VIRY.CZ

A vlozila jste tam skript (pod zlutou caru)

ouha,že by to byla ta barva vlasů:)
Ihnet po restartu se oběvilo:
All processes killed
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Wnjxjt deleted successfully.
========== FILES ==========
c:\documents and settings\MiiLan\Data aplikací\1B.exe moved successfully.
c:\documents and settings\MiiLan\Data aplikací\2.exe moved successfully.
c:\documents and settings\MiiLan\Data aplikací\3.exe moved successfully.
c:\documents and settings\MiiLan\Data aplikací\95.exe moved successfully.
c:\documents and settings\MiiLan\Data aplikací\96.exe moved successfully.
c:\documents and settings\MiiLan\Data aplikací\E6.exe moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-1.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-10.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-11.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-12.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-13.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-14.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-15.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-16.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-17.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-18.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-19.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-2.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-20.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-21.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-22.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-3.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-4.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-5.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-6.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-7.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-8.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin-9.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\icqplugin.xml moved successfully.
c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\daemon-search.xml moved successfully.
File/Folder c:\documents and settings\MiiLan\Data aplikací\Wnjxjt.exe not found.
c:\docume~1\MiiLan\LOCALS~1\temp folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: MiiLan
->Temporary Internet Files folder emptied: 32835 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 95228909 bytes
->Google Chrome cache emptied: 7647704 bytes
->Flash cache emptied: 3849663 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 102,00 mb


OTM by OldTimer - Version 3.1.18.0 log created on 10062011_200742

Files moved on Reboot...

Registry entries deleted on Reboot...

Mari13 píše:ouha,že by to byla ta barva vlasů:)

Fotku tu nemate, tak nemohu soudit

Nyni skript pro ComboFix - postup jak minule (vytvorit soubor CFScript.txt, pretahnout nad ComboFix a nechat probehnout - log pak sem)

ComboFix 11-10-03.01 - MiiLan 06.10.2011 20:24:57.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.732 [GMT 2:00]
Spuštěný z: c:\documents and settings\MiiLan\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\MiiLan\Plocha\CFScript.txt
.
file zipped: c:\documents and settings\MiiLan\Data aplikací\Wnjxjt.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-06 do 2011-10-06 )))))))))))))))))))))))))))))))
.
.
2011-10-06 18:07 . 2011-10-06 18:07 -------- d-----w- C:\_OTM
2011-10-06 17:11 . 2011-10-06 17:11 150016 ----a-w- c:\documents and settings\MiiLan\Data aplikací\Wnjxjt.exe
2011-10-02 21:42 . 2011-10-02 21:45 -------- d-----r- c:\program files\Skype
2011-10-02 20:43 . 2011-10-02 20:43 -------- d-----w- c:\program files\trend micro
2011-10-02 20:43 . 2011-10-02 20:43 -------- d-----w- C:\rsit
2011-09-21 07:35 . 2011-09-21 07:35 4566176 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-21 10:09 . 2011-08-21 10:09 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-03_18.13.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-06 18:32 . 2011-10-06 18:32 16384 c:\windows\temp\Perflib_Perfdata_724.dat
- 2001-10-25 14:00 . 2011-10-03 05:26 71846 c:\windows\system32\perfc009.dat
+ 2001-10-25 14:00 . 2011-10-06 18:13 71846 c:\windows\system32\perfc009.dat
- 2001-10-25 14:00 . 2011-10-03 05:26 83306 c:\windows\system32\perfc005.dat
+ 2001-10-25 14:00 . 2011-10-06 18:13 83306 c:\windows\system32\perfc005.dat
+ 2001-10-25 14:00 . 2011-10-06 18:13 443588 c:\windows\system32\perfh009.dat
- 2001-10-25 14:00 . 2011-10-03 05:26 443588 c:\windows\system32\perfh009.dat
- 2001-10-25 14:00 . 2011-10-03 05:26 439966 c:\windows\system32\perfh005.dat
+ 2001-10-25 14:00 . 2011-10-06 18:13 439966 c:\windows\system32\perfh005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"FixCamera"="c:\windows\FixCamera.exe" [2007-02-12 20480]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 110592]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"USBToolTip"="c:\program files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe" [2006-10-16 202312]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\MiiLan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
PowerReg Scheduler.exe [2008-4-15 256000]
.
c:\documents and settings\MiiLan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
PowerReg Scheduler.exe [2008-4-15 256000]
.
c:\documents and settings\MiiLan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
PowerReg Scheduler.exe [2008-4-15 256000]
.
c:\documents and settings\MiiLan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
PowerReg Scheduler.exe [2008-4-15 256000]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"d:\\hra\\vietkonk\\vietcong.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Electronic Arts\\EA Downloader\\Core.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"d:\\hra\\vietkonk\\vcded.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14.4.2008 16:53 691696]
S1 prodrv04;Star Force copy protection driver v4;c:\windows\system32\drivers\prodrv04.sys [20.9.2007 20:14 114496]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\MiiLan\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\MiiLan\LOCALS~1\Temp\CFcatchme.sys [?]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys --> c:\windows\system32\DRIVERS\snp325.sys [?]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: Interfaces\{793D68D5-2455-4C8B-B60A-AFB44DCD5F4C}: NameServer = 90.183.115.6,90.183.115.11,194.228.2.1,80.79.29.8
FF - ProfilePath - c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-06 20:32
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3468)
c:\windows\system32\browselc.dll
d:\hra\Reader\ActiveX\AcroIEHelper.ocx
c:\program files\Microsoft Office\Office12\1033\GrooveIntlResource.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\rundll32.exe
c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-10-06 20:35:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-06 18:35
ComboFix2.txt 2011-10-06 17:53
ComboFix3.txt 2011-10-03 18:15
.
Před spuštěním: 4 520 710 144
Po spuštění: 4 508 037 120
.
- - End Of File - - 3CA202D6598CC5B2DA0351BBAD1D5235
Nahr nˇ probŘhlo ŁspŘçnŘ

A nepusti se a nepusti, tak na to vezmem misto pistolky tezkotonazni delo

Stahnete Avenger (viz muj podpis)

• Pokud pouzivate Win Vista ci W7, kliknete na Avenger pravym a dejte Run As Administrator ci Spustit jako spravce
• Po spusteni Vas program upozorni, ze vse co delate, delate na vlastni riziko - Dejte OK
• Po potvrzeni uz na Vas koukne hlavni okno, kam vlozite skript, ktery mate nize

• Kód: Vybrat vše

  Files to delete:
  c:\documents and settings\MiiLan\Data aplikací\Wnjxjt.exe
  c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  
  Folders to delete:
  c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

• Do ctverecku u Scan for rootkits a Automatically disable any rootkits found dejte fajecku
• Nyni uz kliknete na Execute a potvrdte Yes v nasledujicim okne - timto potvrdite spusteni skriptu
• Na otazku Reboot now odpovezte opet OK - timto se PC restartuje
• Po restartu by se mel otevrit poznamkovy blok s logem a jeho obsah vlozte sem. Pokud se tak nestane, naleznete pozadovany dokument v C:\avenger.txt

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "c:\documents and settings\MiiLan\Data aplikací\Wnjxjt.exe" deleted successfully.

Error: "c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}" is a folder, not a file!
Deletion of file "c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}" failed!
Status: 0xc00000ba (STATUS_FILE_IS_A_DIRECTORY)
--> use "Folders to delete:" instead of "Files to delete:" to delete a directory

Folder "c:\documents and settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

Tak, delo zabralo...

Jak se chova PC

Pc ok,ale uvidíme jeké to bude při komunikaci na fecebooku-zítra.Jinak dám vědět.Děkuji

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

PC sledujte a napiste

Ahoj, ale asi se budu opakovat, můj problém stále trvá. Při chatu na mém FB, mě stále za mou odpovědí pronásleduje hehehe! hxxp://www.facebook.com.img041.tk/Photo-292181532.jpeg
Prosím Vás, čím se toho zbavím, začíná mě to celkem i vytáčet Děkuji za pomoc M.

zdravim

Dejte prosim novy log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by MiiLan at 2011-10-16 14:30:23
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 5 GB (29%) free of 16 GB
Total RAM: 1023 MB (52% free)

HijackThis download failed

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8312, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

C:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
npdeployJava1.dll
npnul32.dll
NPOFF12.DLL
ShockwavePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\extensions\
OberonGameHost@OberonGames.com
radiobar@toolbar
staged-xpis

C:\Documents and Settings\MiiLan\Data aplikací\Mozilla\Firefox\Profiles\cq5d9xie.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - d:\hra\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}]
Ask Search Assistant BHO - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-09-21 3853984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-01-05 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}]
Ask Toolbar BHO - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{FE063DB9-4EC0-403e-8DD8-394C54984B2C} - Ask Toolbar - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"=C:\WINDOWS\SiSUSBrg.exe [2002-07-12 106496]
"FixCamera"=C:\WINDOWS\FixCamera.exe [2007-02-12 20480]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"USBToolTip"=C:\Program Files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe [2006-10-16 202312]

C:\Documents and Settings\MiiLan\Nabídka Start\Programy\Po spuštění
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PowerReg Scheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\hra\vietkonk\vietcong.exe"="D:\hra\vietkonk\vietcong.exe:*:Enabled:vietcong"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Electronic Arts\EA Downloader\Core.exe"="C:\Program Files\Electronic Arts\EA Downloader\Core.exe:*:Enabled:EA Download Manager"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Pinnacle\Studio 11\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 11\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:*:Enabled:umi"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"D:\hra\vietkonk\vcded.exe"="D:\hra\vietkonk\vcded.exe:*:Enabled:vcded"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"vidc.ffds"=ffdshow.ax
"MSVideo8"=VfWWDM32.dll
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.MJPG"=Pvmjpg30.dll
"VIDC.I420"=vdrcodec.dll

======List of files/folders created in the last 1 month======

2011-10-16 14:27:45 ----D---- C:\Program Files\trend micro
2011-10-16 14:27:44 ----D---- C:\rsit
2011-10-16 11:14:38 ----A---- C:\Documents and Settings\MiiLan\Data aplikací\4.exe
2011-10-16 06:21:52 ----A---- C:\Documents and Settings\MiiLan\Data aplikací\3.tmp
2011-10-16 06:21:49 ----A---- C:\Documents and Settings\MiiLan\Data aplikací\2.exe
2011-10-15 13:09:28 ----A---- C:\Documents and Settings\MiiLan\Data aplikací\3.exe
2011-10-15 13:09:23 ----A---- C:\Documents and Settings\MiiLan\Data aplikací\1.exe
2011-10-15 11:15:12 ----A---- C:\Documents and Settings\MiiLan\Data aplikací\134.exe
2011-10-15 11:15:08 ----A---- C:\Documents and Settings\MiiLan\Data aplikací\132.exe
2011-10-14 12:07:08 ----SHD---- C:\RECYCLER
2011-10-06 20:30:57 ----D---- C:\WINDOWS\temp
2011-10-03 20:04:53 ----A---- C:\Boot.bak
2011-10-03 20:04:48 ----RASHD---- C:\cmdcons
2011-10-03 20:02:47 ----D---- C:\Qoobox
2011-10-02 23:42:43 ----RD---- C:\Program Files\Skype

======List of files/folders modified in the last 1 month======

2011-10-16 14:27:45 ----RD---- C:\Program Files
2011-10-16 11:18:26 ----D---- C:\WINDOWS\system32
2011-10-16 11:18:26 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-16 07:16:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-16 06:21:26 ----D---- C:\WINDOWS
2011-10-15 23:18:14 ----D---- C:\Program Files\PokerStars
2011-10-15 13:17:04 ----D---- C:\Program Files\Winamp
2011-10-15 13:16:16 ----D---- C:\WINDOWS\Prefetch
2011-10-15 13:02:42 ----SHD---- C:\System Volume Information
2011-10-15 13:02:27 ----D---- C:\WINDOWS\system32\drivers
2011-10-15 11:29:08 ----D---- C:\Documents and Settings\MiiLan\Data aplikací\AIMP
2011-10-10 22:29:20 ----AC---- C:\WINDOWS\TextSpy.ini
2011-10-06 20:32:58 ----A---- C:\WINDOWS\system.ini
2011-10-06 20:32:42 ----D---- C:\WINDOWS\system32\drivers\etc
2011-10-06 20:28:24 ----D---- C:\WINDOWS\AppPatch
2011-10-06 20:28:22 ----D---- C:\Program Files\Common Files
2011-10-06 20:24:03 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-06 16:48:19 ----D---- C:\WINDOWS\system32\config
2011-10-06 16:46:46 ----SD---- C:\WINDOWS\Tasks
2011-10-04 15:31:36 ----D---- C:\Documents and Settings\MiiLan\Data aplikací\Skype
2011-10-04 05:08:09 ----D---- C:\Program Files\Google
2011-10-03 21:37:54 ----D---- C:\WINDOWS\security
2011-10-03 20:04:53 ----RASH---- C:\boot.ini
2011-10-03 18:54:25 ----SHD---- C:\WINDOWS\Installer
2011-10-02 23:42:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-10-02 23:32:01 ----D---- C:\Program Files\Mozilla Firefox
2011-09-22 20:16:13 ----AC---- C:\WINDOWS\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2004-08-04 46464]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 SISAGP;SiS AGP Filter; C:\WINDOWS\system32\DRIVERS\SISAGPX.sys [2003-02-20 36608]
R0 SiSide;SiSide; C:\WINDOWS\system32\DRIVERS\siside.sys [2003-03-25 4096]
R0 sisidex;sisidex; C:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; C:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-11 691696]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R2 ACEDRV07;ACEDRV07; \??\C:\WINDOWS\system32\drivers\ACEDRV07.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-17 701440]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2003-07-01 733248]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-09-17 9856]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2002-07-10 32256]
S1 prodrv04;Star Force copy protection driver v4; C:\WINDOWS\System32\drivers\prodrv04.sys [2007-09-20 114496]
S3 a4v90k7l;a4v90k7l; C:\WINDOWS\system32\drivers\a4v90k7l.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CFcatchme;CFcatchme; \??\C:\DOCUME~1\MiiLan\LOCALS~1\Temp\CFcatchme.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Poprosim jeste o log z HJT, nejak jej RSIT dodatecne nestahl...

Navod na HJT http://viry.cz/forum/viewtopic.php?f=24&t=2230 - Vas samozrejme zajima jen vytvoreni log - analyzu a nasledne mazani nechte na me

Dobrý den, odkaz na HJT nelze otevřít.

Stahnete jej odsud http://www.trendmicro.com/ftp/products/ ... ckThis.exe