w- c:\windows\SNVerifyDLL.dll
2010-08-19 15:01 . 2010-08-19 15:01 -------- d-----w- c:\users\otulka\AppData\Local\Cosect
2010-08-19 14:59 . 2010-08-19 15:00 -------- d-----w- c:\program files\DisCryptor
2010-08-19 14:30 . 2010-08-19 16:05 -------- d-----w- c:\programdata\ArcSoft
2010-08-19 14:28 . 2010-08-19 16:24 -------- d-----w- c:\windows\Downloaded Installations
2010-08-19 13:51 . 2010-08-19 13:51 -------- d-----w- c:\program files\linguatec
2010-08-19 13:37 . 2010-08-19 13:37 -------- d-----w- c:\program files\Acapela Group
2010-08-19 13:37 . 2010-08-19 13:46 -------- d-----w- C:\Infovox2.lic
2010-08-19 13:36 . 2010-08-19 13:36 -------- d-----w- c:\users\otulka\AppData\Roaming\Balabolka
2010-08-19 13:35 . 2010-08-19 13:36 -------- d-----w- c:\program files\Balabolka
2010-08-19 13:19 . 2010-08-19 20:17 -------- d-----w- c:\program files\ABC Amber Palm Converter
2010-08-19 13:10 . 2010-08-19 13:11 -------- d-----w- c:\program files\ICE Book Reader Professional
2010-08-19 12:35 . 2010-08-19 12:35 -------- d-----w- c:\users\otulka\AppData\Roaming\EPSON
2010-08-19 12:28 . 2004-09-10 18:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2010-08-19 12:28 . 2006-08-10 00:02 75264 ----a-w- c:\windows\system32\E_FLBBEE.DLL
2010-08-19 12:28 . 2006-04-19 00:00 62976 ----a-w- c:\windows\system32\E_FD4BBEE.DLL
2010-08-19 12:28 . 2010-08-19 12:30 -------- d-----w- c:\programdata\EPSON
2010-08-19 12:23 . 2010-08-19 12:27 -------- d-----w- c:\program files\epson
2010-08-19 12:23 . 2006-10-12 22:00 61952 ----a-w- c:\windows\system32\escwiad.dll
2010-08-19 12:23 . 2005-02-24 22:00 46080 ----a-w- c:\windows\system32\escimgd.dll
2010-08-19 12:23 . 2005-02-24 22:00 22016 ----a-w- c:\windows\system32\esccmd.dll
2010-08-19 08:27 . 2010-08-19 08:27 -------- d-----w- c:\program files\Common Files\PCSuite
2010-08-19 08:27 . 2010-08-19 08:27 -------- d-----w- c:\program files\Common Files\Nokia
2010-08-19 08:26 . 2010-08-19 08:26 -------- d-----w- c:\program files\PC Connectivity Solution
2010-08-19 06:40 . 2010-08-19 06:40 -------- d-----w- c:\program files\Broadcom
2010-08-19 06:16 . 2007-08-29 17:38 99880 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2010-08-19 06:16 . 2007-05-17 16:38 28464 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2010-08-19 06:16 . 2007-08-29 17:38 17448 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2010-08-19 06:16 . 2007-08-29 17:38 81448 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2010-08-19 06:16 . 2007-08-28 16:22 233472 ----a-w- c:\windows\system32\BtwRSupport.dll
2010-08-19 06:16 . 2010-08-19 06:16 -------- d-----w- c:\windows\system32\es-MX
2010-08-19 06:16 . 2010-08-19 06:16 -------- d-----w- c:\windows\system32\es-AR
2010-08-19 06:03 . 2010-08-19 06:03 -------- d-----w- c:\users\otulka\Bluetooth Software
2010-08-19 06:02 . 2010-08-19 06:02 -------- d-----w- c:\program files\WIDCOMM
2010-08-19 05:34 . 2010-08-19 06:50 -------- d-----w- c:\users\otulka\AppData\Roaming\PC Suite
2010-08-19 05:34 . 2010-08-19 07:03 -------- d-----w- c:\users\otulka\AppData\Roaming\Nokia
2010-08-19 05:34 . 2010-08-20 05:02 -------- d-----w- c:\programdata\PC Suite
2010-08-19 05:34 . 2010-08-19 05:34 -------- d-----w- c:\program files\DIFX
2010-08-19 05:34 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-08-19 05:34 . 2010-08-19 08:26 -------- dc----w- c:\windows\system32\DRVSTORE
2010-08-19 05:33 . 2010-02-26 12:32 92672 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-08-19 05:33 . 2010-08-19 08:27 -------- d-----w- c:\program files\Nokia
2010-08-19 05:32 . 2010-08-19 07:07 -------- d-----w- c:\programdata\Installations
2010-08-19 05:07 . 2010-08-19 05:07 -------- d---a-w- C:\CrystalDisk
2010-08-19 02:14 . 2010-08-19 02:14 -------- d-----w- c:\programdata\Nero
2010-08-19 02:14 . 2010-08-19 02:14 -------- d-----w- c:\program files\Nero
2010-08-19 02:14 . 2010-08-19 02:16 -------- d-----w- c:\program files\Common Files\Ahead
2010-08-19 01:07 . 2010-08-19 01:08 -------- d-----w- c:\users\otulka\AppData\Roaming\Myntry2010
2010-08-19 01:02 . 2010-08-19 01:08 -------- d-----w- c:\users\otulka\AppData\Local\Deployment
2010-08-19 00:55 . 2010-08-19 00:55 -------- d---a-w- c:\program files\ZvetsujeOkna
2010-08-19 00:11 . 2010-08-19 00:11 -------- d-----w- c:\windows\system32\Wat
2010-08-18 23:41 . 2010-08-18 23:51 -------- d-----w- C:\SMS
2010-08-18 23:14 . 2009-12-17 22:14 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-08-18 23:14 . 2009-12-17 22:09 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-08-18 23:14 . 2009-12-17 22:08 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-08-18 23:14 . 2010-08-18 23:14 -------- d-----w- c:\users\otulka\AppData\Roaming\TuneUp Software
2010-08-18 23:14 . 2010-08-18 23:14 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-08-18 23:13 . 2010-08-18 23:14 -------- d-----w- c:\programdata\TuneUp Software
2010-08-18 23:13 . 2010-08-18 23:13 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-08-18 22:25 . 2010-08-18 22:25 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-08-18 22:24 . 2010-08-18 22:24 -------- d-----w- c:\windows\PCHEALTH
2010-08-18 22:24 . 2010-08-18 22:24 -------- d-----w- c:\program files\Microsoft.NET
2010-08-18 22:24 . 2010-08-18 22:24 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-08-18 22:24 . 2010-08-18 22:24 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-08-18 22:17 . 2010-08-18 22:17 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-08-18 22:16 . 2010-08-18 22:16 -------- d-----w- c:\program files\Microsoft Analysis Services
2010-08-18 22:16 . 2010-08-18 22:16 -------- d-----w- c:\users\otulka\AppData\Local\Microsoft Help
2010-08-18 22:16 . 2010-08-20 03:48 -------- d-----w- c:\programdata\Microsoft Help
2010-08-18 21:46 . 2010-08-18 21:46 -------- d-----w- c:\windows\system32\Macromed
2010-08-18 20:38 . 2010-08-19 12:27 -------- d-----w- c:\program files\Common Files\InstallShield
2010-08-18 20:28 . 2010-08-18 20:28 -------- d-----w- c:\windows\tiinst
2010-08-18 20:27 . 2010-08-18 20:27 319488 ----a-w- c:\windows\HideWin.exe
2010-08-18 20:25 . 2007-10-02 08:17 53248 ----a-w- c:\windows\system32\CSVer.dll
2010-08-18 20:09 . 2010-08-18 20:09 -------- d-----w- c:\programdata\Martau
2010-08-18 20:09 . 2010-08-18 20:17 -------- d-----w- c:\program files\Total Uninstall 5
2010-08-18 20:06 . 2010-08-18 20:44 -------- d-----w- c:\windows\system32\RTCOM
2010-08-18 20:02 . 2010-08-18 20:02 -------- d-----w- c:\program files\Synaptics
2010-08-18 19:55 . 2006-03-09 07:58 1060424 ----a-w- c:\windows\system32\WdfCoInstaller01000.dll
2010-08-18 19:55 . 2007-09-07 09:56 110592 ----a-w- c:\windows\system32\SynTPCo4.dll
2010-08-18 19:55 . 2007-09-07 09:28 147456 ----a-w- c:\windows\system32\SynTPAPI.dll
2010-08-18 19:55 . 2007-09-07 09:56 192816 ----a-w- c:\windows\system32\drivers\SynTP.sys
2010-08-18 19:55 . 2007-09-07 09:20 196608 ----a-w- c:\windows\system32\SynCtrl.dll
2010-08-18 19:55 . 2007-09-07 09:19 163840 ----a-w- c:\windows\system32\SynCOM.dll
2010-08-18 19:53 . 2010-08-18 20:27 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-08-18 19:18 . 2010-08-18 19:19 -------- d-----w- c:\program files\prehravac vlc-1.1.0
2010-08-18 19:18 . 2010-08-18 19:21 -------- d-----w- c:\users\otulka\AppData\Roaming\vlc
2010-08-18 18:56 . 2010-08-18 18:56 -------- d-----w- c:\program files\MSXML 4.0
2010-08-18 18:27 . 2010-08-18 18:27 -------- d-----w- c:\program files\CONEXANT
2010-08-18 18:24 . 2010-08-18 18:28 -------- d-----w- c:\users\otulka\AppData\Roaming\365dni
2010-08-18 18:24 . 2010-08-18 19:24 -------- d-----w- c:\program files\365dni
2010-08-18 18:17 . 2010-08-18 18:17 -------- d-----w- c:\windows\365dní
2010-08-18 18:05 . 2010-08-18 18:08 -------- d-----w- c:\users\otulka\AppData\Local\Screamer Radio

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-20 08:20 . 2009-07-14 08:44 625914 ----a-w- c:\windows\system32\perfh005.dat
2010-08-20 08:20 . 2009-07-14 08:44 120000 ----a-w- c:\windows\system32\perfc005.dat
2010-08-20 06:05 . 2010-08-18 20:05 -------- d--h--w- c:\program files\Temp
2010-08-19 08:32 . 2010-08-19 08:32 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-08-19 08:25 . 2010-08-19 08:25 95232 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\pcswpcsi.exe
2010-08-19 08:25 . 2010-08-19 08:25 8192 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstCCD.exe
2010-08-19 08:25 . 2010-08-19 08:25 61440 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-08-19 08:25 . 2010-08-19 08:25 10240 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Installer\CommonCustomActions\UninstPCS.exe
2010-08-19 07:07 . 2010-08-19 08:25 36684048 ----a-w- c:\programdata\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_cze_web.exe
2010-08-19 06:50 . 2010-08-19 06:50 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-08-19 05:32 . 2010-08-19 05:32 95232 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\pcswpcsi.exe
2010-08-19 05:32 . 2010-08-19 05:32 8192 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstCCD.exe
2010-08-19 05:32 . 2010-08-19 05:32 61440 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-08-19 05:32 . 2010-08-19 05:32 10240 ----a-w- c:\programdata\Installations\{19DC9559-9C20-4A46-A67D-7ECBA52A2788}\Installer\CommonCustomActions\UninstPCS.exe
2010-08-18 22:25 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-08-18 20:05 . 2010-08-18 20:05 -------- d-----w- c:\program files\Realtek
2010-08-18 20:02 . 2010-08-18 20:02 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2010-08-18 17:35 . 2010-08-18 17:35 47360 ----a-w- c:\users\otulka\AppData\Roaming\pcouffin.sys
2010-08-18 17:35 . 2010-08-18 17:35 47360 ----a-w- c:\users\otulka\AppData\Roaming\pcouffin.sys
2010-08-18 10:44 . 2010-08-18 10:44 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf
2010-08-18 10:01 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-08-18 06:49 . 2010-08-18 06:49 -------- d-sh--we c:\programdata\Plocha
2010-08-18 06:49 . 2010-08-18 06:49 -------- d-sh--we c:\programdata\Oblíbené položky
2010-08-18 06:49 . 2010-08-18 06:49 -------- d-sh--we c:\programdata\Šablony
2010-08-18 06:49 . 2010-08-18 06:49 -------- d-sh--we c:\programdata\Nabídka Start
2010-08-18 06:49 . 2010-08-18 06:49 -------- d-sh--we c:\programdata\Dokumenty
2010-08-18 06:49 . 2010-08-18 06:49 -------- d-sh--we c:\programdata\Data aplikací
2010-08-18 06:43 . 2010-08-18 06:43 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-06-30 06:25 . 2010-08-18 09:39 978432 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 07:04 . 2010-06-24 07:04 136120 ----a-w- c:\windows\system32\drivers\eamonm.sys
2010-06-22 02:47 . 2010-08-18 09:38 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-22 02:47 . 2010-08-18 09:38 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-06-22 02:47 . 2010-08-18 09:38 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-06-19 06:33 . 2010-08-18 09:38 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-19 06:33 . 2010-08-18 09:38 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-19 06:23 . 2010-08-18 09:38 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-06-08 06:02 . 2010-08-18 09:38 1233920 ----a-w- c:\windows\system32\msxml3.dll
2010-06-03 08:05 . 2010-08-18 08:57 343552 ----a-w- c:\users\otulka\AppData\Roaming\Mozilla\Firefox\Profiles\q4dyx3eh.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2010-02-28 00:20 561552 ----a-w- c:\progra~1\MICROS~2\Office14\URLREDIR.DLL

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ClocX"="c:\program files\ClocX\ClocX.exe" [2007-07-26 270336]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-03-01 451224]
"TouchFreeze"="c:\program files\TouchFreeze\TouchFreeze.exe" [2005-04-29 45056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-07-02 2202704]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-07 102400]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-10-13 6335008]

c:\users\otulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-8-28 739880]
proces_killer - z stupce.lnk - C:\proces_killer.exe [2010-8-18 26624]
procexp.lnk - c:\program files\procexp\procexp.exe [2010-8-18 1459776]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoSecCpl"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStartMenuSubFolders"= 0 (0x0)
"NoCommonGroups"= 0 (0x0)
"NoPrinters"= 0 (0x0)
"NoRecentDocsNetHood"= 0 (0x0)
"NoChangeAnimation"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
backup=c:\windows\pss\TMMonitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2007-05-10 21:46 624248 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2007-12-18 08:15 72192 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-01-22 09:13 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2009-01-29 22:20 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4000 Series]
2006-09-21 02:01 139264 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\E_FATIBEE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-05-28 06:27 570664 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
2010-08-18 11:25 26624 ----a-w- c:\windows\OETRN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-05-14 08:32 1479680 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2]
2009-11-26 15:45 361976 ----a-w- c:\program files\Common Files\Acronis\Plán2\schedhlp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2009-11-26 15:44 5129128 ----a-w- c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMonitorVMUVC]
2008-08-29 15:27 143360 ----a-w- c:\program files\Vimicro Corporation\VMUVC\VMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2007-05-17 28464]
R3 flash;flash;c:\windows\system32\drivers\flash.sys [2005-11-17 8064]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys [2009-05-25 252416]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [2008-07-01 398720]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-19 1343400]
S0 ffire;FlashFire;c:\windows\system32\DRIVERS\ffirel.sys [2009-07-23 14336]
S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys [2010-08-18 911680]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-04-28 114984]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-08-18 2480048]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-06-24 136120]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-07-02 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-04-28 41312]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-12-17 1044808]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2010-08-18 160288]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]


--- Ostatní služby/ovladače v paměti ---

*Deregistered* - PROCEXP100

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\users\otulka\AppData\Roaming\Mozilla\Firefox\Profiles\q4dyx3eh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - plugin: c:\progra~1\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\users\otulka\AppData\Roaming\Mozilla\Firefox\Profiles\q4dyx3eh.default\extensions\ietab@ip.cn\plugins\npCoralIETab.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(3632)
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Acronis\Plán2\schedul2.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\users\otulka\AppData\Local\Temp\RtkBtMnt.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
c:\totalcmd\TOTALCMD.EXE
.
**************************************************************************
.
Celkový čas: 2010-08-20 11:07:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-08-20 09:06
ComboFix2.txt 2010-08-20 05:49

Před spuštěním: Volných bajtů: 55 408 214 016
Po spuštění: Volných bajtů: 55 318 839 296

- - End Of File - - 341031B7F6A73FD04CEBA5393056C6D9

[otulka]

TuneUp už to nehlásí jako vadu .
Co to bylo?

[JaRon]

odinstaluj toto c:\program files\xp-AntiSpy
+
preventivne prescanuj PC s MBAM - ale nevidiet tam ziadne hlbsie problemy