Mám problém s sshnas21.dll

[mpierot]

Ahoj, prosím o pomoc - počítač hlásá při spuštění následující - chyby sshnas21.dll
Můžete se mi někdo juknout na log?
Děkuju moc
Logfile of random's system information tool 1.08 (written by random/random)
Run by Petr Hozman at 2011-01-30 18:58:30
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 88 GB (47%) free of 186 GB
Total RAM: 2047 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:59:09, on 30.1.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\conime.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\real\realplayer\update\realsched.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Petr Hozman\Downloads\RSIT.exe
C:\Program Files\trend micro\Petr Hozman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60076
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2786678
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - (no file)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Metropolis] rundll32.exe C:\Windows\system32\sshnas21.dll,GetHandle
O4 - HKCU\..\Run: [JP595IR86O] C:\Users\PETRHO~1\AppData\Local\Temp\Dxl.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 14344 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for Petr Hozman.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-11-19 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-22 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
Ask Toolbar BHO

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2007-02-06 151552]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Seznam\Postak\SRank.dll [2005-05-17 266240]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SMail"=C:\Program Files\Seznam\Postak\Postak.exe [2006-05-18 450560]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-03-21 86960]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-12-02 2221352]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-23 4423680]
"Skytel"=C:\Windows\Skytel.exe [2007-03-16 1822720]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"TkBellExe"=c:\program files\real\realplayer\Update\realsched.exe [2010-11-19 274608]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-12-08 1226608]
"DivX Download Manager"=C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"OEXPRESS"= []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"AdobeBridge"= []
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []
"Metropolis"=C:\Windows\system32\sshnas21.dll,GetHandle []
"JP595IR86O"=C:\Users\PETRHO~1\AppData\Local\Temp\Dxl.exe []
"Steam"=C:\Program Files\Steam\Steam.exe [2010-12-24 1242448]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
C:\Acer\Empowering Technology\SysMonitor.exe [2007-01-24 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
C:\Acer\AcerTour\Reminder.exe [2007-02-15 151552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2007-02-06 464168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-12-02 2221352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2007-07-06 8466432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\Windows\system32\NvMcTray.dll [2007-07-06 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
C:\Windows\system32\nvsvc.dll [2007-07-06 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2007-03-23 4423680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Windows\Skytel.exe [2007-03-16 1822720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe /a /m C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
C:\Acer\EMPOWE~1\EAPLAU~1.EXE [2006-11-21 528384]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Petr Hozman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=227
"NoDrives"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2011-01-30 18:58:31 ----D---- C:\Program Files\trend micro
2011-01-30 18:58:30 ----D---- C:\rsit
2011-01-12 21:01:00 ----A---- C:\Windows\system32\odbc32.dll
2011-01-12 21:00:54 ----A---- C:\Windows\system32\sdclt.exe
2011-01-12 19:22:26 ----A---- C:\Windows\system32\javaws.exe
2011-01-12 19:22:26 ----A---- C:\Windows\system32\javaw.exe
2011-01-12 19:22:26 ----A---- C:\Windows\system32\java.exe
2011-01-11 16:48:14 ----D---- C:\Program Files\Common Files\Skype
2011-01-09 16:55:44 ----D---- C:\Program Files\Conduit
2011-01-09 16:55:41 ----D---- C:\Program Files\ConduitEngine
2011-01-09 16:55:35 ----D---- C:\Program Files\uTorrentBar

======List of files/folders modified in the last 1 months======

2011-01-30 18:58:42 ----D---- C:\Windows\Prefetch
2011-01-30 18:58:40 ----D---- C:\Windows\Temp
2011-01-30 18:58:31 ----RD---- C:\Program Files
2011-01-30 18:38:40 ----D---- C:\Users\Petr Hozman\AppData\Roaming\Skype
2011-01-30 16:02:44 ----D---- C:\Users\Petr Hozman\AppData\Roaming\skypePM
2011-01-30 15:06:42 ----SHD---- C:\System Volume Information
2011-01-29 18:08:22 ----D---- C:\Windows\System32
2011-01-29 18:08:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-29 18:08:21 ----D---- C:\Windows\inf
2011-01-29 18:04:16 ----D---- C:\Program Files\Steam
2011-01-29 18:03:46 ----D---- C:\Windows\system32\Tasks
2011-01-17 15:04:32 ----D---- C:\Windows\system32\catroot2
2011-01-13 17:09:34 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-01-13 12:02:11 ----A---- C:\Windows\system32\mrt.exe
2011-01-13 12:02:02 ----D---- C:\Windows\winsxs
2011-01-13 12:01:30 ----SHD---- C:\Windows\Installer
2011-01-13 12:01:23 ----HD---- C:\Config.Msi
2011-01-13 12:01:23 ----D---- C:\ProgramData\Microsoft Help
2011-01-13 11:57:59 ----D---- C:\Program Files\Common Files\Steam
2011-01-12 21:00:45 ----D---- C:\Windows\system32\catroot
2011-01-12 19:22:23 ----D---- C:\Program Files\Java
2011-01-11 16:48:35 ----RD---- C:\Program Files\Skype
2011-01-11 16:48:14 ----D---- C:\Program Files\Common Files
2011-01-11 16:48:02 ----D---- C:\ProgramData\Skype
2011-01-10 01:23:31 ----D---- C:\Users\Petr Hozman\AppData\Roaming\uTorrent
2011-01-07 22:15:42 ----D---- C:\Program Files\Microsoft Silverlight
2011-01-06 15:16:18 ----D---- C:\Program Files\Picasa3
2011-01-02 03:16:22 ----D---- C:\Windows

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-10-30 8192]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2007-02-06 20264]
R0 PSDNServ;PSDNSERVER; C:\Windows\system32\drivers\PSDNServ.sys [2007-02-06 16680]
R0 psdvdisk;psdvdisk; C:\Windows\system32\drivers\psdvdisk.sys [2007-02-06 60712]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-19 697328]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R2 Nsynas32;Nsynas32; C:\Windows\system32\drivers\Nsynas32.sys [2001-04-09 17784]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-26 1761696]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-05-10 6144]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-07-06 7568832]
R3 Ph3xIB32;Philips 713x VU PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-03-23 240128]
S3 a4n71n8q;a4n71n8q; C:\Windows\system32\drivers\a4n71n8q.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-03-14 2427392]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 grmnusb;Garmin USB Driver; C:\Windows\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtport.sys []
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys []
S3 lgmdbus;LG Mobile driver (WDM); C:\Windows\system32\DRIVERS\lgmdbus.sys []
S3 lgmdmdfl;LG Mobile USB WMC Modem Filter; C:\Windows\system32\DRIVERS\lgmdmdfl.sys []
S3 lgmdmdm;LG Mobile USB WMC Modem Driver; C:\Windows\system32\DRIVERS\lgmdmdm.sys []
S3 lgmdmgmt;LG Mobile USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\lgmdmgmt.sys []
S3 lgmdobex;LG Mobile USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\lgmdobex.sys []
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmodem.sys []
S3 MovRVDrv32;MovRVDrv32; C:\Windows\system32\DRIVERS\MovRVDrv32.sys [2008-08-19 3768]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-03-29 21248]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-03-29 20096]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-02-12 47360]
S3 Ser2pl;Prolific2 Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2005-11-04 48640]
S3 SndTDriverV32;SndTDriverV32; C:\Windows\system32\drivers\SndTDriverV32.sys [2008-08-19 23096]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys []
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-12-29 28672]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 eDataSecurity Service;eDSService.exe; C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe [2007-02-06 457512]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-01-31 53248]
R2 Fabs;FABS - Helping agent for MAGIX media database; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-12-02 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-09-01 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2009-11-22 107832]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-03-14 569344]
S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-11 136176]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-13 182768]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-12-12 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-01-12 407336]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

[vyosek]

Zdravim a pekny vecer preji

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[mpierot]

Tak tady to je.. Děkuju


ComboFix 11-01-29.03 - Petr Hozman 30.01.2011 21:35:10.2.2 - x86
MicrosoftÆ Windows Vistaô Home Premium 6.0.6002.2.1250.420.1029.18.2047.959 [GMT 1:00]
SpuötÏn˝ z: c:\users\Petr Hozman\Downloads\ComboFix.exe
AV: avast! antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( OstatnÌ v˝mazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\BrowsingSoftware
c:\program files\BrowsingSoftware\BrowsingSoftware.dat
c:\program files\BrowsingSoftware\pcre3.dll
c:\program files\BrowsingSoftware\uninstall.exe
c:\program files\DoubleD
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.4.0.4340\adwpx.exe
c:\program files\Internet Saving Optimizer\3.4.0.4340\Data\config.md
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.4.0.4340\NPCommon.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\NPIEAddOn.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.dat
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
c:\program files\Internet Saving Optimizer\3.6.3.4500\adwpx.exe
c:\program files\Internet Saving Optimizer\3.6.3.4500\Data\config.md
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\components\NPFFAddOn.dll
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.6.3.4500\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.6.3.4500\unins000.dat
c:\program files\Internet Saving Optimizer\3.6.3.4500\unins000.exe
c:\program files\Media Access Startup
c:\program files\Media Access Startup\1.3.0.790\Data\config.md
c:\program files\Media Access Startup\1.3.0.790\FF\components\HPFFAddOn.dll
c:\program files\Media Access Startup\1.3.0.790\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.3.0.790\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.3.0.790\FF\chrome.manifest
c:\program files\Media Access Startup\1.3.0.790\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.3.0.790\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.3.0.790\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.3.0.790\FF\install.rdf
c:\program files\Media Access Startup\1.3.0.790\HPCommon.dll
c:\program files\Media Access Startup\1.3.0.790\hppx.exe
c:\program files\Media Access Startup\1.3.0.790\MAHelper.exe
c:\program files\Media Access Startup\1.3.0.790\unins000.dat
c:\program files\Media Access Startup\1.3.0.790\unins000.exe
c:\program files\Media Access Startup\1.5.4.880\Data\config.md
c:\program files\Media Access Startup\1.5.4.880\FF\components\HPFFAddOn.dll
c:\program files\Media Access Startup\1.5.4.880\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.5.4.880\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.5.4.880\FF\chrome.manifest
c:\program files\Media Access Startup\1.5.4.880\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.5.4.880\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.5.4.880\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.5.4.880\FF\install.rdf
c:\program files\Media Access Startup\1.5.4.880\HPCommon.dll
c:\program files\Media Access Startup\1.5.4.880\HPIEAddOn.dll
c:\program files\Media Access Startup\1.5.4.880\hppx.exe
c:\program files\Media Access Startup\1.5.4.880\MAHelper.exe
c:\program files\Media Access Startup\1.5.4.880\unins000.dat
c:\program files\Media Access Startup\1.5.4.880\unins000.exe
c:\program files\Media Access Startup\1.5.5.900\Data\config.md
c:\program files\Media Access Startup\1.5.5.900\FF\components\HPFFAddOn.dll
c:\program files\Media Access Startup\1.5.5.900\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.5.5.900\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.5.5.900\FF\chrome.manifest
c:\program files\Media Access Startup\1.5.5.900\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.5.5.900\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.5.5.900\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.5.5.900\FF\install.rdf
c:\program files\Media Access Startup\1.5.5.900\HPCommon.dll
c:\program files\Media Access Startup\1.5.5.900\hppx.exe
c:\program files\Media Access Startup\1.5.5.900\MAHelper.exe
c:\program files\Media Access Startup\1.5.5.900\unins000.dat
c:\program files\Media Access Startup\1.5.5.900\unins000.exe
c:\program files\System Search Dispatcher
c:\program files\System Search Dispatcher\1.3.4.940\Data\eacore.mx
c:\program files\System Search Dispatcher\1.3.4.940\Data\URLDynamic.mx
c:\program files\System Search Dispatcher\1.3.4.940\Data\URLStatic.mx
c:\program files\System Search Dispatcher\1.3.4.940\ssd.dll
c:\program files\System Search Dispatcher\1.3.4.940\unins000.dat
c:\program files\System Search Dispatcher\1.3.4.940\unins000.exe
c:\program files\System Search Dispatcher\1.3.5.960\Data\eacore.mx
c:\program files\System Search Dispatcher\1.3.5.960\Data\URLDynamic.mx
c:\program files\System Search Dispatcher\1.3.5.960\Data\URLStatic.mx
c:\program files\System Search Dispatcher\1.3.5.960\unins000.dat
c:\program files\System Search Dispatcher\1.3.5.960\unins000.exe
c:\users\Petr Hozman\AppData\Local\Microsoft\Windows\Temporary Internet Files\MAILTRAN.INI
c:\users\Petr Hozman\AppData\Local\Microsoft\Windows\Temporary Internet Files\TRNCOM.INI
c:\users\Petr Hozman\AppData\Local\Microsoft\Windows\Temporary Internet Files\WDICT32.INI
c:\users\Petr Hozman\AppData\Local\Microsoft\Windows\Temporary Internet Files\WTRAN32.INI
c:\users\Petr Hozman\AppData\Roaming\Local
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\10.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\11.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\12.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\13.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\14.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\15.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\16.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\17.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\18.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\19.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\20.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\21.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\22.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\23.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\24.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\25.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\26.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\27.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\28.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\29.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\30.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\31.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\32.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\33.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\34.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\35.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\5.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\6.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\7.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\8.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\9.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\aqpdthmgptyx.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\cjorrqwiweyr.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\dhdgcrlwqwpc.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\ebcapwufezzk.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\ewfpkqxwdmhj.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\f58wrxmkoqzjf.avi(2).ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\f58wrxmkoqzjf.avi(3).ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\f58wrxmkoqzjf.avi(4).ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\f58wrxmkoqzjf.avi(5).ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\f58wrxmkoqzjf.avi(6).ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\f58wrxmkoqzjf.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\idnrkkwfulfu.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\jlklqudkmmaw.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\ksiuse1glvj9d.avi(2).ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\ksiuse1glvj9d.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\ntaibbykadqo.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\ntycitialjhv.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\nvizmussmnci.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\pphbmsxzpjpx.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\qrsewxobcpvj.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\rinavmqokcru.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\soqpcbmngkgb.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\sqdtpsnaycpo.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\surdpzatvucf.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\tbvufxdksdiu.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\aiwnkhdeelmu.avi(2).ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\aiwnkhdeelmu.avi(3).ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\aiwnkhdeelmu.avi.ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\aqpdthmgptyx.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\awamikzvkhtc.avi.ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\cjorrqwiweyr.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\dhdgcrlwqwpc.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\ebcapwufezzk.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\ewfpkqxwdmhj.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\f58wrxmkoqzjf.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\f58wrxmkoqzjf.avi(2).ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\f58wrxmkoqzjf.avi(3).ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\f58wrxmkoqzjf.avi(4).ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\f58wrxmkoqzjf.avi(5).ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\f58wrxmkoqzjf.avi.ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\idnrkkwfulfu.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\jlklqudkmmaw.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\kmwevxzodawa.avi.ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\ksiuse1glvj9d(2).avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\ksiuse1glvj9d.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\ntaibbykadqo.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\ntycitialjhv.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\nvizmussmnci.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\pphbmsxzpjpx.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\qrsewxobcpvj.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\rinavmqokcru.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\soqpcbmngkgb.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\sqdtpsnaycpo.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\surdpzatvucf.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\tbvufxdksdiu.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\udceepjyeylv.avi(2).ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\udceepjyeylv.avi.ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\wntmezajvadt.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\xn1jt8hqsb7yc.avi.ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\zarkpazbbfld.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\zbbarbfrgmok.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\zfzxufxqtmvr.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\zvyoftxxbuny.avi(2).ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\zvyoftxxbuny.avi.ddp
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\zwvhvqvbplob.avi
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\wntmezajvadt.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\xn1jt8hqsb7yc.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\zarkpazbbfld.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\zbbarbfrgmok.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\zfzxufxqtmvr.avi.ddr
c:\users\Petr Hozman\AppData\Roaming\Local\Temp\DDM\Settings\zwvhvqvbplob.avi.ddr
c:\windows\system\Pncrt.dll

.
((((((((((((((((((((((((( Soubory vytvo¯enÈ od 2010-12-28 do 2011-01-30 )))))))))))))))))))))))))))))))
.

2011-01-30 20:49 . 2011-01-30 20:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-30 17:58 . 2011-01-30 17:59 -------- d-----w- c:\program files\trend micro
2011-01-30 17:58 . 2011-01-30 17:59 -------- d-----w- C:\rsit
2011-01-28 14:07 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{70AF0ABA-BD20-4A39-9683-50D1F8514D4E}\mpengine.dll
2011-01-12 20:01 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 20:00 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 20:00 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 20:00 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 20:00 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2011-01-12 20:00 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 20:00 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-01-11 15:48 . 2011-01-11 15:48 -------- d-----w- c:\program files\Common Files\Skype
2011-01-09 15:55 . 2011-01-09 15:55 -------- d-----w- c:\program files\Conduit
2011-01-09 15:55 . 2011-01-09 15:55 -------- d-----w- c:\program files\uTorrentBar

.
(((((((((((((((((((((((((((((((((((((((( Find3M v˝pis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-12 17:53 . 2010-10-04 14:19 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 00:44 . 2010-11-12 00:44 94208 ----a-w- c:\windows\system32\dpl100.dll
2010-11-08 22:57 . 2010-11-08 22:57 353592 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2010-11-04 18:56 . 2010-12-15 19:04 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-04 18:55 . 2010-12-15 19:04 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-11-04 18:55 . 2010-12-15 19:04 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-04 18:55 . 2010-12-15 19:04 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-04 16:34 . 2010-12-15 19:04 171520 ----a-w- c:\windows\system32\taskeng.exe
.

(((((((((((((((((((((((((((((((((( SpouötÏcÌ body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Pozn·mka* pr·zdnÈ z·znamy a legitimnÌ v˝chozÌ ˙daje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]

[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"OEXPRESS"="" [BU]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Steam"="c:\program files\Steam\Steam.exe" [2010-12-24 1242448]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-12-03 14944136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMail"="c:\program files\Seznam\Postak\Postak.exe" [2006-05-18 450560]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-03-21 86960]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-12-02 2221352]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-23 4423680]
"Skytel"="Skytel.exe" [2007-03-16 1822720]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2010-11-19 274608]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-08 1226608]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]

c:\users\Petr Hozman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
VÏ˝ezy obrazovky a spuÁtÿn° aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup
backupExtension=.CommonStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
%ProgramFiles%\Windows Defender\MSASCui.exe -hide [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
2007-01-24 08:27 319488 ----a-w- c:\acer\Empowering Technology\SysMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Tour Reminder]
2007-02-15 16:39 151552 ----a-w- c:\acer\AcerTour\Reminder.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
2007-02-06 22:04 464168 ----a-w- c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-12-02 13:29 2221352 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-07-06 05:15 8466432 ----a-w- c:\windows\System32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2007-07-06 05:15 81920 ----a-w- c:\windows\System32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2007-07-06 05:15 86016 ----a-w- c:\windows\System32\nvsvc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-03-23 11:04 4423680 ----a-w- c:\windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-03-16 07:06 1822720 ----a-w- c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
2006-11-05 20:48 57344 ----a-w- c:\acer\WR_PopUp\WarReg_PopUp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2006-11-02 09:45 215552 ----a-w- c:\windows\WindowsMobile\wmdSync.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-11 136176]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys [2007-03-26 38784]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtport.sys [x]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x]
R3 lgmdbus;LG Mobile driver (WDM);c:\windows\system32\DRIVERS\lgmdbus.sys [x]
R3 lgmdmdfl;LG Mobile USB WMC Modem Filter;c:\windows\system32\DRIVERS\lgmdmdfl.sys [x]
R3 lgmdmdm;LG Mobile USB WMC Modem Driver;c:\windows\system32\DRIVERS\lgmdmdm.sys [x]
R3 lgmdmgmt;LG Mobile USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\lgmdmgmt.sys [x]
R3 lgmdobex;LG Mobile USB WMC OBEX Interface;c:\windows\system32\DRIVERS\lgmdobex.sys [x]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmodem.sys [x]
R3 MovRVDrv32;MovRVDrv32;c:\windows\system32\DRIVERS\MovRVDrv32.sys [2008-08-19 3768]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-19 697328]
S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S3 Ph3xIB32;Philips 713x VU PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adres·¯e 'Napl·novanÈ ˙lohy'

2011-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-11 10:45]

2011-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-11 10:45]

2011-01-30 c:\windows\Tasks\Norton Security Scan for Petr Hozman.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-11-15 08:48]
.
.
------- DoplÚkov˝ sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2786678
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://cs.intl.acer.yahoo.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Petr Hozman\AppData\Roaming\Mozilla\Firefox\Profiles\w1uvc63s.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2786678&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
FF - prefs.js: network.proxy.type - 2
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video
FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
.
- - - - NEPLATN… POLOéKY ODSTRANÃN… Z REGISTRU - - - -

HKCU-Run-AdobeBridge - (no file)
HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe
HKCU-Run-Metropolis - c:\windows\system32\sshnas21.dll
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\daemon.exe
MSConfigStartUp-Symantec PIF AlertEng - c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
MSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
AddRemove-BrowsingSoftware - c:\program files\BrowsingSoftware\uninstall.exe
AddRemove-{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1 - c:\program files\Media Access Startup\1.5.5.900\unins000.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.6.3.4500\unins000.exe
AddRemove-{C5096216-7703-409E-B85A-8A6EE7395128}}_is1 - c:\program files\System Search Dispatcher\1.3.5.960\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-30 21:53
Windows 6.0.6002 Service Pack 2 NTFS

skenov·nÌ skryt˝ch proces˘ ...

skenov·nÌ skryt˝ch poloûek 'Po spuötÏnÌ' ...

skenov·nÌ skryt˝ch soubor˘ ...

sken byl ˙speönÏ dokonËen
skrytÈ soubory: 0

**************************************************************************
.
--------------------- ZAMKNUT… KLÕ»E V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ JinÈ spuötenÈ procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\acer\Empowering Technology\eDataSecurity\eDSService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehRecvr.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkov˝ Ëas: 2011-01-30 22:00:37 - poËÌtaË byl restartov·n
ComboFix-quarantined-files.txt 2011-01-30 21:00
ComboFix2.txt 2008-11-01 16:31

P¯ed spuötÏnÌm: Voln˝ch bajt˘: 91†914†878†976
Po spuötÏnÌ: Voln˝ch bajt˘: 94†429†519†872

- - End Of File - - 348560BD2EC7D7B8902443718295D5D6

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  File::
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  C:\Windows\tasks\Norton Security Scan for Petr Hozman.job
  C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
  C:\Windows\tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job
  
  Folder::
  C:\Program Files\DAEMON Tools Toolbar
  C:\Program Files\MSN Toolbar\
  C:\Program Files\uTorrentBar
  
  
  Registry::
  
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{EF99BD32-C1FB-11D2-892F-0090271D4F88}"=-
  "{BFC32E1D-EE75-4A48-BC60-104E11EE2431}"=-
  "{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
  "{8dcb7100-df86-4384-8842-8fa844297b3f"=-
  "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=-
  "{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "ISUSPM Startup"=-
  "OEXPRESS"="-
  "DAEMON Tools Lite"=-
  "Steam"=-
  "Skype"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "QuickTime Task"=-
  "Adobe Reader Speed Launcher"=-
  "Adobe ARM"=-
  "AdobeAAMUpdater-1.0"=-
  "TkBellExe"=-
  "HP Software Update"=-
  "DivXUpdate"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
  [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
  "DisableMonitoring"=dword:00000000
  [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
  [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci