Kontrola logu-zpomalené stahování z internetu

Zpráva

matejr · #1 Příspěvek od **matejr** » 03 pro 2010 21:55

Dobrý den prosím o kontrolu logu.Vždycky jsem stahoval rychlostí cca 1600kb/s a nyní z ničeho nic už asi týden nedostanu z DAP více než 260 kb/s.Musí být nějaký problém u mě protože švagr je napojen se mnou do sítě a jede mu to v pohodě cca těch 1600 kb/s přes DAP.Díky za všechny rady,log přikládám.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Roman Matějek at 2010-12-03 21:53:37
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 31 GB (20%) free of 153 GB
Total RAM: 2047 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:54:04, on 3.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Fighters\sfagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Cheetah Burner\Cheetah DVD Burner\NMSAccess.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Fighters\sfus.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fighters\FighterSuiteService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\DAP\DAP.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Roman Matějek\Plocha\Stažené\RSIT.exe
C:\Program Files\trend micro\Roman Matějek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: SBCONVERT - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Program Files\SpeedBit Video Downloader\TBU2A\tbcore3.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SearchPredictObj Class - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SBCONVERT - {A1056498-D09A-41E4-864B-505EDD640D9E} - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Download Accelerator Plus Integration - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
O2 - BHO: GrabberObj Class - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\SPEEDB~2\TBU2A\grabber.dll
O3 - Toolbar: &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: SpeedBit Video Downloader - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Program Files\SpeedBit Video Downloader\TBU2A\tbcore3.dll
O3 - Toolbar: Sopcast Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [sfagent] C:\Program Files\Fighters\sfagent.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [IETI] C:\Program Files\Skype\Phone\IEPlugin\unins000.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART (User 'Default user')
O4 - Startup: setup_9.0.0.722_03.12.2010_18-17.lnk = ?
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Přelož do češtiny - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5034
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Hledej v &Seznamu - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5033
O8 - Extra context menu item: Hledej v Seznam &Fulltextu - res://C:\Program Files\Seznam\Listicka\Toolbar.dll/5035
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A6112F2-F9D1-4FBF-A6EC-B67B22915873} -
O16 - DPF: {1B3F4474-0BCC-436A-8D0D-796C5D5AAB5D} -
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} -
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\Cheetah Burner\Cheetah DVD Burner\NMSAccess.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\Fighters\sfus.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files\Fighters\FighterSuiteService.exe

--
End of file - 14852 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Automatic troubleshooting.job
C:\WINDOWS\tasks\DriverCure.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\ParetoLogic Registration.job
C:\WINDOWS\tasks\ParetoLogic Update Version2.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{1149DA1D-631F-4CB7-BB0E-EB7CC5AB3029}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2007-02-17 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
SBCONVERT Class - C:\Program Files\SpeedBit Video Downloader\TBU2A\tbcore3.dll [2010-11-27 2447360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-08-26 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]
SearchPredictObj Class - C:\PROGRA~1\SEARCH~1\SEARCH~1.DLL [2010-02-28 435688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1056498-D09A-41E4-864B-505EDD640D9E}]
SBCONVERT Class - C:\Program Files\SpeedBit Video Downloader\Toolbar\SpeedBitVideoDownloader.dll [2010-04-04 41984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar4.dll [2007-01-19 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Sopcast Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
Download Accelerator Plus Integration - C:\PROGRA~1\DAP\DAPIEL~1.DLL [2010-11-27 141568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF7C3CF0-4B15-11D1-ABED-709549C10000}]
GrabberObj Class - C:\PROGRA~1\SPEEDB~2\TBU2A\grabber.dll [2010-11-27 186632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CE-3093-459C-B764-AEB2486F2273} - &Seznam Lištička - C:\Program Files\Seznam\Listicka\Toolbar.dll [2005-11-04 790528]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar4.dll [2007-01-19 2403392]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2007-02-17 491520]
{0329E7D6-6F54-462D-93F6-F5C3118BADF2} - SpeedBit Video Downloader - C:\Program Files\SpeedBit Video Downloader\TBU2A\tbcore3.dll [2010-11-27 2447360]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Sopcast Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Tweak UI"=TWEAKUI.CPL,TweakMeUp []
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-09-08 421888]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 98304]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"sfagent"=C:\Program Files\Fighters\sfagent.exe [2010-10-21 760968]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-11-11 421160]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-10-08 47904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-09-02 13351304]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"WLSetupSvc"=3
"UleadBurningHelper"=2
"TuneUp.UtilitiesSvc"=2
"TuneUp.Defrag"=3
"StarWindServiceAE"=2
"ServiceLayer"=3
"ose"=3
"O&O Defrag"=2
"NBService"=3
"LightScribeService"=2
"gusvc"=3
"Capture Device Service"=2

C:\Documents and Settings\Roman Matějek\Nabídka Start\Programy\Po spuštění
setup_9.0.0.722_03.12.2010_18-17.lnk - C:\Documents and Settings\Roman Matějek\Plocha\Virus Removal Tool\setup_9.0.0.722_03.12.2010_18-17\startup.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-09-11 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tdssserv.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdssserv.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"HonorAutoRunSetting"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\RpcAgentSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service"
"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Activision\Transformers - Revenge of the Fallen\Transformers2.exe"="C:\Program Files\Activision\Transformers - Revenge of the Fallen\Transformers2.exe:*:Enabled:Transformers(TM) - Revenge of the Fallen(TM)"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Firewall GUI"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======List of files/folders created in the last 1 months======

2010-12-03 17:24:07 ----A---- C:\WINDOWS\system32\drivers\51789782.sys
2010-12-03 17:24:07 ----A---- C:\WINDOWS\system32\drivers\51789781.sys
2010-12-03 17:24:07 ----A---- C:\WINDOWS\system32\drivers\5178978.sys
2010-11-14 22:01:25 ----D---- C:\Program Files\Mirečka prezentace
2010-11-13 10:45:02 ----D---- C:\Program Files\iPod
2010-11-13 10:34:56 ----D---- C:\Program Files\Safari
2010-11-11 20:39:38 ----D---- C:\Program Files\Common Files\DESIGNER
2010-11-11 20:07:49 ----D---- C:\Program Files\Fighters
2010-11-11 20:07:31 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Fighters
2010-11-11 20:07:06 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{1BBDB15E-BE9E-4EEA-8849-CB176F3F62A4}
2010-11-11 20:04:56 ----D---- C:\Documents and Settings\Roman Matějek\Data aplikací\Fighters
2010-11-10 21:38:58 ----A---- C:\WINDOWS\system32\msonpmon.dll
2010-11-10 21:33:30 ----D---- C:\Program Files\Microsoft Works
2010-11-10 21:32:37 ----D---- C:\Program Files\Microsoft Visual Studio
2010-11-10 21:31:20 ----D---- C:\Program Files\Microsoft.NET
2010-11-10 21:20:50 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-11-10 21:17:58 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-11-10 21:14:29 ----RHDC---- C:\MSOCache
2010-11-06 15:16:46 ----SHDC---- C:\Documents and Settings\All Users\Data aplikací\DSS
2010-11-06 14:15:43 ----D---- C:\Program Files\Electronic Arts
2010-11-05 22:27:14 ----D---- C:\Documents and Settings\Roman Matějek\Data aplikací\DAEMON Tools Lite
2010-11-05 22:26:48 ----DC---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite

======List of files/folders modified in the last 1 months======

2010-12-03 21:53:52 ----D---- C:\Program Files\trend micro
2010-12-03 21:52:00 ----D---- C:\WINDOWS\Temp
2010-12-03 21:37:33 ----D---- C:\Documents and Settings\Roman Matějek\Data aplikací\Skype
2010-12-03 21:36:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-12-03 21:36:17 ----D---- C:\WINDOWS\system32\drivers
2010-12-03 21:35:31 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2010-12-03 21:35:09 ----AD---- C:\WINDOWS
2010-12-03 21:08:42 ----D---- C:\Documents and Settings\Roman Matějek\Data aplikací\skypePM
2010-12-03 21:05:31 ----D---- C:\WINDOWS\system32
2010-12-03 21:02:26 ----AC---- C:\rapport.txt
2010-12-03 20:43:12 ----A---- C:\WINDOWS\system32\tmp.txt
2010-12-03 20:11:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-12-03 20:08:34 ----D---- C:\WINDOWS\Debug
2010-12-03 17:35:29 ----SHD---- C:\System Volume Information
2010-12-03 17:28:46 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-03 17:24:32 ----HD---- C:\WINDOWS\inf
2010-12-03 17:11:02 ----D---- C:\WINDOWS\system32\config
2010-11-30 19:04:41 ----ADC---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-11-30 19:00:14 ----D---- C:\Program Files\DAP
2010-11-28 13:35:21 ----D---- C:\Documents and Settings\Roman Matějek\Data aplikací\dvdcss
2010-11-28 12:39:29 ----AD---- C:\Program Files
2010-11-27 20:02:48 ----D---- C:\Program Files\Uniblue
2010-11-27 15:15:01 ----DC---- C:\Documents and Settings\All Users\Data aplikací\SpeedBit
2010-11-27 15:15:00 ----D---- C:\Program Files\SpeedBit Video Downloader
2010-11-27 15:15:00 ----D---- C:\Program Files\SearchPredict
2010-11-21 21:16:28 ----D---- C:\WINDOWS\Prefetch
2010-11-20 19:21:23 ----DC---- C:\Config.Msi
2010-11-20 19:21:22 ----SHD---- C:\WINDOWS\Installer
2010-11-20 19:21:22 ----D---- C:\WINDOWS\WinSxS
2010-11-20 19:16:51 ----RSD---- C:\WINDOWS\assembly
2010-11-20 19:14:48 ----D---- C:\WINDOWS\system32\DirectX
2010-11-20 19:14:27 ----D---- C:\WINDOWS\Logs
2010-11-20 18:36:36 ----D---- C:\Program Files\Activision
2010-11-19 21:12:29 ----AC---- C:\WINDOWS\NeroDigital.ini
2010-11-19 21:12:23 ----D---- C:\Documents and Settings\Roman Matějek\Data aplikací\Media Player Classic
2010-11-19 21:10:34 ----D---- C:\Program Files\Micro DVD Player
2010-11-18 19:02:54 ----D---- C:\Program Files\Mirečka - Sociální pedagogika
2010-11-15 21:31:40 ----D---- C:\Program Files\PowerArchiver
2010-11-13 10:46:08 ----D---- C:\Program Files\iTunes
2010-11-13 10:44:59 ----D---- C:\Program Files\Common Files\Apple
2010-11-13 10:40:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-11-13 09:52:41 ----D---- C:\Program Files\Easy CD-DA Extractor 12
2010-11-13 09:51:48 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Easy CD-DA Extractor
2010-11-13 09:51:45 ----D---- C:\WINDOWS\Easy CD-DA Extractor 12.0.4
2010-11-12 23:25:28 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-11 21:07:56 ----RSD---- C:\WINDOWS\Fonts
2010-11-11 21:07:44 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-11-11 21:04:02 ----AC---- C:\WINDOWS\win.ini
2010-11-11 21:04:00 ----D---- C:\Program Files\Common Files\System
2010-11-11 20:41:08 ----SD---- C:\Documents and Settings\Roman Matějek\Data aplikací\Microsoft
2010-11-11 20:39:38 ----AD---- C:\Program Files\Common Files
2010-11-11 20:11:10 ----D---- C:\WINDOWS\system32\CatRoot
2010-11-11 20:09:29 ----D---- C:\WINDOWS\system32\wbem
2010-11-10 21:44:08 ----D---- C:\WINDOWS\ShellNew
2010-11-10 21:32:56 ----D---- C:\Program Files\Microsoft Office
2010-11-10 21:31:20 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-11-10 21:10:12 ----AC---- C:\WINDOWS\system32\MRT.exe
2010-11-06 13:55:47 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-11-06 13:50:34 ----D---- C:\Program Files\DAEMON Tools Lite

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 51789782;51789782 Boot Guard Driver; C:\WINDOWS\system32\DRIVERS\51789782.sys [2009-10-22 37392]
R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2009-12-02 64288]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-07-06 72896]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-03-26 51200]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-05 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 51789781;51789781; C:\WINDOWS\system32\DRIVERS\51789781.sys [2009-09-25 128016]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [2006-08-25 25244]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2008-02-27 3840]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392]
R1 FileDisk;FileDisk; C:\WINDOWS\system32\drivers\FileDisk.sys [2005-10-16 12928]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 302000]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 72624]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-07-06 79232]
R1 setup_9.0.0.722_03.12.2010_18-17drv;setup_9.0.0.722_03.12.2010_18-17drv; C:\WINDOWS\system32\DRIVERS\5178978.sys [2009-10-09 315408]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-12-01 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-12-01 25888]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-03-20 3960000]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2007-11-30 97216]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-09-11 5417472]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-07-02 89600]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2006-12-15 34760]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-07-28 116736]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-11-24 33408]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-11-24 12928]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-02-01 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-01-12 10368]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
S0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
S0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-04-24 100736]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 TinaKey;TinaKey; C:\WINDOWS\system32\drivers\TinaKey.sys []
S3 a79gm8ph;a79gm8ph; C:\WINDOWS\system32\drivers\a79gm8ph.sys []
S3 abixpf3f;abixpf3f; C:\WINDOWS\system32\drivers\abixpf3f.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.SYS []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\WNt500x86\Sandra.sys []
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys []
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-09-28 41984]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-09-11 606208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 LicCtrlService;LicCtrl Service; C:\WINDOWS\runservice.exe [2010-10-30 16384]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 NMSAccess;NMSAccess; C:\Program Files\Cheetah Burner\Cheetah DVD Burner\NMSAccess.exe [2005-12-07 45056]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-08-21 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-08-21 103736]
R2 SPAMfighter Update Service;SPAMfighter Update Service; C:\Program Files\Fighters\sfus.exe [2010-10-21 189064]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe [2007-04-26 1234480]
R2 Suite Service;Suite Service; C:\Program Files\Fighters\FighterSuiteService.exe [2010-10-21 1130120]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-11-11 820008]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-02-25 593920]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-16 136176]
S2 Mysee2_Runtime;Mysee2_Runtime; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-09-28 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-03 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S4 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2006-08-11 200704]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S4 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-01-03 435016]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-11-13 1021256]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2007-01-18 67056]
S4 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 04 pro 2010 10:13

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

matejr · #3 Příspěvek od **matejr** » 04 pro 2010 14:51

Ok vyzkouším a dam vědet.Zatím díky

matejr · #4 Příspěvek od **matejr** » 04 pro 2010 15:24

Vkládám log z Combofixu

ComboFix 10-12-03.03 - Roman Matějek 04.12.2010 15:04:55.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1482 [GMT 1:00]
Spuštěný z: c:\documents and settings\Roman Matějek\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *enabled* {BFD080F6-3BF0-40E1-9507-9CA969C35870}
.
ADS - WINDOWS: deleted 48 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\badcdrepair\WhenUUninst.exe
c:\program files\RegGenie
c:\program files\RegGenie\Backups\40167,9210825347
c:\program files\RegGenie\RegGenie.ini
c:\program files\SpeedBit Video Downloader\Toolbar\tbhelper.dll
c:\windows\system32\tmp.reg
c:\windows\w32dasm8.ini

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-04 do 2010-12-04 )))))))))))))))))))))))))))))))
.

2010-12-03 16:24 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\51789782.sys
2010-12-03 16:24 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\5178978.sys
2010-12-03 16:24 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\51789781.sys
2010-11-20 17:51 . 2010-11-20 17:51 -------- d-----w- c:\documents and settings\Roman Matějek\Local Settings\Data aplikací\Activision
2010-11-14 21:01 . 2010-11-28 11:44 -------- d-----w- c:\program files\Mirečka prezentace
2010-11-13 13:24 . 2010-11-13 13:24 -------- d-----w- c:\documents and settings\NetworkService\Data aplikací\Apple Computer
2010-11-13 10:14 . 2010-11-13 10:14 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\Apple Computer
2010-11-13 09:45 . 2010-11-13 09:45 -------- d-----w- c:\program files\iPod
2010-11-13 09:34 . 2010-11-13 09:35 -------- d-----w- c:\program files\Safari
2010-11-11 19:07 . 2010-12-04 13:56 -------- d-----w- c:\program files\Fighters
2010-11-11 19:07 . 2010-11-11 19:08 -------- dc----w- c:\documents and settings\All Users\Data aplikací\Fighters
2010-11-11 19:07 . 2010-11-11 19:09 -------- dc-h--w- c:\documents and settings\All Users\Data aplikací\{1BBDB15E-BE9E-4EEA-8849-CB176F3F62A4}
2010-11-11 19:04 . 2010-11-11 19:07 -------- d-----w- c:\documents and settings\Roman Matějek\Data aplikací\Fighters
2010-11-11 19:04 . 2010-11-11 19:04 -------- d-----w- c:\documents and settings\Roman Matějek\Local Settings\Data aplikací\PackageAware
2010-11-10 20:38 . 2008-11-10 10:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2010-11-10 20:38 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-11-10 20:33 . 2010-11-11 20:07 -------- d-----w- c:\program files\Microsoft Works
2010-11-10 20:31 . 2010-11-10 20:31 -------- d-----w- c:\program files\Microsoft.NET
2010-11-10 20:20 . 2010-11-10 20:20 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-11-10 20:18 . 2010-11-10 20:18 -------- d-----w- c:\documents and settings\Roman Matějek\Local Settings\Data aplikací\Microsoft Help
2010-11-10 20:17 . 2010-11-12 16:58 -------- dc----w- c:\documents and settings\All Users\Data aplikací\Microsoft Help
2010-11-10 20:14 . 2010-11-10 20:14 -------- dc----r- C:\MSOCache
2010-11-06 14:16 . 2010-11-06 14:16 -------- dcsh--w- c:\documents and settings\All Users\Data aplikací\DSS
2010-11-06 13:15 . 2010-11-14 20:08 -------- d-----w- c:\program files\Electronic Arts
2010-11-05 21:27 . 2010-11-06 12:54 -------- d-----w- c:\documents and settings\Roman Matějek\Data aplikací\DAEMON Tools Lite
2010-11-05 21:26 . 2010-11-05 21:27 -------- dc----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-29 16:42 . 2009-03-30 17:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-29 16:42 . 2009-03-30 17:07 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-05 21:27 . 2006-01-13 21:09 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-10-30 19:27 . 2010-10-30 19:27 48640 ----a-w- c:\windows\mmfs.dll
2010-10-30 19:27 . 2010-10-30 19:27 249856 ----a-w- c:\windows\lcmmfu.cpl
2010-10-30 19:27 . 2010-10-30 19:27 16384 ----a-w- c:\windows\runservice.exe
2010-10-29 10:35 . 2010-10-29 10:34 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-10-13 19:46 . 2010-10-13 19:46 3584 ----a-r- c:\documents and settings\Roman Matějek\Data aplikací\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2010-09-28 14:44 . 2010-10-14 15:54 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-09-28 14:44 . 2010-10-14 15:54 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-09-25 19:54 . 2008-02-28 19:48 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-25 19:54 . 2008-02-28 19:48 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-18 10:23 . 2001-10-25 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2001-10-25 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2001-10-25 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2001-10-25 12:00 953856 ------w- c:\windows\system32\mfc40u.dll
2010-09-11 02:19 . 2005-12-31 00:03 5417472 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-09-11 01:57 . 2009-08-14 01:21 57344 ----a-w- c:\windows\system32\aticalrt.dll
2010-09-11 01:57 . 2009-08-14 01:20 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-09-11 01:56 . 2009-08-14 01:19 4419584 ----a-w- c:\windows\system32\aticaldd.dll
2010-09-11 01:54 . 2008-09-06 03:09 16248832 ----a-w- c:\windows\system32\atioglxx.dll
2010-09-11 01:50 . 2009-09-01 14:57 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-09-11 01:43 . 2009-09-01 14:57 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-09-11 01:42 . 2005-12-31 00:03 300544 ----a-w- c:\windows\system32\ati2dvag.dll
2010-09-11 01:39 . 2005-12-31 00:03 3942880 ----a-w- c:\windows\system32\ati3duag.dll
2010-09-11 01:29 . 2008-09-06 02:23 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-09-11 01:26 . 2008-09-06 03:56 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-09-11 01:26 . 2008-09-06 03:56 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-09-11 01:26 . 2008-09-06 03:56 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-09-11 01:26 . 2008-09-06 03:56 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-09-11 01:26 . 2008-09-06 03:55 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-09-11 01:25 . 2005-12-31 00:03 2669312 ----a-w- c:\windows\system32\ativvaxx.dll
2010-09-11 01:25 . 2008-09-06 03:54 606208 ----a-w- c:\windows\system32\ati2evxx.exe
2010-09-11 01:24 . 2008-09-06 03:52 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-09-11 01:23 . 2010-04-18 18:48 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-09-11 01:19 . 2008-09-06 03:05 634880 ----a-w- c:\windows\system32\atikvmag.dll
2010-09-11 01:18 . 2008-09-06 03:03 192512 ----a-w- c:\windows\system32\atiadlxx.dll
2010-09-11 01:17 . 2008-09-06 03:03 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-09-11 01:13 . 2005-12-31 00:03 696320 ----a-w- c:\windows\system32\ati2cqag.dll
2010-09-11 01:11 . 2009-08-14 01:25 64512 ----a-w- c:\windows\system32\atimpc32.dll
2010-09-11 01:11 . 2008-09-06 03:09 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2010-09-11 01:11 . 2008-09-06 03:18 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-09-10 05:52 . 2002-09-20 16:05 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2002-09-20 16:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-10 05:52 . 2002-09-20 16:04 43520 ------w- c:\windows\system32\licmgr10.dll
2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-07 15:12 . 2010-08-09 18:12 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2005-12-29 20:21 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2005-12-29 20:21 46672 -c--a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2008-04-01 17:23 165584 -c--a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2005-12-29 20:21 23376 -c--a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2005-12-29 20:21 100176 -c--a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-07 14:47 . 2005-12-29 20:21 94544 -c--a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-07 14:47 . 2008-04-01 17:23 17744 -c--a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-07 14:46 . 2005-12-29 20:21 28880 -c--a-w- c:\windows\system32\drivers\aavmker4.sys
2009-03-31 19:58 . 2009-03-31 19:58 60526 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2009-03-31 19:58 . 2009-03-31 19:58 49256 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2009-03-31 19:58 . 2009-03-31 19:58 166000 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
2008-04-14 03:22 60416 -csha-w- c:\windows\ServicePackFiles\i386\msimn.exe
.

------- Sigcheck -------

[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 18:40 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
2010-11-27 14:15 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\TBU2A\tbcore3.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 14:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 13351304]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tweak UI"="TWEAKUI.CPL" [2003-03-25 106544]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-24 98304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"sfagent"="c:\program files\Fighters\sfagent.exe" [2010-10-21 760968]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-10 421160]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-10-08 47904]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WLSetupSvc"=3 (0x3)
"UleadBurningHelper"=2 (0x2)
"TuneUp.UtilitiesSvc"=2 (0x2)
"TuneUp.Defrag"=3 (0x3)
"StarWindServiceAE"=2 (0x2)
"ServiceLayer"=3 (0x3)
"ose"=3 (0x3)
"O&O Defrag"=2 (0x2)
"NBService"=3 (0x3)
"LightScribeService"=2 (0x2)
"gusvc"=3 (0x3)
"Capture Device Service"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"Start WingMan Profiler"="c:\program files\Logitech\Profiler\lwemon.exe" /noui
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
"BrowserChoice"="c:\windows\system32\browserchoice.exe" /run
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"HPDJ Taskbar Utility"=c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" /s
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" /STARTUP
"QuickTime Task"="c:\windows\system32\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"MP10_EnsureFileVer"=c:\windows\inf\unregmp2.exe /EnsureFileVersions
"SoundMan"=SOUNDMAN.EXE
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"B2C_AGENT"=c:\documents and settings\All Users\Data aplikací\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2009\\RpcAgentSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2009\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer_Service.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 51789782;51789782 Boot Guard Driver;c:\windows\system32\drivers\51789782.sys [3.12.2010 17:24 37392]
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [19.1.2006 20:22 160640]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [28.12.2009 22:04 64288]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [13.1.2006 22:09 691696]
R1 51789781;51789781;c:\windows\system32\drivers\51789781.sys [3.12.2010 17:24 128016]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.4.2008 18:23 165584]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26.4.2007 9:21 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26.4.2007 9:21 72624]
R1 setup_9.0.0.722_03.12.2010_18-17drv;setup_9.0.0.722_03.12.2010_18-17drv;c:\windows\system32\drivers\5178978.sys [3.12.2010 17:24 315408]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.4.2008 18:23 17744]
R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\Fighters\sfus.exe [21.10.2010 13:44 189064]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [26.4.2007 9:21 1234480]
R2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [21.10.2010 13:44 1130120]
S0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [19.1.2006 20:22 5248]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [16.4.2010 18:39 136176]
S2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe [30.10.2010 20:27 16384]
S2 Mysee2_Runtime;Mysee2_Runtime;c:\windows\System32\svchost.exe -k mysee2 [25.10.2001 13:00 14336]
S2 TinaKey;TinaKey; [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [13.11.2009 9:49 1021256]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
mysee2 REG_MULTI_SZ Mysee2_Runtime

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-12-04 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-11-13 08:54]

2010-01-10 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-04-26 12:44]

2010-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-16 17:38]

2010-12-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-16 17:38]

2010-12-03 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]

2010-04-30 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]

2010-12-03 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-02-04 14:50]

2010-12-04 c:\windows\Tasks\User_Feed_Synchronization-{1149DA1D-631F-4CB7-BB0E-EB7CC5AB3029}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: &Přelož do češtiny - c:\program files\Seznam\Listicka\Toolbar.dll/5034
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Hledej v &Seznamu - c:\program files\Seznam\Listicka\Toolbar.dll/5033
IE: Hledej v Seznam &Fulltextu - c:\program files\Seznam\Listicka\Toolbar.dll/5035
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
DPF: {0A6112F2-F9D1-4FBF-A6EC-B67B22915873}
DPF: {1B3F4474-0BCC-436A-8D0D-796C5D5AAB5D}
FF - ProfilePath - c:\documents and settings\Roman Matějek\Data aplikací\Mozilla\Firefox\Profiles\addqhfqk.default\
FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll
FF - component: c:\program files\SpeedBit Video Downloader\SPFireFox\components\Engine.dll
FF - plugin: c:\program files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll
FF - plugin: c:\program files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMySrch.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Photosynth\npPhotosynthMozilla.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLC\npvlc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Extension: SpeedBit Video Downloader: {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - c:\program files\SpeedBit Video Downloader\SPFireFox
FF - Extension: Download Accelerator Plus (DAP) extension: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08} - c:\program files\DAP\DAPFireFox
.
.
------- Asociace souborů -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKU-Default-RunOnce-IETI - c:\program files\Skype\Phone\IEPlugin\unins000.exe
SafeBoot-WudfPf
SafeBoot-WudfRd

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-04 15:16
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \D25BC253F035D347]
"1"=hex:6a,0b,56,13,c1,93,dc,9c,fb,61,a2,a0,e4,ff,91,20,60,bf,2f,c2,35,91,ae,
25
"2"=hex:fb,e6,50,7f,41,f4,51,a7,7f,ec,2d,f9,42,45,3a,02,3a,b7,45,15,3f,9d,8b,
c3
"3"=hex:6a,0b,56,13,c1,93,dc,9c,fb,61,a2,a0,e4,ff,91,20,5d,f5,58,d1,21,e0,48,
8b,38,57,44,9c,4e,8d,78,88,fd,f1,01,9d,86,d8,b5,cb,d9,bf,23,55,4a,bb,31,1f

[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \D25BC253F035D347\0BB4AB33ED50D261F5C8A2C244CF5435]
"1"=hex:df,c7,3a,96,ab,66,13,d2,36,78,6c,b8,10,1c,c4,b0,41,14,92,53,8b,f4,9f,
53,ff,8f,6c,08,d5,ab,f1,06
"2"=hex:7d,73,4a,d4,1d,ee,c7,5a
"3"=hex:81,20,8f,ab,28,6a,52,9c
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:97,e4,84,cd,95,83,bf,82,bd,04,75,27,c9,a8,72,b1,55,38,49,8a,a6,16,a2,
28,28,eb,ee,eb,0f,d6,d6,b8,f4,df,4a,8d,b5,18,4f,2a,0d,c4,ee,cf,81,df,fe,df,\
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,2e,4e,96,8c,7e,a3,52,
64,3a,77,a0,c6,f3,8c,f2,ae,2e,ea,bc,14,1c,92,a4,c2,43,3d,0b,78,bd,76,70,3e,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:b6,dd,00,4d,9d,38,11,d1
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1468)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2010-12-04 15:22:20
ComboFix-quarantined-files.txt 2010-12-04 14:22

Před spuštěním: Volných bajtů: 31 574 462 464
Po spuštění: Volných bajtů: 31 818 878 976

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /usepmtimer

- - End Of File - - BCFC6C86F4D43970953F2984451E5090

#5 Příspěvek od **Rudy** » 04 pro 2010 15:47

Ještě dočistíme. otevřte poznámkový blok a zkopírujte do něj:

Collect::
c:\windows\system32\drivers\51789782.sys
c:\windows\system32\drivers\5178978.sys
c:\windows\system32\drivers\51789781.sys

Driver::
51789782
51789781
5178978

Folder::
c:\program files\Ask.com

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
[-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-

FCopy::
c:\windows\system32\dllcache\atapi.sys | c:\windows\system32\drivers\atapi.sys

matejr · #6 Příspěvek od **matejr** » 04 pro 2010 17:35

Dobře,skopíroval jsem do notepadu a co dál?

#7 Příspěvek od **Rudy** » 05 pro 2010 10:00

matejr píše:Dobře,skopíroval jsem do notepadu a co dál?

Promiňte, zapoměl jsem to dokončit, tlačil mne včera čas. Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

matejr · #8 Příspěvek od **matejr** » 05 pro 2010 12:54

Dokončeno,vkládám další log

ComboFix 10-12-04.01 - Roman Matějek 05.12.2010 12:17:34.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1321 [GMT 1:00]
Spuštěný z: c:\documents and settings\Roman Matějek\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Roman Matějek\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *enabled* {BFD080F6-3BF0-40E1-9507-9CA969C35870}

file zipped: c:\windows\system32\drivers\5178978.sys
file zipped: c:\windows\system32\drivers\51789781.sys
file zipped: c:\windows\system32\drivers\51789782.sys
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\windows\system32\drivers\5178978.sys
c:\windows\system32\drivers\51789781.sys
c:\windows\system32\drivers\51789782.sys

.
--------------- FCopy ---------------

c:\windows\system32\dllcache\atapi.sys --> c:\windows\system32\drivers\atapi.sys
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_51789781
-------\Legacy_51789782
-------\Service_51789781
-------\Service_51789782
-------\Legacy_setup_9.0.0.722_03.12.2010_18-17drv
-------\Service_setup_9.0.0.722_03.12.2010_18-17drv

((((((((((((((((((((((((( Soubory vytvořené od 2010-11-05 do 2010-12-05 )))))))))))))))))))))))))))))))
.

2010-12-05 11:03 . 2010-12-05 11:03 -------- d-----w- c:\windows\LastGood.Tmp
2010-12-04 19:05 . 2010-12-04 19:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Adobe
2010-12-04 17:26 . 2010-12-04 17:26 -------- d-----w- c:\documents and settings\Roman Matějek\Data aplikací\Windows Desktop Search
2010-12-04 16:55 . 2010-12-05 11:04 -------- d-----w- c:\program files\Windows Desktop Search
2010-12-04 16:53 . 2008-03-07 17:02 98304 ------w- c:\windows\system32\dllcache\nlhtml.dll
2010-12-04 16:53 . 2008-03-07 17:02 29696 ------w- c:\windows\system32\dllcache\mimefilt.dll
2010-12-04 16:53 . 2008-03-07 17:02 192000 ------w- c:\windows\system32\dllcache\offfilt.dll
2010-11-20 17:51 . 2010-11-20 17:51 -------- d-----w- c:\documents and settings\Roman Matějek\Local Settings\Data aplikací\Activision
2010-11-14 21:01 . 2010-11-28 11:44 -------- d-----w- c:\program files\Mirečka prezentace
2010-11-13 13:24 . 2010-11-13 13:24 -------- d-----w- c:\documents and settings\NetworkService\Data aplikací\Apple Computer
2010-11-13 10:14 . 2010-11-13 10:14 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\Apple Computer
2010-11-13 09:45 . 2010-11-13 09:45 -------- d-----w- c:\program files\iPod
2010-11-13 09:34 . 2010-11-13 09:35 -------- d-----w- c:\program files\Safari
2010-11-11 19:07 . 2010-12-05 11:01 -------- d-----w- c:\program files\Fighters
2010-11-11 19:07 . 2010-11-11 19:08 -------- dc----w- c:\documents and settings\All Users\Data aplikací\Fighters
2010-11-11 19:07 . 2010-11-11 19:09 -------- dc-h--w- c:\documents and settings\All Users\Data aplikací\{1BBDB15E-BE9E-4EEA-8849-CB176F3F62A4}
2010-11-11 19:04 . 2010-11-11 19:07 -------- d-----w- c:\documents and settings\Roman Matějek\Data aplikací\Fighters
2010-11-11 19:04 . 2010-11-11 19:04 -------- d-----w- c:\documents and settings\Roman Matějek\Local Settings\Data aplikací\PackageAware
2010-11-10 20:38 . 2008-11-10 10:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2010-11-10 20:38 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-11-10 20:33 . 2010-11-11 20:07 -------- d-----w- c:\program files\Microsoft Works
2010-11-10 20:31 . 2010-11-10 20:31 -------- d-----w- c:\program files\Microsoft.NET
2010-11-10 20:20 . 2010-11-10 20:20 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-11-10 20:18 . 2010-11-10 20:18 -------- d-----w- c:\documents and settings\Roman Matějek\Local Settings\Data aplikací\Microsoft Help
2010-11-10 20:17 . 2010-11-12 16:58 -------- dc----w- c:\documents and settings\All Users\Data aplikací\Microsoft Help
2010-11-10 20:14 . 2010-11-10 20:14 -------- dc----r- C:\MSOCache
2010-11-06 14:16 . 2010-11-06 14:16 -------- dcsh--w- c:\documents and settings\All Users\Data aplikací\DSS
2010-11-06 13:15 . 2010-11-14 20:08 -------- d-----w- c:\program files\Electronic Arts
2010-11-05 21:27 . 2010-11-06 12:54 -------- d-----w- c:\documents and settings\Roman Matějek\Data aplikací\DAEMON Tools Lite
2010-11-05 21:26 . 2010-11-05 21:27 -------- dc----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-29 16:42 . 2009-03-30 17:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-29 16:42 . 2009-03-30 17:07 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-05 21:27 . 2006-01-13 21:09 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-10-30 19:27 . 2010-10-30 19:27 48640 ----a-w- c:\windows\mmfs.dll
2010-10-30 19:27 . 2010-10-30 19:27 249856 ----a-w- c:\windows\lcmmfu.cpl
2010-10-30 19:27 . 2010-10-30 19:27 16384 ----a-w- c:\windows\runservice.exe
2010-10-29 10:35 . 2010-10-29 10:34 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-10-13 19:46 . 2010-10-13 19:46 3584 ----a-r- c:\documents and settings\Roman Matějek\Data aplikací\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2010-09-28 14:44 . 2010-10-14 15:54 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-09-28 14:44 . 2010-10-14 15:54 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-09-25 19:54 . 2008-02-28 19:48 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-25 19:54 . 2008-02-28 19:48 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-18 10:23 . 2001-10-25 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2001-10-25 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2001-10-25 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2001-10-25 12:00 953856 ------w- c:\windows\system32\mfc40u.dll
2010-09-11 02:19 . 2005-12-31 00:03 5417472 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-09-11 01:57 . 2009-08-14 01:21 57344 ----a-w- c:\windows\system32\aticalrt.dll
2010-09-11 01:57 . 2009-08-14 01:20 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-09-11 01:56 . 2009-08-14 01:19 4419584 ----a-w- c:\windows\system32\aticaldd.dll
2010-09-11 01:54 . 2008-09-06 03:09 16248832 ----a-w- c:\windows\system32\atioglxx.dll
2010-09-11 01:50 . 2009-09-01 14:57 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-09-11 01:43 . 2009-09-01 14:57 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-09-11 01:42 . 2005-12-31 00:03 300544 ----a-w- c:\windows\system32\ati2dvag.dll
2010-09-11 01:39 . 2005-12-31 00:03 3942880 ----a-w- c:\windows\system32\ati3duag.dll
2010-09-11 01:29 . 2008-09-06 02:23 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-09-11 01:26 . 2008-09-06 03:56 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-09-11 01:26 . 2008-09-06 03:56 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-09-11 01:26 . 2008-09-06 03:56 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-09-11 01:26 . 2008-09-06 03:56 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-09-11 01:26 . 2008-09-06 03:55 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-09-11 01:25 . 2005-12-31 00:03 2669312 ----a-w- c:\windows\system32\ativvaxx.dll
2010-09-11 01:25 . 2008-09-06 03:54 606208 ----a-w- c:\windows\system32\ati2evxx.exe
2010-09-11 01:24 . 2008-09-06 03:52 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-09-11 01:23 . 2010-04-18 18:48 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-09-11 01:19 . 2008-09-06 03:05 634880 ----a-w- c:\windows\system32\atikvmag.dll
2010-09-11 01:18 . 2008-09-06 03:03 192512 ----a-w- c:\windows\system32\atiadlxx.dll
2010-09-11 01:17 . 2008-09-06 03:03 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-09-11 01:13 . 2005-12-31 00:03 696320 ----a-w- c:\windows\system32\ati2cqag.dll
2010-09-11 01:11 . 2009-08-14 01:25 64512 ----a-w- c:\windows\system32\atimpc32.dll
2010-09-11 01:11 . 2008-09-06 03:09 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2010-09-11 01:11 . 2008-09-06 03:18 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-09-10 05:52 . 2002-09-20 16:05 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2002-09-20 16:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-10 05:52 . 2002-09-20 16:04 43520 ------w- c:\windows\system32\licmgr10.dll
2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-07 15:12 . 2010-08-09 18:12 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2005-12-29 20:21 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2005-12-29 20:21 46672 -c--a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2008-04-01 17:23 165584 -c--a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2005-12-29 20:21 23376 -c--a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2005-12-29 20:21 100176 -c--a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-07 14:47 . 2005-12-29 20:21 94544 -c--a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-07 14:47 . 2008-04-01 17:23 17744 -c--a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-07 14:46 . 2005-12-29 20:21 28880 -c--a-w- c:\windows\system32\drivers\aavmker4.sys
2009-03-31 19:58 . 2009-03-31 19:58 60526 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2009-03-31 19:58 . 2009-03-31 19:58 49256 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2009-03-31 19:58 . 2009-03-31 19:58 166000 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
2008-04-14 03:22 60416 -csha-w- c:\windows\ServicePackFiles\i386\msimn.exe
.

------- Sigcheck -------

[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 18:40 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
[7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3017FB3E-9A77-4396-88C5-0EC9548FB42F}]
2010-11-27 14:15 2447360 ----a-w- c:\program files\SpeedBit Video Downloader\TBU2A\tbcore3.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{389943B0-C3A2-4E69-82CB-8596A84CB3DC}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 13351304]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tweak UI"="TWEAKUI.CPL" [2003-03-25 106544]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-24 98304]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"sfagent"="c:\program files\Fighters\sfagent.exe" [2010-10-21 760968]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-10 421160]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-10-08 47904]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WLSetupSvc"=3 (0x3)
"UleadBurningHelper"=2 (0x2)
"TuneUp.UtilitiesSvc"=2 (0x2)
"TuneUp.Defrag"=3 (0x3)
"StarWindServiceAE"=2 (0x2)
"ServiceLayer"=3 (0x3)
"ose"=3 (0x3)
"O&O Defrag"=2 (0x2)
"NBService"=3 (0x3)
"LightScribeService"=2 (0x2)
"gusvc"=3 (0x3)
"Capture Device Service"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"Start WingMan Profiler"="c:\program files\Logitech\Profiler\lwemon.exe" /noui
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
"BrowserChoice"="c:\windows\system32\browserchoice.exe" /run
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"HPDJ Taskbar Utility"=c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" /s
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" /STARTUP
"QuickTime Task"="c:\windows\system32\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"MP10_EnsureFileVer"=c:\windows\inf\unregmp2.exe /EnsureFileVersions
"SoundMan"=SOUNDMAN.EXE
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"B2C_AGENT"=c:\documents and settings\All Users\Data aplikací\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2009\\RpcAgentSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2009\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer_Service.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [19.1.2006 20:22 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [19.1.2006 20:22 5248]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [28.12.2009 22:04 64288]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [13.1.2006 22:09 691696]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.4.2008 18:23 165584]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26.4.2007 9:21 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26.4.2007 9:21 72624]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.4.2008 18:23 17744]
R2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe [30.10.2010 20:27 16384]
R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\Fighters\sfus.exe [21.10.2010 13:44 189064]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe [26.4.2007 9:21 1234480]
R2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [21.10.2010 13:44 1130120]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [16.4.2010 18:39 136176]
S2 Mysee2_Runtime;Mysee2_Runtime;c:\windows\System32\svchost.exe -k mysee2 [25.10.2001 13:00 14336]
S2 TinaKey;TinaKey; [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [13.11.2009 9:49 1021256]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
mysee2 REG_MULTI_SZ Mysee2_Runtime

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-12-05 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-11-13 08:54]

2010-01-10 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-04-26 12:44]

2010-12-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-16 17:38]

2010-12-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-16 17:38]

2010-12-04 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-13 14:59]

2010-04-30 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-13 14:59]

2010-12-05 c:\windows\Tasks\User_Feed_Synchronization-{1149DA1D-631F-4CB7-BB0E-EB7CC5AB3029}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: &Přelož do češtiny - c:\program files\Seznam\Listicka\Toolbar.dll/5034
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Hledej v &Seznamu - c:\program files\Seznam\Listicka\Toolbar.dll/5033
IE: Hledej v Seznam &Fulltextu - c:\program files\Seznam\Listicka\Toolbar.dll/5035
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
DPF: {0A6112F2-F9D1-4FBF-A6EC-B67B22915873}
DPF: {1B3F4474-0BCC-436A-8D0D-796C5D5AAB5D}
FF - ProfilePath - c:\documents and settings\Roman Matějek\Data aplikací\Mozilla\Firefox\Profiles\addqhfqk.default\
FF - component: c:\program files\DAP\DAPFireFox\components\DAPFireFox.dll
FF - component: c:\program files\SpeedBit Video Downloader\SPFireFox\components\Engine.dll
FF - plugin: c:\program files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll
FF - plugin: c:\program files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMySrch.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Photosynth\npPhotosynthMozilla.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\Veetle\VLC\npvlc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Extension: SpeedBit Video Downloader: {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - c:\program files\SpeedBit Video Downloader\SPFireFox
FF - Extension: Download Accelerator Plus (DAP) extension: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08} - c:\program files\DAP\DAPFireFox
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-05 12:39
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \D25BC253F035D347]
"1"=hex:6a,0b,56,13,c1,93,dc,9c,fb,61,a2,a0,e4,ff,91,20,60,bf,2f,c2,35,91,ae,
25
"2"=hex:fb,e6,50,7f,41,f4,51,a7,7f,ec,2d,f9,42,45,3a,02,3a,b7,45,15,3f,9d,8b,
c3
"3"=hex:6a,0b,56,13,c1,93,dc,9c,fb,61,a2,a0,e4,ff,91,20,5d,f5,58,d1,21,e0,48,
8b,38,57,44,9c,4e,8d,78,88,fd,f1,01,9d,86,d8,b5,cb,d9,bf,23,55,4a,bb,31,1f

[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \D25BC253F035D347\0BB4AB33ED50D261F5C8A2C244CF5435]
"1"=hex:df,c7,3a,96,ab,66,13,d2,36,78,6c,b8,10,1c,c4,b0,41,14,92,53,8b,f4,9f,
53,ff,8f,6c,08,d5,ab,f1,06
"2"=hex:7d,73,4a,d4,1d,ee,c7,5a
"3"=hex:81,20,8f,ab,28,6a,52,9c
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:97,e4,84,cd,95,83,bf,82,bd,04,75,27,c9,a8,72,b1,55,38,49,8a,a6,16,a2,
28,28,eb,ee,eb,0f,d6,d6,b8,f4,df,4a,8d,b5,18,4f,2a,0d,c4,ee,cf,81,df,fe,df,\
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,2e,4e,96,8c,7e,a3,52,
64,3a,77,a0,c6,f3,8c,f2,ae,2e,ea,bc,14,1c,92,a4,c2,43,3d,0b,78,bd,76,70,3e,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:b6,dd,00,4d,9d,38,11,d1
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1016)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'explorer.exe'(324)
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Cheetah Burner\Cheetah DVD Burner\NMSAccess.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\program files\Sunbelt Software\Personal Firewall\kpf4gui.exe
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\progra~1\MICROS~4\rapimgr.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\msiexec.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Celkový čas: 2010-12-05 12:47:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-12-05 11:47
ComboFix2.txt 2010-12-04 14:22

Před spuštěním: Volných bajtů: 35 277 692 928
Po spuštění: Volných bajtů: 35 287 101 440

- - End Of File - - 0EAAE11B5733BDE6A97DF0F4B2F78646

#9 Příspěvek od **Rudy** » 05 pro 2010 17:15

Smazáno. Jak to vypadá nyní se stahováním?

matejr · #10 Příspěvek od **matejr** » 06 pro 2010 21:13

Dobrý den.Stahování pořád stejné,bohužel jsem se dozvěděl,že ta chyba je u mého providera.Každopádně mnohokrát děkuju za pročištění PC.

#11 Příspěvek od **Rudy** » 06 pro 2010 21:17

Rádo se stalo!

VIRY.CZ

Kontrola logu-zpomalené stahování z internetu

Kontrola logu-zpomalené stahování z internetu

Re: Kontrola logu-zpomalené stahování z internetu

Re: Kontrola logu-zpomalené stahování z internetu

Re: Kontrola logu-zpomalené stahování z internetu

Re: Kontrola logu-zpomalené stahování z internetu

Re: Kontrola logu-zpomalené stahování z internetu

Re: Kontrola logu-zpomalené stahování z internetu

Re: Kontrola logu-zpomalené stahování z internetu

Re: Kontrola logu-zpomalené stahování z internetu

Re: Kontrola logu-zpomalené stahování z internetu

Re: Kontrola logu-zpomalené stahování z internetu