Prosím o kontrolu - dlouhé starty, zpomalení PC, IE, FF, ...

[JohnnyM]

Prosím o kontrolu - dlouhé starty,
tím jsem si asi vinen částečně sám,

ale v poslední době se mi dlouho načítají stránky, a to už tak, že je to citelně nepříjemné
a je jedno zda používám FF nebo zkouším IE...
Často je v těch chvílích prakticky nepoužitelný celý komp, poté je už v mnoha chvílkách línej a línější
Není to co bejvávalo... Prosím o preventivní kontrolu, jestli jsem něco nechytil... Dííky
---

Logfile of random's system information tool 1.08 (written by random/random)
Run by CR at 2011-02-09 19:57:15
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 4 GB (11%) free of 37 GB
Total RAM: 1983 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:58:43, on 9.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Common Files\Cloanto\Software Manager\softmngr.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\SmartClock\SmartClock.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
C:\RSIT - začátek proti virům\RSIT.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\trend micro\CR.exe
C:\Program Files\Alwil Software\Avast5\setup\avast.setup

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
R3 - URLSearchHook: fullscreensavers Toolbar - {fae389d5-e97e-4abd-8242-d9080c709167} - C:\Program Files\fullscreensavers\tbful0.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll
O2 - BHO: fullscreensavers Toolbar - {fae389d5-e97e-4abd-8242-d9080c709167} - C:\Program Files\fullscreensavers\tbful0.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: fullscreensavers Toolbar - {fae389d5-e97e-4abd-8242-d9080c709167} - C:\Program Files\fullscreensavers\tbful0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [CloantoSoftwareManager] "C:\Program Files\Common Files\Cloanto\Software Manager\softmngr.exe" /s
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [SmartClock] C:\Program Files\SmartClock\SmartClock.exe /boot
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: Beeline L2TP.lnk = ?
O4 - Global Startup: AutorunsDisabled
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Zobrazit originál - C:\Program Files\www.cproxy.com\original.htm
O8 - Extra context menu item: Zobrazit vše jako originál - C:\Program Files\www.cproxy.com\originalAll.htm
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{866BE9F6-F191-4718-9519-8808183D2497}: NameServer = 212.109.32.5 212.109.32.9
O17 - HKLM\System\CS1\Services\Tcpip\..\{10B998D5-AACC-4B56-9E87-1F22C1A769A5}: NameServer = 10.0.0.138,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{10B998D5-AACC-4B56-9E87-1F22C1A769A5}: NameServer = 10.0.0.138,208.67.222.222
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 10613 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-01-27 381656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\listicka.dll [2010-01-18 1414808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fae389d5-e97e-4abd-8242-d9080c709167}]
fullscreensavers Toolbar - C:\Program Files\fullscreensavers\tbful0.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-06-09 552960]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{fae389d5-e97e-4abd-8242-d9080c709167} - fullscreensavers Toolbar - C:\Program Files\fullscreensavers\tbful0.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-10-25 8491008]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-03-26 16859136]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"CloantoSoftwareManager"=C:\Program Files\Common Files\Cloanto\Software Manager\softmngr.exe [2010-12-07 324712]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-01-27 273544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartClock"=C:\Program Files\SmartClock\SmartClock.exe [2003-04-26 880128]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AutorunsDisabled

C:\Documents and Settings\CR\Nabídka Start\Programy\Po spuštění
Beeline L2TP.lnk -

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"F:\PROGRAMY\INSTALOVANÉ\PROHLÍŽEČE\OperaPortable1010\OperaPortable\opera10.exe"="F:\PROGRAMY\INSTALOVANÉ\PROHLÍŽEČE\OperaPortable1010\OperaPortable\opera10.exe:*:Enabled:Opera Internet Browser"
"F:\SKAAJJPP\SkypePortable_4.1\SkypePortable\App\Skype\Phone\Skype.exe"="F:\SKAAJJPP\SkypePortable_4.1\SkypePortable\App\Skype\Phone\Skype.exe:*:Enabled:Skype"
"F:\PROGRAMY\Internetová komunikace\SkypePortable_4.1\SkypePortable\App\Skype\Phone\Skype.exe"="F:\PROGRAMY\Internetová komunikace\SkypePortable_4.1\SkypePortable\App\Skype\Phone\Skype.exe:*:Enabled:Skype"
"F:\PROGRAMY (noC)\PROHLÍŽEČE\OperaPortable1010\OperaPortable\opera10.exe"="F:\PROGRAMY (noC)\PROHLÍŽEČE\OperaPortable1010\OperaPortable\opera10.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"F:\PROGRAMY (noC)\Internetová komunikace\SkypePortable_4.1\SkypePortable\App\Skype\Phone\Skype.exe"="F:\PROGRAMY (noC)\Internetová komunikace\SkypePortable_4.1\SkypePortable\App\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"F:\Programy - P2P, RS, TOR, atd [HIDE F]\sdc2.21\StrongDC.exe"="F:\Programy - P2P, RS, TOR, atd [HIDE F]\sdc2.21\StrongDC.exe:*:Enabled:StrongDC++"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Disabled:LEXPPS.EXE"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\www.cproxy.com\CPROXY.exe"="C:\Program Files\www.cproxy.com\CPROXY.exe:*:Enabled:CPROXY.com"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======List of files/folders created in the last 1 months======

2011-02-09 19:04:23 ----D---- C:\Program Files\trend micro
2011-02-09 19:04:21 ----D---- C:\rsit
2011-02-09 18:59:53 ----D---- C:\RSIT - začátek proti virům
2011-02-05 23:36:38 ----A---- C:\WINDOWS\system32\kbdkor.dll
2011-02-05 23:36:38 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2011-02-05 23:36:38 ----A---- C:\WINDOWS\system32\kbd103.dll
2011-02-05 23:36:38 ----A---- C:\WINDOWS\system32\kbd101c.dll
2011-02-05 23:36:37 ----A---- C:\WINDOWS\system32\kbd101b.dll
2011-02-05 23:36:36 ----A---- C:\WINDOWS\system32\kbd106.dll
2011-01-29 22:50:44 ----D---- C:\Program Files\ConduitEngine
2011-01-29 22:50:44 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp
2011-01-29 22:49:48 ----D---- C:\Program Files\Conduit
2011-01-29 22:49:45 ----D---- C:\Program Files\fullscreensavers
2011-01-28 09:22:25 ----A---- C:\WINDOWS\trio_log.txt
2011-01-27 22:21:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\YoWindow
2011-01-27 21:58:16 ----D---- C:\Program Files\Common Files\xing shared
2011-01-27 21:58:02 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2011-01-27 21:57:53 ----A---- C:\WINDOWS\system32\pndx5032.dll
2011-01-27 21:57:53 ----A---- C:\WINDOWS\system32\pndx5016.dll
2011-01-27 21:57:45 ----D---- C:\Program Files\Real
2011-01-27 21:57:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Real
2011-01-27 21:57:35 ----D---- C:\Documents and Settings\CR\Data aplikací\Real
2011-01-27 14:52:14 ----D---- C:\WINDOWS\Temp9E5B73DA-959F-633C-4C65-A2AF835D24C0-Signatures
2011-01-27 14:52:03 ----D---- C:\Program Files\Microsoft Security Client
2011-01-27 09:22:06 ----D---- C:\Program Files\CCleaner
2011-01-21 20:45:33 ----D---- C:\Program Files\www.cproxy.com
2011-01-13 15:13:46 ----D---- C:\Program Files\SopCast
2011-01-12 00:10:37 ----A---- C:\WINDOWS\system32\trio_log.txt
2011-01-12 00:10:34 ----D---- C:\Program Files\W3i, LLC
2011-01-12 00:01:23 ----D---- C:\Documents and Settings\CR\Data aplikací\com.w3i.FlipToast
2011-01-12 00:01:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-01-12 00:01:14 ----D---- C:\Program Files\fliptoast
2011-01-12 00:01:12 ----D---- C:\Program Files\Adobe
2011-01-12 00:01:09 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-01-11 23:59:46 ----D---- C:\Program Files\KwiClick LLC
2011-01-11 23:36:53 ----D---- C:\Program Files\FullScreensavers.com
2011-01-11 08:47:43 ----D---- C:\Program Files\Space Trip 3D Screensaver

======List of files/folders modified in the last 1 months======

2011-02-09 19:58:43 ----D---- C:\WINDOWS\Temp
2011-02-09 19:58:11 ----D---- C:\WINDOWS\Prefetch
2011-02-09 19:51:53 ----SD---- C:\WINDOWS\Tasks
2011-02-09 19:47:20 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-09 19:44:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-09 19:04:23 ----D---- C:\Program Files
2011-02-08 18:33:38 ----D---- C:\WINDOWS\system32
2011-02-05 23:37:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-05 23:36:45 ----D---- C:\WINDOWS
2011-02-05 23:20:40 ----D---- C:\Documents and Settings\CR\Data aplikací\dvdcss
2011-02-05 00:09:02 ----A---- C:\WINDOWS\NeroDigital.ini
2011-02-01 14:51:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-31 18:53:32 ----D---- C:\Documents and Settings\CR\Data aplikací\Mozilla
2011-01-27 23:01:57 ----D---- C:\Program Files\Spyware Terminator
2011-01-27 22:01:28 ----D---- C:\Program Files\Mozilla Firefox
2011-01-27 21:58:21 ----SHD---- C:\WINDOWS\Installer
2011-01-27 21:58:21 ----SHD---- C:\Config.Msi
2011-01-27 21:58:16 ----D---- C:\Program Files\Common Files
2011-01-27 21:57:52 ----A---- C:\WINDOWS\system32\pncrt.dll
2011-01-27 21:57:48 ----A---- C:\WINDOWS\system32\msvcr71.dll
2011-01-27 17:13:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-01-27 16:11:23 ----D---- C:\Documents and Settings\CR\Data aplikací\Spyware Terminator
2011-01-27 16:06:04 ----D---- C:\Program Files\Unlocker
2011-01-27 14:52:41 ----D---- C:\WINDOWS\system32\drivers
2011-01-27 14:52:41 ----D---- C:\WINDOWS\inf
2011-01-27 14:51:50 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-01-27 14:46:44 ----D---- C:\WINDOWS\WinSxS
2011-01-27 13:24:54 ----SHD---- C:\System Volume Information
2011-01-27 13:16:50 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-01-27 09:40:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Tools
2011-01-27 09:26:50 ----D---- C:\WINDOWS\Debug
2011-01-25 12:13:15 ----A---- C:\WINDOWS\win.ini
2011-01-23 22:15:19 ----A---- C:\WINDOWS\AviSplitter.INI
2011-01-21 15:42:48 ----D---- C:\Program Files\The KMPlayer
2011-01-13 10:47:32 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-01-12 00:01:21 ----D---- C:\Documents and Settings\CR\Data aplikací\Adobe
2011-01-10 12:22:25 ----D---- C:\Programy (zatimC)

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 d347bus;d347bus; C:\WINDOWS\System32\DRIVERS\d347bus.sys [2004-08-22 155136]
R0 d347prt;d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKslbc3d6c51;MpKslbc3d6c51; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C89E6DC9-C3D3-4616-BFC3-8094FEADA8EE}\MpKslbc3d6c51.sys []
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-12-10 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\drivers\btkrnl.sys [2007-12-10 879624]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-03-26 4713472]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-10-25 6864736]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2007-11-17 54016]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2007-11-17 22016]
R3 nvsmu;nvsmu; C:\WINDOWS\System32\DRIVERS\nvsmu.sys [2007-10-12 13312]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 MpKsl5f1177c7;MpKsl5f1177c7; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E1AE66FB-317A-4885-BEF5-BA32EDEF878D}\MpKsl5f1177c7.sys []
S1 MpKsl6d432b59;MpKsl6d432b59; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9B3E93C4-2143-4BFE-998C-B85A2713E03C}\MpKsl6d432b59.sys []
S1 MpKsl7c796186;MpKsl7c796186; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{295AFE2A-9ED4-4D0C-B133-30DBCDA77F6D}\MpKsl7c796186.sys []
S1 MpKsle52fc7ab;MpKsle52fc7ab; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{295AFE2A-9ED4-4D0C-B133-30DBCDA77F6D}\MpKsle52fc7ab.sys []
S2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-12-10 539512]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-12-10 156392]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-12-10 55352]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2007-12-10 37280]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-12-10 74688]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 PAC7302;PAC7302 VGA USB Camera; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
S3 pwdrvio;pwdrvio; \??\C:\WINDOWS\system32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\WINDOWS\system32\pwdspio.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-12-06 264800]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-10-25 155716]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-01-19 488960]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-12 136176]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 406016]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Roli]

Zdravím, tohle fixni v HJT :

R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloantoSoftwareManager] "C:\Program Files\Common Files\Cloanto\Software Manager\softmngr.exe" /s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)

HJT najdeš zde :

C:\Program Files\trend micro\CR.exe

Fix znamená že spustíš HJT

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj ICQ6Toolbar a jeden antivir nejlépe Microsoft Security Client.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[JohnnyM]

Udělal jsem vše,
+ omlouvám se, ale v HJT sem fixnul i položky Fullscrensavers.com snad jsem tím ničemu neuškodil

přikládám výpis z ComboFix a nové RSIT...

Mám dotaz, vadí že mám na kompu Avast free a MSE? Myslel jsem, že tyhle dva múžou vedle sebe existovat... že každý dělá přecjenom trochu jinou práci, ale poslední dobou se Avast stále ptá na soubory, které vypadají, že patří pod MSE..

Děkuji za rady, musím odběhnout, ale přijdu

[JohnnyM]

Logfile of random's system information tool 1.08 (written by random/random)
Run by CR at 2011-02-10 09:51:35
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 4 GB (11%) free of 37 GB
Total RAM: 1983 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:51:38, on 10.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\RSIT - začátek proti virům\RSIT.exe
C:\Program Files\trend micro\CR.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [SmartClock] C:\Program Files\SmartClock\SmartClock.exe /boot
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Startup: Beeline L2TP.lnk = ?
O4 - Global Startup: AutorunsDisabled
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Zobrazit originál - C:\Program Files\www.cproxy.com\original.htm
O8 - Extra context menu item: Zobrazit vše jako originál - C:\Program Files\www.cproxy.com\originalAll.htm
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{866BE9F6-F191-4718-9519-8808183D2497}: NameServer = 212.109.32.5 212.109.32.9
O17 - HKLM\System\CS1\Services\Tcpip\..\{10B998D5-AACC-4B56-9E87-1F22C1A769A5}: NameServer = 10.0.0.138,208.67.222.222
O17 - HKLM\System\CS3\Services\Tcpip\..\{10B998D5-AACC-4B56-9E87-1F22C1A769A5}: NameServer = 10.0.0.138,208.67.222.222
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 8748 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-01-27 381656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files\Seznam.cz\listicka.dll [2010-01-18 1414808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-06-09 552960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-10-25 8491008]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-03-26 16859136]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartClock"=C:\Program Files\SmartClock\SmartClock.exe [2003-04-26 880128]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AutorunsDisabled

C:\Documents and Settings\CR\Nabídka Start\Programy\Po spuštění
Beeline L2TP.lnk -

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"F:\PROGRAMY (noC)\PROHLÍŽEČE\OperaPortable1010\OperaPortable\opera10.exe"="F:\PROGRAMY (noC)\PROHLÍŽEČE\OperaPortable1010\OperaPortable\opera10.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"F:\PROGRAMY (noC)\Internetová komunikace\SkypePortable_4.1\SkypePortable\App\Skype\Phone\Skype.exe"="F:\PROGRAMY (noC)\Internetová komunikace\SkypePortable_4.1\SkypePortable\App\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"F:\Programy - P2P, RS, TOR, atd [HIDE F]\sdc2.21\StrongDC.exe"="F:\Programy - P2P, RS, TOR, atd [HIDE F]\sdc2.21\StrongDC.exe:*:Enabled:StrongDC++"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*:Disabled:LEXPPS.EXE"
"C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
"C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\www.cproxy.com\CPROXY.exe"="C:\Program Files\www.cproxy.com\CPROXY.exe:*:Enabled:CPROXY.com"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======List of files/folders created in the last 1 months======

2011-02-10 09:46:09 ----A---- C:\ComboFix.txt
2011-02-10 09:38:29 ----A---- C:\Boot.bak
2011-02-10 09:38:24 ----RASHD---- C:\cmdcons
2011-02-10 09:37:01 ----A---- C:\WINDOWS\zip.exe
2011-02-10 09:37:01 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-02-10 09:37:01 ----A---- C:\WINDOWS\SWSC.exe
2011-02-10 09:37:01 ----A---- C:\WINDOWS\SWREG.exe
2011-02-10 09:37:01 ----A---- C:\WINDOWS\sed.exe
2011-02-10 09:37:01 ----A---- C:\WINDOWS\PEV.exe
2011-02-10 09:37:01 ----A---- C:\WINDOWS\NIRCMD.exe
2011-02-10 09:37:01 ----A---- C:\WINDOWS\MBR.exe
2011-02-10 09:37:01 ----A---- C:\WINDOWS\grep.exe
2011-02-10 09:36:51 ----D---- C:\WINDOWS\ERDNT
2011-02-10 09:36:31 ----D---- C:\Qoobox
2011-02-09 19:04:23 ----D---- C:\Program Files\trend micro
2011-02-09 19:04:21 ----D---- C:\rsit
2011-02-09 18:59:53 ----D---- C:\RSIT - začátek proti virům
2011-02-05 23:36:38 ----A---- C:\WINDOWS\system32\kbdkor.dll
2011-02-05 23:36:38 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2011-02-05 23:36:38 ----A---- C:\WINDOWS\system32\kbd103.dll
2011-02-05 23:36:38 ----A---- C:\WINDOWS\system32\kbd101c.dll
2011-02-05 23:36:37 ----A---- C:\WINDOWS\system32\kbd101b.dll
2011-02-05 23:36:36 ----A---- C:\WINDOWS\system32\kbd106.dll
2011-01-29 22:50:44 ----D---- C:\Program Files\ConduitEngine
2011-01-29 22:50:44 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp
2011-01-29 22:49:48 ----D---- C:\Program Files\Conduit
2011-01-29 22:49:45 ----D---- C:\Program Files\fullscreensavers
2011-01-27 22:21:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\YoWindow
2011-01-27 21:58:16 ----D---- C:\Program Files\Common Files\xing shared
2011-01-27 21:58:02 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2011-01-27 21:57:53 ----A---- C:\WINDOWS\system32\pndx5032.dll
2011-01-27 21:57:53 ----A---- C:\WINDOWS\system32\pndx5016.dll
2011-01-27 21:57:45 ----D---- C:\Program Files\Real
2011-01-27 21:57:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Real
2011-01-27 21:57:35 ----D---- C:\Documents and Settings\CR\Data aplikací\Real
2011-01-27 14:52:14 ----D---- C:\WINDOWS\Temp9E5B73DA-959F-633C-4C65-A2AF835D24C0-Signatures
2011-01-27 14:52:03 ----D---- C:\Program Files\Microsoft Security Client
2011-01-27 09:22:06 ----D---- C:\Program Files\CCleaner
2011-01-21 20:45:33 ----D---- C:\Program Files\www.cproxy.com
2011-01-13 15:13:46 ----D---- C:\Program Files\SopCast
2011-01-12 00:10:37 ----A---- C:\WINDOWS\system32\trio_log.txt
2011-01-12 00:10:34 ----D---- C:\Program Files\W3i, LLC
2011-01-12 00:01:23 ----D---- C:\Documents and Settings\CR\Data aplikací\com.w3i.FlipToast
2011-01-12 00:01:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-01-12 00:01:14 ----D---- C:\Program Files\fliptoast
2011-01-12 00:01:12 ----D---- C:\Program Files\Adobe
2011-01-12 00:01:09 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-01-11 23:36:53 ----D---- C:\Program Files\FullScreensavers.com
2011-01-11 08:47:43 ----D---- C:\Program Files\Space Trip 3D Screensaver

======List of files/folders modified in the last 1 months======

2011-02-10 09:51:04 ----D---- C:\WINDOWS\Prefetch
2011-02-10 09:46:21 ----D---- C:\WINDOWS\Temp
2011-02-10 09:43:49 ----AD---- C:\WINDOWS
2011-02-10 09:43:49 ----A---- C:\WINDOWS\system.ini
2011-02-10 09:43:26 ----D---- C:\WINDOWS\system32\drivers\etc
2011-02-10 09:42:57 ----D---- C:\WINDOWS\system32
2011-02-10 09:41:20 ----D---- C:\WINDOWS\system32\drivers
2011-02-10 09:41:20 ----D---- C:\WINDOWS\AppPatch
2011-02-10 09:41:17 ----D---- C:\Program Files\Common Files
2011-02-10 09:38:29 ----RASH---- C:\boot.ini
2011-02-10 09:37:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-10 09:37:08 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-09 22:06:27 ----SHD---- C:\WINDOWS\Installer
2011-02-09 22:06:25 ----D---- C:\Config.Msi
2011-02-09 22:06:24 ----D---- C:\Program Files
2011-02-09 19:51:53 ----SD---- C:\WINDOWS\Tasks
2011-02-05 23:37:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-05 23:20:40 ----D---- C:\Documents and Settings\CR\Data aplikací\dvdcss
2011-02-05 00:09:02 ----A---- C:\WINDOWS\NeroDigital.ini
2011-02-01 14:51:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-31 18:53:32 ----D---- C:\Documents and Settings\CR\Data aplikací\Mozilla
2011-01-27 23:01:57 ----D---- C:\Program Files\Spyware Terminator
2011-01-27 22:01:28 ----D---- C:\Program Files\Mozilla Firefox
2011-01-27 21:57:52 ----A---- C:\WINDOWS\system32\pncrt.dll
2011-01-27 21:57:48 ----A---- C:\WINDOWS\system32\msvcr71.dll
2011-01-27 17:13:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-01-27 16:11:23 ----D---- C:\Documents and Settings\CR\Data aplikací\Spyware Terminator
2011-01-27 16:06:04 ----D---- C:\Program Files\Unlocker
2011-01-27 14:52:41 ----D---- C:\WINDOWS\inf
2011-01-27 14:51:50 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-01-27 14:46:44 ----D---- C:\WINDOWS\WinSxS
2011-01-27 13:24:54 ----SHD---- C:\System Volume Information
2011-01-27 13:16:50 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-01-27 09:40:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Tools
2011-01-27 09:26:50 ----D---- C:\WINDOWS\Debug
2011-01-25 12:13:15 ----A---- C:\WINDOWS\win.ini
2011-01-23 22:15:19 ----A---- C:\WINDOWS\AviSplitter.INI
2011-01-21 15:42:48 ----D---- C:\Program Files\The KMPlayer
2011-01-13 10:47:32 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-01-12 00:01:21 ----D---- C:\Documents and Settings\CR\Data aplikací\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 d347bus;d347bus; C:\WINDOWS\System32\DRIVERS\d347bus.sys [2004-08-22 155136]
R0 d347prt;d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKslbc3d6c51;MpKslbc3d6c51; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C89E6DC9-C3D3-4616-BFC3-8094FEADA8EE}\MpKslbc3d6c51.sys []
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-12-10 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\drivers\btkrnl.sys [2007-12-10 879624]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-03-26 4713472]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-10-25 6864736]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2007-11-17 54016]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2007-11-17 22016]
R3 nvsmu;nvsmu; C:\WINDOWS\System32\DRIVERS\nvsmu.sys [2007-10-12 13312]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 MpKsl5f1177c7;MpKsl5f1177c7; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E1AE66FB-317A-4885-BEF5-BA32EDEF878D}\MpKsl5f1177c7.sys []
S1 MpKsl6d432b59;MpKsl6d432b59; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9B3E93C4-2143-4BFE-998C-B85A2713E03C}\MpKsl6d432b59.sys []
S1 MpKsl7c796186;MpKsl7c796186; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{295AFE2A-9ED4-4D0C-B133-30DBCDA77F6D}\MpKsl7c796186.sys []
S1 MpKsle52fc7ab;MpKsle52fc7ab; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{295AFE2A-9ED4-4D0C-B133-30DBCDA77F6D}\MpKsle52fc7ab.sys []
S2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-12-10 539512]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-12-10 156392]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-12-10 55352]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2007-12-10 37280]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-12-10 74688]
S3 catchme;catchme; \??\C:\DOCUME~1\CR\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 mbr;mbr; \??\C:\ComboFix\mbr.sys []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 PAC7302;PAC7302 VGA USB Camera; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
S3 pwdrvio;pwdrvio; \??\C:\WINDOWS\system32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\WINDOWS\system32\pwdspio.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-12-06 264800]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-09 152984]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-10-25 155716]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-01-19 488960]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-12 136176]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 406016]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[JohnnyM]

ComboFix 11-02-09.03 - CR 10.02.2011 9:39.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1983.1351 [GMT 2:00]
Spuštěný z: c:\documents and settings\CR\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\CR\Data aplikací\.#
c:\documents and settings\CR\Data aplikací\.#\MBX@1324@3D4000.###
c:\documents and settings\CR\Data aplikací\.#\MBX@1324@3D4030.###
c:\windows\daemon.dll
c:\windows\ST6UNST.000
c:\windows\system32\office.exe
c:\windows\system32\Thumbs.db

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-10 do 2011-02-10 )))))))))))))))))))))))))))))))
.

2011-02-09 17:58 . 2011-02-09 17:58 28752 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C89E6DC9-C3D3-4616-BFC3-8094FEADA8EE}\MpKslbc3d6c51.sys
2011-02-09 17:57 . 2011-01-12 23:41 5890896 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C89E6DC9-C3D3-4616-BFC3-8094FEADA8EE}\mpengine.dll
2011-02-09 17:04 . 2011-02-10 07:21 -------- d-----w- c:\program files\trend micro
2011-02-09 17:04 . 2011-02-09 17:58 -------- d-----w- C:\rsit
2011-02-09 16:59 . 2011-02-09 17:00 -------- d-----w- C:\RSIT - začátek proti virům
2011-02-05 21:36 . 2001-08-18 04:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2011-02-05 21:36 . 2001-08-18 04:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2011-02-05 21:36 . 2001-08-18 04:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2011-02-05 21:36 . 2001-08-18 04:36 8192 ----a-w- c:\windows\system32\kbdkor.dll
2011-02-05 21:36 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2011-02-05 21:36 . 2001-08-17 20:55 6144 ----a-w- c:\windows\system32\kbd101c.dll
2011-02-05 21:36 . 2001-08-17 20:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2011-02-05 21:36 . 2001-08-17 20:55 5632 ----a-w- c:\windows\system32\kbd103.dll
2011-02-05 21:36 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2011-02-05 21:36 . 2001-08-17 20:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2011-02-05 21:36 . 2008-04-14 06:48 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2011-02-05 21:36 . 2008-04-14 06:48 6144 ----a-w- c:\windows\system32\kbd106.dll
2011-01-29 20:51 . 2008-07-19 07:55 23960598 ----a-w- c:\windows\Space Sunrise 3D.scr
2011-01-29 20:50 . 2011-01-29 20:50 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-01-29 20:49 . 2011-01-29 20:49 -------- d-----w- c:\documents and settings\CR\Local Settings\Data aplikací\Conduit
2011-01-29 20:49 . 2011-01-29 20:49 -------- d-----w- c:\program files\Conduit
2011-01-29 20:49 . 2011-01-30 12:09 -------- d-----w- c:\documents and settings\CR\Local Settings\Data aplikací\fullscreensavers
2011-01-29 20:49 . 2011-02-10 07:22 -------- d-----w- c:\program files\fullscreensavers
2011-01-27 21:12 . 2011-01-27 21:12 4992894 ----a-w- c:\windows\Matrix.scr
2011-01-27 20:21 . 2011-01-27 21:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\YoWindow
2011-01-27 19:58 . 2011-01-27 19:58 11776 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-01-27 19:58 . 2011-01-27 19:58 -------- d-----w- c:\program files\Common Files\xing shared
2011-01-27 19:58 . 2011-01-27 19:58 150712 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-01-27 19:57 . 2011-01-27 19:57 100864 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2011-01-27 19:57 . 2011-01-27 19:58 -------- d-----w- c:\program files\Real
2011-01-27 12:52 . 2011-01-27 12:52 -------- d-----w- c:\windows\Temp9E5B73DA-959F-633C-4C65-A2AF835D24C0-Signatures
2011-01-27 12:52 . 2011-01-27 12:54 -------- d-----w- c:\program files\Microsoft Security Client
2011-01-27 07:22 . 2011-02-10 07:32 -------- d-----w- c:\program files\CCleaner
2011-01-21 18:45 . 2011-01-21 18:47 -------- d-----w- c:\program files\www.cproxy.com
2011-01-13 13:13 . 2011-01-13 13:13 -------- d-----w- c:\program files\SopCast
2011-01-11 22:10 . 2011-01-11 22:10 -------- d-----w- c:\program files\W3i, LLC
2011-01-11 22:01 . 2011-01-11 22:06 -------- d-----w- c:\documents and settings\CR\Data aplikací\com.w3i.FlipToast
2011-01-11 22:01 . 2011-01-11 22:06 -------- d-----w- c:\program files\fliptoast
2011-01-11 22:01 . 2011-01-11 22:01 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-01-11 22:00 . 2011-01-11 22:00 -------- d-----w- c:\documents and settings\CR\Local Settings\Data aplikací\Adobe
2011-01-11 21:36 . 2011-01-11 21:36 -------- d-----w- c:\program files\FullScreensavers.com

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-27 19:57 . 2008-06-19 19:34 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-01-13 08:47 . 2010-12-15 21:26 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-12-15 21:26 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-12-15 21:26 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-12-15 21:26 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-12-15 21:26 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-12-15 21:26 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-12-15 21:26 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-12-15 21:26 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-12-15 21:26 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-12 23:41 . 2010-02-20 19:49 5890896 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-01-05 12:48 . 2011-01-05 12:49 1206272 ----a-w- c:\windows\TimeZone.scr
2010-12-06 20:54 . 2010-12-06 20:52 249856 ------w- c:\windows\Setup1.exe
2010-12-06 20:54 . 2010-12-06 20:52 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-11-21 23:07 . 2010-11-21 23:07 203576 ----a-w- c:\windows\system32\richtx32.ocx
2010-11-21 23:07 . 2010-11-21 23:07 124688 ----a-w- c:\windows\system32\mswinsck.ocx
2009-01-15 17:43 . 2009-01-15 17:43 339968 ----a-w- c:\program files\setup.OOo-3_0.exe
2009-01-15 17:43 . 2009-01-15 17:43 1821008 ----a-w- c:\program files\instmsiw.exe
2009-01-15 17:43 . 2009-01-15 17:43 1707856 ----a-w- c:\program files\instmsia.exe
2009-01-15 17:43 . 2009-01-15 17:43 9296384 ----a-w- c:\program files\openofficeorg30.msi
2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartClock"="c:\program files\SmartClock\SmartClock.exe" [2003-04-26 880128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-24 8491008]
"RTHDCPL"="RTHDCPL.EXE" [2008-03-26 16859136]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

c:\documents and settings\CR\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Beeline L2TP.lnk - [N/A]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\AutorunsDisabled
Bluetooth.lnk - c:\program files\Belkin\Bluetooth Software\BTTray.exe [N/A]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"f:\\PROGRAMY (noC)\\PROHLÍŽEČE\\OperaPortable1010\\OperaPortable\\opera10.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"f:\\PROGRAMY (noC)\\Internetová komunikace\\SkypePortable_4.1\\SkypePortable\\App\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"f:\\Programy - P2P, RS, TOR, atd [HIDE F]\\sdc2.21\\StrongDC.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\www.cproxy.com\\CPROXY.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [7.2.2009 22:16 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [7.2.2009 22:16 5248]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [15.12.2010 23:26 294608]
R1 MpKslbc3d6c51;MpKslbc3d6c51;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{C89E6DC9-C3D3-4616-BFC3-8094FEADA8EE}\MpKslbc3d6c51.sys [9.2.2011 19:58 28752]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [23.4.2007 13:03 82200]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [19.1.2010 0:38 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [15.12.2010 23:26 17744]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [12.7.2009 22:30 222456]
S1 MpKsl5f1177c7;MpKsl5f1177c7;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E1AE66FB-317A-4885-BEF5-BA32EDEF878D}\MpKsl5f1177c7.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E1AE66FB-317A-4885-BEF5-BA32EDEF878D}\MpKsl5f1177c7.sys [?]
S1 MpKsl6d432b59;MpKsl6d432b59;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9B3E93C4-2143-4BFE-998C-B85A2713E03C}\MpKsl6d432b59.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9B3E93C4-2143-4BFE-998C-B85A2713E03C}\MpKsl6d432b59.sys [?]
S1 MpKsl7c796186;MpKsl7c796186;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{295AFE2A-9ED4-4D0C-B133-30DBCDA77F6D}\MpKsl7c796186.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{295AFE2A-9ED4-4D0C-B133-30DBCDA77F6D}\MpKsl7c796186.sys [?]
S1 MpKsle52fc7ab;MpKsle52fc7ab;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{295AFE2A-9ED4-4D0C-B133-30DBCDA77F6D}\MpKsle52fc7ab.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{295AFE2A-9ED4-4D0C-B133-30DBCDA77F6D}\MpKsle52fc7ab.sys [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12.4.2010 10:17 136176]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [17.6.2010 1:19 406016]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [17.11.2009 21:33 16456]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [17.11.2009 21:33 11088]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - MPKSLBC3D6C51

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 17:02 114688 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Obsah adresáře 'Naplánované úlohy'

2011-02-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-12 08:17]

2011-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-12 08:17]

2011-02-09 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 10:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Envoyer a Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Zobrazit originál - c:\program files\www.cproxy.com\original.htm
IE: Zobrazit vše jako originál - c:\program files\www.cproxy.com\originalAll.htm
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: {866BE9F6-F191-4718-9519-8808183D2497} = 212.109.32.5 212.109.32.9
FF - ProfilePath - c:\documents and settings\CR\Data aplikací\Mozilla\Firefox\Profiles\mgqtx6b2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT329536&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - %profile%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: FireDownload: firedownload@mozilla.org - %profile%\extensions\firedownload@mozilla.org
FF - Ext: FireTorrent: firetorrent@radicalsoft.com - %profile%\extensions\firetorrent@radicalsoft.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Flash Video Downloader: artur.dubovoy@gmail.com - %profile%\extensions\artur.dubovoy@gmail.com
FF - Ext: FoxClocks: {d37dc5d0-431d-44e5-8c91-49419370caa1} - %profile%\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
FF - Ext: Organize Status Bar: {35106bca-6c78-48c7-ac28-56df30b51d2c} - %profile%\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2c}
FF - Ext: QuickPageZoom: {8FFE139B-90A7-4460-A972-9D2738997F6D} - %profile%\extensions\{8FFE139B-90A7-4460-A972-9D2738997F6D}
FF - Ext: 2 Pane Bookmarks: {FD61379B-066A-4afc-89DE-89FB24D907C2} - %profile%\extensions\{FD61379B-066A-4afc-89DE-89FB24D907C2}
FF - Ext: MultirowBookmarksToolbar: {FBF6D7FB-F305-4445-BB3D-FEF66579A033} - %profile%\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Save Complete: savecomplete@perlprogrammer.com - %profile%\extensions\savecomplete@perlprogrammer.com
FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF - Ext: MinimizeToTrayPlus: {de1b245c-de57-11da-ba2d-0050c2490048} - %profile%\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{FAE389D5-E97E-4ABD-8242-D9080C709167} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-10 09:43
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2011-02-10 09:46:09
ComboFix-quarantined-files.txt 2011-02-10 07:46

Před spuštěním: 4 138 029 056
Po spuštění: 4 151 664 640

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="MS Windows XP Home Edition (Disk C)" /fastdetect /NoExecute=AlwaysOff /sos
multi(0)disk(0)rdisk(0)partition(3)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - E492C7AC682B0ADDF8E519389B840282

[JohnnyM]

Vše již vypadá OK? --dííky předem

[Roli]

Dva antiviry na jednom PC nelze i když se zdá že každý dělá něco jiného.

To že jsi omylem fixnul nějaký toolbar se vůbec nic neděje.

Ještě ale fixni :

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')


Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File::  
c:\windows\system32\ConduitEngine.tmp

Folder::
c:\documents and settings\CR\Local Settings\Data aplikací\Conduit
c:\program files\Conduit
c:\program files\ICQ6Toolbar

Driver::
ICQ Service

FireFox::
FF - ProfilePath - c:\documents and settings\CR\Data aplikací\Mozilla\Firefox\Profiles\mgqtx6b2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[JohnnyM]

Díky Roli, ..tady je ten log co vypadl poté z Combofix;
-----------------
ComboFix 11-02-09.03 - CR 13.02.2011 0:46.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1983.1482 [GMT 2:00]
Spuštěný z: c:\documents and settings\CR\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\CR\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}

FILE ::
"c:\windows\system32\ConduitEngine.tmp"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\CR\Local Settings\Data aplikací\Conduit
c:\documents and settings\CR\Local Settings\Data aplikací\Conduit\Community Alerts\LanguagePacks\en.xml
c:\documents and settings\CR\Local Settings\Data aplikací\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=en&browserType=IE&toolbarVersion=5_7_2_2.xml
c:\documents and settings\CR\Local Settings\Data aplikací\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=en&browserType=IE&toolbarVersion=6_2_2_4.xml
c:\program files\Conduit
c:\program files\Conduit\Community Alerts\Alert.dll
c:\program files\Conduit\Community Alerts\Alert0.dll
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\windows\system32\ConduitEngine.tmp

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ICQ_SERVICE
-------\Service_ICQ Service


((((((((((((((((((((((((( Soubory vytvořené od 2011-01-12 do 2011-02-12 )))))))))))))))))))))))))))))))
.

2011-02-11 21:39 . 2011-02-11 21:39 119808 ----a-w- c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
2011-02-09 17:04 . 2011-02-12 22:36 -------- d-----w- c:\program files\trend micro
2011-02-09 17:04 . 2011-02-09 17:58 -------- d-----w- C:\rsit
2011-02-09 16:59 . 2011-02-09 17:00 -------- d-----w- C:\RSIT - začátek proti virům
2011-02-05 21:36 . 2001-08-18 04:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2011-02-05 21:36 . 2001-08-18 04:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2011-02-05 21:36 . 2001-08-18 04:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2011-02-05 21:36 . 2001-08-18 04:36 8192 ----a-w- c:\windows\system32\kbdkor.dll
2011-02-05 21:36 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2011-02-05 21:36 . 2001-08-17 20:55 6144 ----a-w- c:\windows\system32\kbd101c.dll
2011-02-05 21:36 . 2001-08-17 20:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2011-02-05 21:36 . 2001-08-17 20:55 5632 ----a-w- c:\windows\system32\kbd103.dll
2011-02-05 21:36 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2011-02-05 21:36 . 2001-08-17 20:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2011-02-05 21:36 . 2008-04-14 06:48 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2011-02-05 21:36 . 2008-04-14 06:48 6144 ----a-w- c:\windows\system32\kbd106.dll
2011-01-29 20:51 . 2008-07-19 07:55 23960598 ----a-w- c:\windows\Space Sunrise 3D.scr
2011-01-29 20:50 . 2011-01-30 12:09 -------- d-----w- c:\documents and settings\CR\Local Settings\Data aplikací\ConduitEngine
2011-01-29 20:50 . 2011-02-10 07:22 -------- d-----w- c:\program files\ConduitEngine
2011-01-29 20:49 . 2011-01-30 12:09 -------- d-----w- c:\documents and settings\CR\Local Settings\Data aplikací\fullscreensavers
2011-01-29 20:49 . 2011-02-10 07:22 -------- d-----w- c:\program files\fullscreensavers
2011-01-27 21:12 . 2011-01-27 21:12 4992894 ----a-w- c:\windows\Matrix.scr
2011-01-27 20:21 . 2011-01-27 21:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\YoWindow
2011-01-27 19:58 . 2011-01-27 19:58 11776 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-01-27 19:58 . 2011-01-27 19:58 -------- d-----w- c:\program files\Common Files\xing shared
2011-01-27 19:58 . 2011-01-27 19:58 150712 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-01-27 19:57 . 2011-01-27 19:57 100864 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2011-01-27 19:57 . 2011-01-27 19:58 -------- d-----w- c:\program files\Real
2011-01-27 12:52 . 2011-01-27 12:52 -------- d-----w- c:\windows\Temp9E5B73DA-959F-633C-4C65-A2AF835D24C0-Signatures
2011-01-27 07:22 . 2011-02-10 07:32 -------- d-----w- c:\program files\CCleaner
2011-01-21 18:45 . 2011-01-21 18:47 -------- d-----w- c:\program files\www.cproxy.com

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-27 19:57 . 2008-06-19 19:34 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-01-13 08:47 . 2010-12-15 21:26 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-12-15 21:26 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-12-15 21:26 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-12-15 21:26 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-12-15 21:26 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-12-15 21:26 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-12-15 21:26 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-12-15 21:26 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-12-15 21:26 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-01-05 12:48 . 2011-01-05 12:49 1206272 ----a-w- c:\windows\TimeZone.scr
2010-12-06 20:54 . 2010-12-06 20:52 249856 ------w- c:\windows\Setup1.exe
2010-12-06 20:54 . 2010-12-06 20:52 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-11-21 23:07 . 2010-11-21 23:07 203576 ----a-w- c:\windows\system32\richtx32.ocx
2010-11-21 23:07 . 2010-11-21 23:07 124688 ----a-w- c:\windows\system32\mswinsck.ocx
2009-01-15 17:43 . 2009-01-15 17:43 339968 ----a-w- c:\program files\setup.OOo-3_0.exe
2009-01-15 17:43 . 2009-01-15 17:43 1821008 ----a-w- c:\program files\instmsiw.exe
2009-01-15 17:43 . 2009-01-15 17:43 1707856 ----a-w- c:\program files\instmsia.exe
2009-01-15 17:43 . 2009-01-15 17:43 9296384 ----a-w- c:\program files\openofficeorg30.msi
2011-02-11 21:39 . 2011-02-11 21:39 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll
.

((((((((((((((((((((((((((((( SnapShot@2011-02-10_07.43.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-02-18 18:12 . 2011-02-12 22:52 32768 c:\windows\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-18 18:12 . 2011-02-09 17:47 32768 c:\windows\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2011-02-12 22:52 . 2011-02-12 22:52 16384 c:\windows\Temp\Perflib_Perfdata_1ec.dat
+ 2011-02-12 22:31 . 2011-02-12 22:52 32768 c:\windows\Temp\History\History.IE5\MSHist012011021320110214\index.dat
+ 2009-02-18 18:12 . 2011-02-12 22:52 65536 c:\windows\Temp\History\History.IE5\index.dat
- 2009-02-18 18:12 . 2011-02-09 17:47 65536 c:\windows\Temp\History\History.IE5\index.dat
+ 2009-02-18 18:12 . 2011-02-12 22:52 16384 c:\windows\Temp\Cookies\index.dat
- 2009-02-18 18:12 . 2011-02-09 17:47 16384 c:\windows\Temp\Cookies\index.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartClock"="c:\program files\SmartClock\SmartClock.exe" [2003-04-26 880128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-24 8491008]
"RTHDCPL"="RTHDCPL.EXE" [2008-03-26 16859136]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-02-11 30192]

c:\documents and settings\CR\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Beeline L2TP.lnk - [N/A]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\AutorunsDisabled
Bluetooth.lnk - c:\program files\Belkin\Bluetooth Software\BTTray.exe [N/A]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"f:\\PROGRAMY (noC)\\PROHLÍŽEČE\\OperaPortable1010\\OperaPortable\\opera10.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"f:\\PROGRAMY (noC)\\Internetová komunikace\\SkypePortable_4.1\\SkypePortable\\App\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"f:\\Programy - P2P, RS, TOR, atd [HIDE F]\\sdc2.21\\StrongDC.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"c:\\Program Files\\SopCast\\SopCast.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\www.cproxy.com\\CPROXY.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [7.2.2009 22:16 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [7.2.2009 22:16 5248]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [15.12.2010 23:26 294608]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [23.4.2007 13:03 82200]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [19.1.2010 0:38 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [15.12.2010 23:26 17744]
S1 MpKsl5f1177c7;MpKsl5f1177c7;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E1AE66FB-317A-4885-BEF5-BA32EDEF878D}\MpKsl5f1177c7.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E1AE66FB-317A-4885-BEF5-BA32EDEF878D}\MpKsl5f1177c7.sys [?]
S1 MpKsl6d432b59;MpKsl6d432b59;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9B3E93C4-2143-4BFE-998C-B85A2713E03C}\MpKsl6d432b59.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{9B3E93C4-2143-4BFE-998C-B85A2713E03C}\MpKsl6d432b59.sys [?]
S1 MpKsl7c796186;MpKsl7c796186;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{295AFE2A-9ED4-4D0C-B133-30DBCDA77F6D}\MpKsl7c796186.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{295AFE2A-9ED4-4D0C-B133-30DBCDA77F6D}\MpKsl7c796186.sys [?]
S1 MpKsle52fc7ab;MpKsle52fc7ab;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{295AFE2A-9ED4-4D0C-B133-30DBCDA77F6D}\MpKsle52fc7ab.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{295AFE2A-9ED4-4D0C-B133-30DBCDA77F6D}\MpKsle52fc7ab.sys [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12.4.2010 10:17 136176]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [17.6.2010 1:19 406016]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [11.2.2011 23:38 30192]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [17.11.2009 21:33 16456]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [17.11.2009 21:33 11088]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 17:02 114688 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Obsah adresáře 'Naplánované úlohy'

2011-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-12 08:17]

2011-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-12 08:17]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Envoyer a Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Zobrazit originál - c:\program files\www.cproxy.com\original.htm
IE: Zobrazit vše jako originál - c:\program files\www.cproxy.com\originalAll.htm
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
FF - ProfilePath - c:\documents and settings\CR\Data aplikací\Mozilla\Firefox\Profiles\mgqtx6b2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - %profile%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: FireDownload: firedownload@mozilla.org - %profile%\extensions\firedownload@mozilla.org
FF - Ext: FireTorrent: firetorrent@radicalsoft.com - %profile%\extensions\firetorrent@radicalsoft.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Flash Video Downloader: artur.dubovoy@gmail.com - %profile%\extensions\artur.dubovoy@gmail.com
FF - Ext: FoxClocks: {d37dc5d0-431d-44e5-8c91-49419370caa1} - %profile%\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
FF - Ext: Organize Status Bar: {35106bca-6c78-48c7-ac28-56df30b51d2c} - %profile%\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2c}
FF - Ext: QuickPageZoom: {8FFE139B-90A7-4460-A972-9D2738997F6D} - %profile%\extensions\{8FFE139B-90A7-4460-A972-9D2738997F6D}
FF - Ext: 2 Pane Bookmarks: {FD61379B-066A-4afc-89DE-89FB24D907C2} - %profile%\extensions\{FD61379B-066A-4afc-89DE-89FB24D907C2}
FF - Ext: MultirowBookmarksToolbar: {FBF6D7FB-F305-4445-BB3D-FEF66579A033} - %profile%\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Save Complete: savecomplete@perlprogrammer.com - %profile%\extensions\savecomplete@perlprogrammer.com
FF - Ext: Flashblock: {3d7eb24f-2740-49df-8937-200b1cc08f8a} - %profile%\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
FF - Ext: MinimizeToTrayPlus: {de1b245c-de57-11da-ba2d-0050c2490048} - %profile%\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-13 00:52
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(1640)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\NetLimiter 2 Pro\nlsvc.exe
c:\windows\System32\nvsvc32.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\wscntfy.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\program files\NetLimiter 2 Pro\NLClient.exe
c:\windows\RTHDCPL.EXE
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\progra~1\MICROS~2\rapimgr.exe
.
**************************************************************************
.
Celkový čas: 2011-02-13 00:57:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-12 22:57
ComboFix2.txt 2011-02-12 22:36
ComboFix3.txt 2011-02-10 07:46

Před spuštěním: 4 888 358 912
Po spuštění: 4 860 370 944

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 16C8A39CF830BFBF5356C0124CCD668B

[Roli]

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Pak dej vědět jaký je stav PC.

[JohnnyM]

Omluva, delší dobu jsem nebyl...
To udělám.
Jinak, mám pocit že mi občas běží nějaké indexování souborů v PC, prostě "Nelze přesunout soubor", podívám se Unlockerem, ten nic neříká, zkusím přenos znova a jde to. Nebo přes Unlocker druhá možnost, a přesun se podaří taktéž.
Nedávno jsem nainstalil Google sidebar, ale takovýhle všelijaký featury jsem se snažil na stránce s nastavením i v Nastavení kompletně povypínat.
Já jenom za těch pár šikovnejch aplikací hezky po ruce zkouším zvyknout na takový sidebar... a řekl bych, že tohle se mi občas stalo i před instalací Google sidebaru... no, to nic ) jenom sem napsal, co to dělá někdy, když v kompu moc uklízím--- přesouvám a mažu.
Zdravím

a díííky

[Roli]

Ano nějaký toolbar je možná šikovný, ale nikdo si neuvědomí co dělá krom toho že by měl usnadnit práci.

Osobně jsem proti jakémukoliv toolbaru.

Pokud běží klasické systémové indexování tak při jakékoliv jiné činnosti ustane.

Jinak nemáš zač.