VIRY.CZ

Takze jsem trochu stagnoval protoze mel proble se znovuspustenim toho Combofixu.
Ale nakonec jsem jej precejenom spustil po novem jeho nainstalovani.
Zrejme po zakonceni jeho procesovani se podarilo problem s tim explorererm vyresit aspon
tak ze po startu Skypu jiz nenabehne se spotrebou procesoru.
Novy log z combofixu po teto korekture nize:

ComboFix 10-07-31.01 - Libor 31.07.2010 17:51:39.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1035 [GMT 0:00]
Spuštěný z: c:\documents and settings\Libor\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
ADS - drivers: deleted 204 bytes in 1 streams.

((((((((((((((((((((((((( Soubory vytvořené od 2010-06-28 do 2010-07-31 )))))))))))))))))))))))))))))))
.

2010-07-31 16:20 . 2010-07-31 16:20 -------- d-----w- c:\program files\Common Files\Skype
2010-07-31 16:20 . 2010-07-31 16:20 -------- d-----r- c:\program files\Skype
2010-07-31 13:23 . 2010-07-31 13:25 -------- d-----w- c:\program files\Unlocker
2010-07-30 11:59 . 2010-07-30 13:34 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-07-29 19:08 . 2010-07-29 19:08 -------- d-----w- c:\windows\system32\AppData
2010-07-29 19:06 . 2010-07-29 19:49 -------- d-----w- c:\program files\All in one Cleaner
2010-07-29 19:06 . 2002-03-01 17:58 50688 ----a-w- c:\windows\system32\wbhelp2.dll
2010-07-29 19:06 . 2002-03-01 17:58 28160 ----a-w- c:\windows\system32\anim.dll
2010-07-29 15:24 . 2010-07-29 15:24 -------- d-----w- C:\Process_Explorer
2010-07-24 14:07 . 2010-07-27 14:47 -------- d-----w- C:\ZZZZZZZZ
2010-07-23 18:56 . 2010-07-23 19:03 -------- d-----w- c:\program files\Common Files\Ahead
2010-07-23 15:29 . 2010-07-23 15:29 3208 ----a-w- c:\windows\im32st.dat
2010-07-23 13:51 . 2010-07-23 13:51 -------- d-----w- c:\program files\PJsoft
2010-07-23 13:35 . 2010-07-23 13:35 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-07-23 11:48 . 2010-07-27 22:39 -------- d-----w- c:\program files\trend micro
2010-07-23 11:47 . 2010-07-27 22:42 -------- d-----w- C:\rsit
2010-07-19 21:36 . 2010-07-19 21:36 -------- d-----w- c:\program files\Photo!
2010-07-19 20:50 . 2010-07-29 19:36 -------- d-----w- C:\Microsoft Photo Editor
2010-07-19 12:19 . 2010-07-19 15:23 -------- d-----w- c:\program files\KillSoft
2010-07-17 19:25 . 2010-07-17 19:25 -------- d-----w- c:\program files\GiPo@Utilities
2010-07-17 19:25 . 2010-07-17 19:25 -------- d-----w- c:\program files\Common Files\Gibinsoft Shared
2010-07-15 16:32 . 2010-07-15 16:32 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-15 16:32 . 2010-07-15 16:32 420192 ----a-w- c:\temp\fixcfg.exe
2010-07-14 19:58 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-12 19:25 . 2010-07-30 11:26 -------- d-----w- c:\program files\Security Task Manager
2010-07-10 16:51 . 2010-07-10 16:51 -------- d-----w- c:\program files\4Easysoft Studio

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-31 17:20 . 2001-10-13 13:11 78 ----a-w- c:\windows\battery.dat
2010-07-31 16:21 . 2001-10-25 14:00 601192 ----a-w- c:\windows\system32\perfh005.dat
2010-07-31 16:21 . 2001-10-25 14:00 143322 ----a-w- c:\windows\system32\perfc005.dat
2010-07-30 12:59 . 2010-07-30 13:06 4804096 ----a-w- c:\windows\Internet Logs\xDB2B7.tmp
2010-07-30 11:26 . 2010-04-15 15:12 -------- d-----w- c:\program files\PHPRunner4.2
2010-07-30 01:18 . 2010-07-30 10:58 4813824 ----a-w- c:\windows\Internet Logs\xDB2B6.tmp
2010-07-29 21:01 . 2008-09-17 13:18 -------- d-----w- c:\program files\ShowIP
2010-07-29 19:37 . 2009-03-06 02:09 -------- d-----w- c:\program files\TC UP
2010-07-29 19:37 . 2008-08-11 17:58 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-07-29 19:37 . 2010-03-17 14:12 -------- d-----w- c:\program files\ImageConverter Plus
2010-07-29 15:51 . 2010-07-29 16:50 54272 ----a-w- c:\windows\Internet Logs\xDB2B9.tmp
2010-07-29 15:50 . 2010-07-29 16:50 4795904 ----a-w- c:\windows\Internet Logs\xDB2B5.tmp
2010-07-29 11:27 . 2010-07-29 11:34 4794368 ----a-w- c:\windows\Internet Logs\xDB2B2.tmp
2010-07-29 11:27 . 2010-07-29 11:34 118784 ----a-w- c:\windows\Internet Logs\xDB2B4.tmp
2010-07-29 04:15 . 2010-07-29 11:16 4800512 ----a-w- c:\windows\Internet Logs\xDB2B1.tmp
2010-07-28 21:47 . 2010-07-28 21:55 4807168 ----a-w- c:\windows\Internet Logs\xDB2B0.tmp
2010-07-28 14:05 . 2010-07-28 14:17 2664448 ----a-w- c:\windows\Internet Logs\xDB2B3.tmp
2010-07-28 14:05 . 2010-07-28 14:16 4794880 ----a-w- c:\windows\Internet Logs\xDB2AF.tmp
2010-07-28 11:03 . 2010-07-28 11:11 4795392 ----a-w- c:\windows\Internet Logs\xDB2AE.tmp
2010-07-27 22:45 . 2010-07-27 23:00 4797440 ----a-w- c:\windows\Internet Logs\xDB2AD.tmp
2010-07-27 13:45 . 2010-07-27 14:54 4794368 ----a-w- c:\windows\Internet Logs\xDB2AC.tmp
2010-07-26 23:09 . 2010-07-27 12:04 4809728 ----a-w- c:\windows\Internet Logs\xDB2AB.tmp
2010-07-26 00:00 . 2010-07-26 11:15 4795904 ----a-w- c:\windows\Internet Logs\xDB2AA.tmp
2010-07-24 23:45 . 2010-07-24 23:56 4795904 ----a-w- c:\windows\Internet Logs\xDB2A9.tmp
2010-07-24 21:53 . 2008-08-13 14:03 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-21 18:49 . 2010-07-21 19:52 4780544 ----a-w- c:\windows\Internet Logs\xDB2A8.tmp
2010-07-20 18:07 . 2010-07-20 19:55 4778496 ----a-w- c:\windows\Internet Logs\xDB2A7.tmp
2010-07-19 23:37 . 2010-07-20 11:21 4780544 ----a-w- c:\windows\Internet Logs\xDB2A6.tmp
2010-07-19 16:45 . 2010-07-19 19:40 4771840 ----a-w- c:\windows\Internet Logs\xDB2A5.tmp
2010-07-19 15:19 . 2010-07-19 15:29 4813824 ----a-w- c:\windows\Internet Logs\xDB2A4.tmp
2010-07-19 01:05 . 2010-07-19 11:02 4774400 ----a-w- c:\windows\Internet Logs\xDB2A3.tmp
2010-07-18 17:06 . 2010-07-18 20:46 4771840 ----a-w- c:\windows\Internet Logs\xDB2A2.tmp
2010-07-18 01:34 . 2010-07-18 12:10 4773376 ----a-w- c:\windows\Internet Logs\xDB2A1.tmp
2010-07-17 18:16 . 2010-07-17 18:28 4775936 ----a-w- c:\windows\Internet Logs\xDB2A0.tmp
2010-07-15 16:33 . 2008-08-11 15:05 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-15 16:27 . 2008-08-11 15:05 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-15 15:45 . 2010-07-15 16:01 4759552 ----a-w- c:\windows\Internet Logs\xDB29F.tmp
2010-07-15 02:48 . 2010-07-15 12:21 4754432 ----a-w- c:\windows\Internet Logs\xDB29E.tmp
2010-07-14 20:39 . 2010-07-14 20:52 4755968 ----a-w- c:\windows\Internet Logs\xDB29D.tmp
2010-07-13 23:25 . 2010-07-13 23:38 4762112 ----a-w- c:\windows\Internet Logs\xDB29C.tmp
2010-07-13 20:45 . 2010-07-13 21:01 4756992 ----a-w- c:\windows\Internet Logs\xDB29B.tmp
2010-07-13 15:28 . 2010-07-13 15:42 4756992 ----a-w- c:\windows\Internet Logs\xDB29A.tmp
2010-07-13 12:52 . 2010-04-19 16:48 -------- d-----w- c:\program files\FreeCall.com
2010-07-12 20:12 . 2010-07-12 20:29 4731392 ----a-w- c:\windows\Internet Logs\xDB299.tmp
2010-07-12 20:03 . 2010-04-19 19:16 -------- d-----w- c:\program files\TV IR
2010-07-12 16:08 . 2010-07-12 18:38 4670976 ----a-w- c:\windows\Internet Logs\xDB298.tmp
2010-07-11 21:08 . 2010-07-11 21:42 4732928 ----a-w- c:\windows\Internet Logs\xDB297.tmp
2010-07-10 23:47 . 2010-07-11 11:55 4726784 ----a-w- c:\windows\Internet Logs\xDB296.tmp
2010-07-09 23:40 . 2010-07-10 11:49 4730880 ----a-w- c:\windows\Internet Logs\xDB295.tmp
2010-07-09 20:54 . 2008-08-13 12:23 -------- d-----w- c:\program files\Pidgin
2010-07-09 12:32 . 2010-07-09 12:49 4657664 ----a-w- c:\windows\Internet Logs\xDB294.tmp
2010-07-08 12:01 . 2010-07-08 15:02 4650496 ----a-w- c:\windows\Internet Logs\xDB293.tmp
2010-07-07 22:28 . 2010-07-07 22:40 4659712 ----a-w- c:\windows\Internet Logs\xDB291.tmp
2010-07-06 16:57 . 2010-07-06 21:43 2962432 ----a-w- c:\windows\Internet Logs\xDB292.tmp
2010-07-06 16:55 . 2010-07-06 21:42 4644352 ----a-w- c:\windows\Internet Logs\xDB290.tmp
2010-07-05 17:13 . 2010-07-05 17:30 4643840 ----a-w- c:\windows\Internet Logs\xDB28F.tmp
2010-07-05 00:55 . 2010-07-05 11:24 4653056 ----a-w- c:\windows\Internet Logs\xDB28E.tmp
2010-07-04 17:08 . 2010-07-04 17:18 4682752 ----a-w- c:\windows\Internet Logs\xDB28D.tmp
2010-07-03 23:39 . 2010-07-04 12:10 4642816 ----a-w- c:\windows\Internet Logs\xDB28C.tmp
2010-07-02 23:56 . 2010-07-03 12:31 4680704 ----a-w- c:\windows\Internet Logs\xDB28B.tmp
2010-07-02 20:55 . 2008-09-12 18:54 -------- d-----w- c:\program files\Common Files\Merge Modules
2010-07-01 12:09 . 2010-07-02 11:57 4407808 ----a-w- c:\windows\Internet Logs\xDB28A.tmp
2010-07-01 05:55 . 2010-07-01 06:04 5166080 ----a-w- c:\windows\Internet Logs\xDB289.tmp
2010-06-30 22:10 . 2010-06-30 22:10 -------- d-----w- c:\program files\Microsoft Device Emulator
2010-06-30 22:10 . 2010-06-30 21:55 -------- d-----w- c:\program files\Windows Mobile 6 SDK
2010-06-30 20:58 . 2010-06-30 21:08 4463104 ----a-w- c:\windows\Internet Logs\xDB288.tmp
2010-06-30 20:04 . 2008-11-25 12:12 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2010-06-30 15:10 . 2010-06-30 15:10 -------- d-----w- c:\program files\CE Remote Tools
2010-06-30 15:06 . 2008-11-25 12:26 -------- d-----w- c:\program files\Microsoft Web Designer Tools
2010-06-29 13:36 . 2010-06-29 15:12 4258816 ----a-w- c:\windows\Internet Logs\xDB287.tmp
2010-06-28 23:48 . 2010-06-29 12:27 4762112 ----a-w- c:\windows\Internet Logs\xDB286.tmp
2010-06-28 22:10 . 2010-06-28 20:56 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2010-06-28 22:04 . 2008-10-18 22:19 -------- d-----w- c:\program files\MSBuild
2010-06-28 22:01 . 2008-08-27 17:51 -------- d-----w- c:\program files\Microsoft SDKs
2010-06-28 21:55 . 2010-06-28 21:55 -------- d-----w- c:\program files\Microsoft ASP.NET
2010-06-28 21:54 . 2010-06-28 21:54 -------- d-----w- c:\program files\IIS
2010-06-28 21:33 . 2010-06-28 20:56 -------- d-----w- c:\program files\Microsoft F#
2010-06-28 21:12 . 2010-06-28 20:56 -------- d-----w- c:\program files\HTML Help Workshop
2010-06-28 20:56 . 2010-06-28 20:56 -------- d-----w- c:\program files\Microsoft Help Viewer
2010-06-28 05:34 . 2010-06-28 11:50 1699840 ----a-w- c:\windows\Internet Logs\xDB285.tmp
2010-06-28 05:32 . 2010-06-28 11:50 4527104 ----a-w- c:\windows\Internet Logs\xDB284.tmp
2010-06-26 17:52 . 2010-06-26 19:32 4248064 ----a-w- c:\windows\Internet Logs\xDB282.tmp
2010-06-25 22:40 . 2010-06-25 23:17 1841152 ----a-w- c:\windows\Internet Logs\xDB283.tmp
2010-06-25 22:39 . 2010-06-25 23:17 4249088 ----a-w- c:\windows\Internet Logs\xDB281.tmp
2010-06-24 23:01 . 2010-06-24 23:01 -------- d-----w- c:\program files\CoffeeCup Software
2010-06-24 22:21 . 2010-06-24 22:21 -------- d-----w- c:\program files\Microangelo Toolset 6
2010-06-24 21:44 . 2008-08-11 14:07 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-23 17:55 . 2010-06-23 21:17 4230144 ----a-w- c:\windows\Internet Logs\xDB280.tmp
2010-06-22 23:56 . 2010-06-23 11:33 716800 ----a-w- c:\windows\Internet Logs\xDB27F.tmp
2010-06-22 23:55 . 2010-06-23 11:33 4217344 ----a-w- c:\windows\Internet Logs\xDB27D.tmp
2010-06-22 19:15 . 2009-04-24 20:21 -------- d-----w- c:\program files\SoundGen
2010-06-22 04:19 . 2010-06-22 12:24 789504 ----a-w- c:\windows\Internet Logs\xDB27E.tmp
2010-06-22 04:19 . 2010-06-22 12:24 4219904 ----a-w- c:\windows\Internet Logs\xDB27C.tmp
2010-06-21 13:16 . 2010-06-21 14:59 4236288 ----a-w- c:\windows\Internet Logs\xDB27A.tmp
2010-06-20 04:28 . 2010-06-20 12:28 898560 ----a-w- c:\windows\Internet Logs\xDB27B.tmp
2010-06-20 04:28 . 2010-06-20 12:27 4225024 ----a-w- c:\windows\Internet Logs\xDB279.tmp
2010-06-18 20:40 . 2010-06-18 20:40 -------- d-----w- c:\program files\geniatech
2010-06-18 20:15 . 2010-06-18 20:22 4210688 ----a-w- c:\windows\Internet Logs\xDB278.tmp
2010-06-18 15:53 . 2010-06-18 16:03 4211200 ----a-w- c:\windows\Internet Logs\xDB277.tmp
2010-06-18 00:16 . 2010-06-18 12:34 4212224 ----a-w- c:\windows\Internet Logs\xDB276.tmp
2006-01-23 10:32 . 2006-01-23 10:32 131072 ------w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2006-06-07 14:40 . 2006-06-07 14:40 132848 ------w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ------w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ------w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2002-07-31 19:55 . 2010-06-24 23:05 106 --sh--w- c:\windows\WSYS049.SYS
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
"{f3738b89-7a4e-41df-ac24-bf192e9e5465}"= "c:\program files\Fleshlight_Free_Porn\tbFle1.dll" [2010-07-05 2515552]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_CLASSES_ROOT\clsid\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 13:02 1230080 ------w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]
2010-07-05 11:31 2515552 ----a-w- c:\program files\Fleshlight_Free_Porn\tbFle1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
"{f3738b89-7a4e-41df-ac24-bf192e9e5465}"= "c:\program files\Fleshlight_Free_Porn\tbFle1.dll" [2010-07-05 2515552]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
"{F3738B89-7A4E-41DF-AC24-BF192E9E5465}"= "c:\program files\Fleshlight_Free_Porn\tbFle1.dll" [2010-07-05 2515552]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-02-22 217544]
"Active Desktop Calendar"="c:\program files\XemiComputers\Active Desktop Calendar\ADC.exe" [2008-11-05 4478464]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2009-12-21 818288]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-07-02 2347216]
"FreeCall"="c:\program files\FreeCall.com\FreeCall\FreeCall.exe" [2010-07-15 10788656]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-30 761946]
"SMSERIAL"="c:\windows\sm56hlpr.exe" [2006-06-30 565248]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]
"Zone Labs Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2004-11-28 902432]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-04-14 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-04-14 602182]
"EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2006-04-14 569413]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-01-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-01-19 458752]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-13 16239616]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-15 2065760]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bitmeter2.lnk - c:\program files\Codebox\BitMeter\BitMeter2.exe [2008-11-1 1462272]
Dataviz Messenger.lnk - c:\windows\DvzCommon\DvzMsgr.exe [2003-7-1 24576]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2010-05-26 10:47 335136 ----a-w- c:\program files\GbPlugin\gbieh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-15 16:32 12536 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Palm\\HOTSYNC.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1128:TCP"= 1128:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [29.5.2010 12:17 45472]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [11.8.2008 15:05 216400]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [11.8.2008 15:05 243024]
R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [13.1.2006 13:00 15872]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [8.1.2010 0:51 380928]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [15.7.2010 16:28 921952]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [15.7.2010 16:32 308136]
R2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [29.5.2010 12:17 55072]
R2 HRD RemoteSvr;Ham Radio Deluxe Remote Server;c:\program files\Amateur Radio\Ham Radio Deluxe\HRDRemoteSvr.exe [28.9.2008 15:26 192512]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [16.12.2009 10:09 188736]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [16.12.2009 10:11 65856]
R3 U6652SRV;U6652 USB;c:\windows\system32\drivers\U6652.sys [9.3.2009 17:34 199040]
R3 xpvcom;XPVCOM Port;c:\windows\system32\drivers\XPVCOM.sys [23.3.2007 2:00 30032]
S2 Ca533av;Icatch(IV) Video Camera Device;c:\windows\system32\drivers\Ca533av.sys [19.1.2009 12:13 515803]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 fxyia;Installer Boot;c:\windows\system32\svchost.exe -k netsvcs [11.8.2008 12:57 14336]
S2 gupdate1ca977fe6707190;Služba Google Update (gupdate1ca977fe6707190);c:\program files\Google\Update\GoogleUpdate.exe [17.1.2010 14:18 133104]
S3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM);c:\windows\system32\drivers\averhbtv.sys [6.1.2009 0:46 283648]
S3 usb2vcom;Nokia CA-42 USB;c:\windows\system32\drivers\usb2vcom.sys [14.1.2009 16:54 29152]
S3 Usblink;Usblink Driver;c:\windows\system32\drivers\ulink.sys [13.8.2008 18:58 37708]
S3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [8.12.2009 21:24 48128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S3 ZSMC302;VIMICRO USB PC Camera;c:\windows\system32\drivers\usbVM31b.sys [13.8.2008 18:31 90568]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [11.7.2008 0:28 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10.7.2008 2:49 242712]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [22.8.2008 13:40 716272]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [11.7.2008 0:28 369688]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
fxyia
.
Obsah adresáře 'Naplánované úlohy'

2010-07-31 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]

2010-07-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2010-07-31 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-05-24 14:11]

2010-07-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-17 14:17]

2010-07-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-17 14:17]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = hxxp://www.avg.com/ww.special-old-os-app
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: S&end to OneNote - /105
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: {E3431AEF-A15D-43E1-A1F5-5583C46D2840} = 201.75.168.15,201.75.168.16
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-31 18:08
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-484763869-261478967-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{97CE299A-01CD-48DB-72EE-9E7DA7C9A386}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"pakoifjbkjcjmgiemegkggiacihdogmm"=hex:61,62,64,66,67,6e,61,6c,68,61,6f,66,63,
65,68,63,6f,62,64,6d,69,66,64,67,6c,67,6a,68,6c,63,64,69,67,64,00,00

[HKEY_USERS\S-1-5-21-484763869-261478967-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9ACD965D-15C8-92A4-83C8-68F88D8A73E1}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"paciolbkapdoonhcbkekmaopdfmmahdm"=hex:61,61,00,00
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(168)
c:\program files\GbPlugin\gbieh.dll

- - - - - - - > 'explorer.exe'(4764)
c:\program files\XemiComputers\Active Desktop Calendar\MouseHook.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-07-31 18:15:48
ComboFix-quarantined-files.txt 2010-07-31 18:15

Před spuštěním: Volných bajtů: 40 086 831 104
Po spuštění: Volných bajtů: 40 074 694 656

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - EE8BC5CD6C71F02957ADDB7684C18E8C

xxxxxxxxxxxxxxxxxxxx
MOC DIKY ZA POMOC
xxxxxxxxxxxxxxxxxxxx

Otevřte poznámkový blok a zkopírujte do něj:

Collect::
c:\windows\WSYS049.SYS

Regnull::
[HKEY_USERS\S-1-5-21-484763869-261478967-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{97CE299A-01CD-48DB-72EE-9E7DA7C9A386}*]
[HKEY_USERS\S-1-5-21-484763869-261478967-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9ACD965D-15C8-92A4-83C8-68F88D8A73E1}*]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

V predesle odpovedi jsem totrochu prehnal zeje vse v poradku ale nebylo coz jste asi zjistil
z posledniho skriptu a doporucil dalsi CFScript korekci. Takze jsem ji implikoval a nize je
dalsi CF log ktery se vytvoril. BTW tentokrat combofix jel pres hodinu nez skoncil.
Rdeji ted mlcim prooze mozna porad jeste to neni vsechno OK

Log naseduje nize:

ComboFix 10-07-31.01 - Libor 02.08.2010 11:38:03.4.2 - x86
Spuštěný z: c:\documents and settings\Libor\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Libor\Plocha\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

file zipped: c:\windows\WSYS049.SYS
.
ADS - drivers: deleted 204 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\WSYS049.SYS

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-02 do 2010-08-02 )))))))))))))))))))))))))))))))
.

2010-07-23 18:56 . 2010-07-23 19:03 -------- d-----w- c:\program files\Common Files\Ahead
2010-07-23 15:29 . 2010-07-23 15:29 3208 ----a-w- c:\windows\im32st.dat
2010-07-23 13:51 . 2010-07-23 13:51 -------- d-----w- c:\program files\PJsoft
2010-07-23 13:35 . 2010-07-23 13:35 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-07-23 11:48 . 2010-07-27 22:39 -------- d-----w- c:\program files\trend micro
2010-07-23 11:47 . 2010-07-27 22:42 -------- d-----w- C:\rsit
2010-07-19 21:36 . 2010-07-19 21:36 -------- d-----w- c:\program files\Photo!
2010-07-19 20:50 . 2010-07-29 19:36 -------- d-----w- C:\Microsoft Photo Editor
2010-07-19 12:19 . 2010-07-19 15:23 -------- d-----w- c:\program files\KillSoft
2010-07-17 19:25 . 2010-07-17 19:25 -------- d-----w- c:\program files\GiPo@Utilities
2010-07-17 19:25 . 2010-07-17 19:25 -------- d-----w- c:\program files\Common Files\Gibinsoft Shared
2010-07-15 16:32 . 2010-07-15 16:32 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-15 16:32 . 2010-07-15 16:32 420192 ----a-w- c:\temp\fixcfg.exe
2010-07-14 19:58 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-12 19:25 . 2010-07-30 11:26 -------- d-----w- c:\program files\Security Task Manager
2010-07-10 16:51 . 2010-07-10 16:51 -------- d-----w- c:\program files\4Easysoft Studio

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-02 11:12 . 2001-10-25 14:00 601192 ----a-w- c:\windows\system32\perfh005.dat
2010-08-02 11:12 . 2001-10-25 14:00 143322 ----a-w- c:\windows\system32\perfc005.dat
2010-08-02 11:09 . 2001-10-13 13:11 78 ----a-w- c:\windows\battery.dat
2010-08-02 10:59 . 2010-05-29 12:17 -------- d-----w- c:\program files\GbPlugin
2010-08-01 13:59 . 2009-04-16 23:33 221 ---ha-w- c:\windows\sysreg.dat
2010-07-31 23:57 . 2010-08-01 03:12 4824064 ----a-w- c:\windows\Internet Logs\xDB2BA.tmp
2010-07-31 21:01 . 2010-07-31 21:36 4823552 ----a-w- c:\windows\Internet Logs\xDB2B8.tmp
2010-07-31 16:20 . 2010-07-31 16:20 -------- d-----r- c:\program files\Skype
2010-07-31 16:20 . 2010-07-31 16:20 -------- d-----w- c:\program files\Common Files\Skype
2010-07-31 13:25 . 2010-07-31 13:23 -------- d-----w- c:\program files\Unlocker
2010-07-30 13:34 . 2010-07-30 11:59 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-07-30 12:59 . 2010-07-30 13:06 4804096 ----a-w- c:\windows\Internet Logs\xDB2B7.tmp
2010-07-30 11:26 . 2010-04-15 15:12 -------- d-----w- c:\program files\PHPRunner4.2
2010-07-30 01:18 . 2010-07-30 10:58 4813824 ----a-w- c:\windows\Internet Logs\xDB2B6.tmp
2010-07-29 21:01 . 2008-09-17 13:18 -------- d-----w- c:\program files\ShowIP
2010-07-29 19:49 . 2010-07-29 19:06 -------- d-----w- c:\program files\All in one Cleaner
2010-07-29 19:37 . 2009-03-06 02:09 -------- d-----w- c:\program files\TC UP
2010-07-29 19:37 . 2008-08-11 17:58 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-07-29 19:37 . 2010-03-17 14:12 -------- d-----w- c:\program files\ImageConverter Plus
2010-07-29 15:51 . 2010-07-29 16:50 54272 ----a-w- c:\windows\Internet Logs\xDB2B9.tmp
2010-07-29 15:50 . 2010-07-29 16:50 4795904 ----a-w- c:\windows\Internet Logs\xDB2B5.tmp
2010-07-29 11:27 . 2010-07-29 11:34 4794368 ----a-w- c:\windows\Internet Logs\xDB2B2.tmp
2010-07-29 11:27 . 2010-07-29 11:34 118784 ----a-w- c:\windows\Internet Logs\xDB2B4.tmp
2010-07-29 04:15 . 2010-07-29 11:16 4800512 ----a-w- c:\windows\Internet Logs\xDB2B1.tmp
2010-07-28 21:47 . 2010-07-28 21:55 4807168 ----a-w- c:\windows\Internet Logs\xDB2B0.tmp
2010-07-28 14:05 . 2010-07-28 14:17 2664448 ----a-w- c:\windows\Internet Logs\xDB2B3.tmp
2010-07-28 14:05 . 2010-07-28 14:16 4794880 ----a-w- c:\windows\Internet Logs\xDB2AF.tmp
2010-07-28 11:03 . 2010-07-28 11:11 4795392 ----a-w- c:\windows\Internet Logs\xDB2AE.tmp
2010-07-27 22:45 . 2010-07-27 23:00 4797440 ----a-w- c:\windows\Internet Logs\xDB2AD.tmp
2010-07-27 13:45 . 2010-07-27 14:54 4794368 ----a-w- c:\windows\Internet Logs\xDB2AC.tmp
2010-07-27 08:20 . 2010-05-29 12:17 45472 ----a-w- c:\windows\system32\drivers\gbpkm.sys
2010-07-26 23:09 . 2010-07-27 12:04 4809728 ----a-w- c:\windows\Internet Logs\xDB2AB.tmp
2010-07-26 00:00 . 2010-07-26 11:15 4795904 ----a-w- c:\windows\Internet Logs\xDB2AA.tmp
2010-07-24 23:45 . 2010-07-24 23:56 4795904 ----a-w- c:\windows\Internet Logs\xDB2A9.tmp
2010-07-24 21:53 . 2008-08-13 14:03 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-21 18:49 . 2010-07-21 19:52 4780544 ----a-w- c:\windows\Internet Logs\xDB2A8.tmp
2010-07-20 18:07 . 2010-07-20 19:55 4778496 ----a-w- c:\windows\Internet Logs\xDB2A7.tmp
2010-07-19 23:37 . 2010-07-20 11:21 4780544 ----a-w- c:\windows\Internet Logs\xDB2A6.tmp
2010-07-19 16:45 . 2010-07-19 19:40 4771840 ----a-w- c:\windows\Internet Logs\xDB2A5.tmp
2010-07-19 15:19 . 2010-07-19 15:29 4813824 ----a-w- c:\windows\Internet Logs\xDB2A4.tmp
2010-07-19 01:05 . 2010-07-19 11:02 4774400 ----a-w- c:\windows\Internet Logs\xDB2A3.tmp
2010-07-18 17:06 . 2010-07-18 20:46 4771840 ----a-w- c:\windows\Internet Logs\xDB2A2.tmp
2010-07-18 01:34 . 2010-07-18 12:10 4773376 ----a-w- c:\windows\Internet Logs\xDB2A1.tmp
2010-07-17 18:16 . 2010-07-17 18:28 4775936 ----a-w- c:\windows\Internet Logs\xDB2A0.tmp
2010-07-15 16:33 . 2008-08-11 15:05 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-15 16:27 . 2008-08-11 15:05 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-15 15:45 . 2010-07-15 16:01 4759552 ----a-w- c:\windows\Internet Logs\xDB29F.tmp
2010-07-15 02:48 . 2010-07-15 12:21 4754432 ----a-w- c:\windows\Internet Logs\xDB29E.tmp
2010-07-14 20:39 . 2010-07-14 20:52 4755968 ----a-w- c:\windows\Internet Logs\xDB29D.tmp
2010-07-13 23:25 . 2010-07-13 23:38 4762112 ----a-w- c:\windows\Internet Logs\xDB29C.tmp
2010-07-13 20:45 . 2010-07-13 21:01 4756992 ----a-w- c:\windows\Internet Logs\xDB29B.tmp
2010-07-13 15:28 . 2010-07-13 15:42 4756992 ----a-w- c:\windows\Internet Logs\xDB29A.tmp
2010-07-13 12:52 . 2010-04-19 16:48 -------- d-----w- c:\program files\FreeCall.com
2010-07-12 20:12 . 2010-07-12 20:29 4731392 ----a-w- c:\windows\Internet Logs\xDB299.tmp
2010-07-12 20:03 . 2010-04-19 19:16 -------- d-----w- c:\program files\TV IR
2010-07-12 16:08 . 2010-07-12 18:38 4670976 ----a-w- c:\windows\Internet Logs\xDB298.tmp
2010-07-11 21:08 . 2010-07-11 21:42 4732928 ----a-w- c:\windows\Internet Logs\xDB297.tmp
2010-07-10 23:47 . 2010-07-11 11:55 4726784 ----a-w- c:\windows\Internet Logs\xDB296.tmp
2010-07-09 23:40 . 2010-07-10 11:49 4730880 ----a-w- c:\windows\Internet Logs\xDB295.tmp
2010-07-09 20:54 . 2008-08-13 12:23 -------- d-----w- c:\program files\Pidgin
2010-07-09 12:32 . 2010-07-09 12:49 4657664 ----a-w- c:\windows\Internet Logs\xDB294.tmp
2010-07-08 12:01 . 2010-07-08 15:02 4650496 ----a-w- c:\windows\Internet Logs\xDB293.tmp
2010-07-07 22:28 . 2010-07-07 22:40 4659712 ----a-w- c:\windows\Internet Logs\xDB291.tmp
2010-07-06 16:57 . 2010-07-06 21:43 2962432 ----a-w- c:\windows\Internet Logs\xDB292.tmp
2010-07-06 16:55 . 2010-07-06 21:42 4644352 ----a-w- c:\windows\Internet Logs\xDB290.tmp
2010-07-05 17:13 . 2010-07-05 17:30 4643840 ----a-w- c:\windows\Internet Logs\xDB28F.tmp
2010-07-05 00:55 . 2010-07-05 11:24 4653056 ----a-w- c:\windows\Internet Logs\xDB28E.tmp
2010-07-04 17:08 . 2010-07-04 17:18 4682752 ----a-w- c:\windows\Internet Logs\xDB28D.tmp
2010-07-03 23:39 . 2010-07-04 12:10 4642816 ----a-w- c:\windows\Internet Logs\xDB28C.tmp
2010-07-02 23:56 . 2010-07-03 12:31 4680704 ----a-w- c:\windows\Internet Logs\xDB28B.tmp
2010-07-02 20:55 . 2008-09-12 18:54 -------- d-----w- c:\program files\Common Files\Merge Modules
2010-07-01 12:09 . 2010-07-02 11:57 4407808 ----a-w- c:\windows\Internet Logs\xDB28A.tmp
2010-07-01 05:55 . 2010-07-01 06:04 5166080 ----a-w- c:\windows\Internet Logs\xDB289.tmp
2010-06-30 22:10 . 2010-06-30 22:10 -------- d-----w- c:\program files\Microsoft Device Emulator
2010-06-30 22:10 . 2010-06-30 21:55 -------- d-----w- c:\program files\Windows Mobile 6 SDK
2010-06-30 20:58 . 2010-06-30 21:08 4463104 ----a-w- c:\windows\Internet Logs\xDB288.tmp
2010-06-30 20:04 . 2008-11-25 12:12 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2010-06-30 15:10 . 2010-06-30 15:10 -------- d-----w- c:\program files\CE Remote Tools
2010-06-30 15:06 . 2008-11-25 12:26 -------- d-----w- c:\program files\Microsoft Web Designer Tools
2010-06-29 13:36 . 2010-06-29 15:12 4258816 ----a-w- c:\windows\Internet Logs\xDB287.tmp
2010-06-28 23:48 . 2010-06-29 12:27 4762112 ----a-w- c:\windows\Internet Logs\xDB286.tmp
2010-06-28 22:10 . 2010-06-28 20:56 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2010-06-28 22:04 . 2008-10-18 22:19 -------- d-----w- c:\program files\MSBuild
2010-06-28 22:01 . 2008-08-27 17:51 -------- d-----w- c:\program files\Microsoft SDKs
2010-06-28 21:55 . 2010-06-28 21:55 -------- d-----w- c:\program files\Microsoft ASP.NET
2010-06-28 21:54 . 2010-06-28 21:54 -------- d-----w- c:\program files\IIS
2010-06-28 21:33 . 2010-06-28 20:56 -------- d-----w- c:\program files\Microsoft F#
2010-06-28 21:12 . 2010-06-28 20:56 -------- d-----w- c:\program files\HTML Help Workshop
2010-06-28 20:56 . 2010-06-28 20:56 -------- d-----w- c:\program files\Microsoft Help Viewer
2010-06-28 05:34 . 2010-06-28 11:50 1699840 ----a-w- c:\windows\Internet Logs\xDB285.tmp
2010-06-28 05:32 . 2010-06-28 11:50 4527104 ----a-w- c:\windows\Internet Logs\xDB284.tmp
2010-06-26 17:52 . 2010-06-26 19:32 4248064 ----a-w- c:\windows\Internet Logs\xDB282.tmp
2010-06-25 22:40 . 2010-06-25 23:17 1841152 ----a-w- c:\windows\Internet Logs\xDB283.tmp
2010-06-25 22:39 . 2010-06-25 23:17 4249088 ----a-w- c:\windows\Internet Logs\xDB281.tmp
2010-06-24 23:01 . 2010-06-24 23:01 -------- d-----w- c:\program files\CoffeeCup Software
2010-06-24 22:21 . 2010-06-24 22:21 -------- d-----w- c:\program files\Microangelo Toolset 6
2010-06-24 21:44 . 2008-08-11 14:07 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-23 17:55 . 2010-06-23 21:17 4230144 ----a-w- c:\windows\Internet Logs\xDB280.tmp
2010-06-22 23:56 . 2010-06-23 11:33 716800 ----a-w- c:\windows\Internet Logs\xDB27F.tmp
2010-06-22 23:55 . 2010-06-23 11:33 4217344 ----a-w- c:\windows\Internet Logs\xDB27D.tmp
2006-01-23 10:32 . 2006-01-23 10:32 131072 ------w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2006-06-07 14:40 . 2006-06-07 14:40 132848 ------w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ------w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ------w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
"{f3738b89-7a4e-41df-ac24-bf192e9e5465}"= "c:\program files\Fleshlight_Free_Porn\tbFle1.dll" [2010-07-05 2515552]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_CLASSES_ROOT\clsid\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 13:02 1230080 ------w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]
2010-07-05 11:31 2515552 ----a-w- c:\program files\Fleshlight_Free_Porn\tbFle1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
"{f3738b89-7a4e-41df-ac24-bf192e9e5465}"= "c:\program files\Fleshlight_Free_Porn\tbFle1.dll" [2010-07-05 2515552]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
"{F3738B89-7A4E-41DF-AC24-BF192E9E5465}"= "c:\program files\Fleshlight_Free_Porn\tbFle1.dll" [2010-07-05 2515552]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-02-22 217544]
"Active Desktop Calendar"="c:\program files\XemiComputers\Active Desktop Calendar\ADC.exe" [2008-11-05 4478464]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2009-12-21 818288]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-07-02 2347216]
"FreeCall"="c:\program files\FreeCall.com\FreeCall\FreeCall.exe" [2010-07-15 10788656]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-30 761946]
"SMSERIAL"="c:\windows\sm56hlpr.exe" [2006-06-30 565248]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]
"Zone Labs Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2004-11-28 902432]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-04-14 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-04-14 602182]
"EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2006-04-14 569413]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-01-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-01-19 458752]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-13 16239616]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-15 2065760]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-17 421888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bitmeter2.lnk - c:\program files\Codebox\BitMeter\BitMeter2.exe [2008-11-1 1462272]
Dataviz Messenger.lnk - c:\windows\DvzCommon\DvzMsgr.exe [2003-7-1 24576]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2010-07-27 08:18 335136 ----a-w- c:\program files\GbPlugin\gbieh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-15 16:32 12536 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Palm\\HOTSYNC.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1128:TCP"= 1128:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [29.5.2010 12:17 45472]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [11.8.2008 15:05 216400]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [11.8.2008 15:05 243024]
R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [13.1.2006 13:00 15872]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [8.1.2010 0:51 380928]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [15.7.2010 16:28 921952]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [15.7.2010 16:32 308136]
R2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [29.5.2010 12:17 55072]
R2 HRD RemoteSvr;Ham Radio Deluxe Remote Server;c:\program files\Amateur Radio\Ham Radio Deluxe\HRDRemoteSvr.exe [28.9.2008 15:26 192512]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [16.12.2009 10:09 188736]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [16.12.2009 10:11 65856]
R3 U6652SRV;U6652 USB;c:\windows\system32\drivers\U6652.sys [9.3.2009 17:34 199040]
R3 xpvcom;XPVCOM Port;c:\windows\system32\drivers\XPVCOM.sys [23.3.2007 2:00 30032]
S2 Ca533av;Icatch(IV) Video Camera Device;c:\windows\system32\drivers\Ca533av.sys [19.1.2009 12:13 515803]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 fxyia;Installer Boot;c:\windows\system32\svchost.exe -k netsvcs [11.8.2008 12:57 14336]
S2 gupdate1ca977fe6707190;Služba Google Update (gupdate1ca977fe6707190);c:\program files\Google\Update\GoogleUpdate.exe [17.1.2010 14:18 133104]
S3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM);c:\windows\system32\drivers\averhbtv.sys [6.1.2009 0:46 283648]
S3 usb2vcom;Nokia CA-42 USB;c:\windows\system32\drivers\usb2vcom.sys [14.1.2009 16:54 29152]
S3 Usblink;Usblink Driver;c:\windows\system32\drivers\ulink.sys [13.8.2008 18:58 37708]
S3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [8.12.2009 21:24 48128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S3 ZSMC302;VIMICRO USB PC Camera;c:\windows\system32\drivers\usbVM31b.sys [13.8.2008 18:31 90568]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [11.7.2008 0:28 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10.7.2008 2:49 242712]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [22.8.2008 13:40 716272]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [11.7.2008 0:28 369688]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
fxyia
.
Obsah adresáře 'Naplánované úlohy'

2010-08-02 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]

2010-07-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2010-08-02 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-05-24 14:11]

2010-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-17 14:17]

2010-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-17 14:17]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = hxxp://www.avg.com/ww.special-old-os-app
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: S&end to OneNote - /105
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: {E3431AEF-A15D-43E1-A1F5-5583C46D2840} = 201.75.168.15,201.75.168.16
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-02 13:12
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(340)
c:\program files\GbPlugin\gbieh.dll
.
Celkový čas: 2010-08-02 13:19:30
ComboFix-quarantined-files.txt 2010-08-02 13:19

Před spuštěním: Volných bajtů: 39 938 813 952
Po spuštění: Volných bajtů: 39 911 346 176

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 71698A827FF9DCB39D366643C1700272

Smazáno, zbytek logu vypadá čistý. Nastala nějaká změna?

Stav je zda se klidny. Nakonfiguroval jsem Skype ale jako "Spusteni po startu". Takhle kdyz nastartuju windows po jejich
celkovem spusteni je explorer.exe v klidu. Pokud delam nejake operace s HD nebo jinymi programy zatezujicimi
explorer, tak sice tento zatizi procesor ale odber po ustaleni daneho programu rychle spadne, coz je normalni.
Budu to jste testovat a jestli bude jeste nejaky problem dam vedet.
P.S. Ten CF log bych se chtel naucit podrobne analyzovat ale nenasel jsem stranku jak. Taky jsem studoval tu obrovskou bifli o WinXP ale tam o exploreru a hlavne o registrech toho moc podrobne neni. Asi je potreba skoleni u Microsoftu

P.S. Ten CF log bych se chtel naucit podrobne analyzovat ale nenasel jsem stranku jak. Taky jsem studoval tu obrovskou bifli o WinXP ale tam o exploreru a hlavne o registrech toho moc podrobne neni. Asi je potreba skoleni u Microsoftu

Ani nenajdete, neboť autor si své tajemství střeží a i my jsme vázáni určitými regulemi. CF nemá nic společného s Microsoftem. Lehce vám napovím: jde o to zanalyzovat jednotlivé položky logu a určit, zda jedna každá je legitimní, či nikoli. Podstatný problém ale je hlavně v tom, že se důrazně nedoporučuje laikům s ComboFixem experimentovat.
Systém sledujte a případně dejte vědět.

Rozumim a dik za odpoved. Ozvu se tedy pokud by zase byly problemy. Combofix odlozim do bezpeci

ComboFix odinstalujte Start>spustit>(napsat) comobfix /uninstall>OK. Nemáte zač!

VIRY.CZ

Problem s explorer.exe

Re: Problem s explorer.exe

Re: Problem s explorer.exe

Re: Problem s explorer.exe

Re: Problem s explorer.exe

Re: Problem s explorer.exe

Re: Problem s explorer.exe

Re: Problem s explorer.exe

Re: Problem s explorer.exe