VIRY.CZ

Ja si jej sem vlozim, vynecham cast SnapShot

ComboFix 11-10-06.03 - hynek 06.10.2011 18:49:01.6.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.1022.588 [GMT 2:00]
Spuštěný z: c:\documents and settings\hynek\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\matej\WINDOWS
C:\DSC02524.JPG
C:\DSC02540.JPG
C:\DSCN2077.jpg
c:\windows\msmqinst.log
c:\windows\unin0405.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-06 do 2011-10-06 )))))))))))))))))))))))))))))))
.
.
2011-10-06 16:49 . 2011-10-06 16:49 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-10-06 16:39 . 2011-10-06 16:39 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{87064ADE-8B06-475E-BF33-AE15297D064E}\MpKsl294726ca.sys
2011-10-06 16:39 . 2011-10-06 16:39 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{87064ADE-8B06-475E-BF33-AE15297D064E}\offreg.dll
2011-10-05 20:16 . 2011-10-05 20:16 -------- d-----w- C:\_OTL
2011-10-05 15:55 . 2011-09-12 14:14 7269712 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{87064ADE-8B06-475E-BF33-AE15297D064E}\mpengine.dll
2011-10-04 19:32 . 2011-10-04 19:32 512 ----a-w- C:\PhysicalMBR.bin
2011-10-04 17:58 . 2011-10-04 17:58 -------- d-sh--w- c:\documents and settings\hynek\IECompatCache
2011-10-04 17:55 . 2011-10-04 17:55 -------- d-sh--w- c:\documents and settings\hynek\PrivacIE
2011-10-04 14:25 . 2011-09-12 14:14 7269712 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-04 14:18 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-10-04 14:15 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-10-04 14:11 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-10-04 14:08 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-10-04 14:08 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-10-04 13:33 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-10-04 13:33 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-10-02 20:37 . 2010-10-19 20:51 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-02 20:26 . 2011-10-02 20:26 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2011-10-02 20:25 . 2011-10-02 20:26 -------- d-----w- c:\program files\Microsoft Security Client
2011-10-02 20:19 . 2011-10-02 20:19 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2011-10-02 20:01 . 2011-10-02 20:01 -------- d-----w- c:\windows\system32\scripting
2011-10-02 20:01 . 2011-10-02 20:01 -------- d-----w- c:\windows\l2schemas
2011-10-02 20:01 . 2011-10-02 20:01 -------- d-----w- c:\windows\system32\en
2011-10-02 20:01 . 2011-10-02 20:01 -------- d-----w- c:\windows\system32\bits
2011-10-02 18:41 . 2008-04-14 00:12 33792 ------w- c:\windows\system32\mmcperf.exe
2011-10-02 18:41 . 2008-04-14 00:11 397312 ------w- c:\windows\system32\mmcex.dll
2011-10-02 18:41 . 2008-04-14 00:11 184320 ------w- c:\windows\system32\microsoft.managementconsole.dll
2011-10-02 18:41 . 2008-04-14 00:11 106496 ------w- c:\windows\system32\mmcfxcommon.dll
2011-10-02 18:41 . 2008-04-14 00:11 86016 ------w- c:\windows\system32\mdmxsdk.dll
2011-10-02 18:41 . 2004-08-03 20:41 11868 ------w- c:\windows\system32\drivers\mdmxsdk.sys
2011-10-02 18:41 . 2008-04-14 00:11 37376 ------w- c:\windows\system32\l2gpstore.dll
2011-10-02 18:41 . 2008-04-14 00:11 61440 ------w- c:\windows\system32\kmsvc.dll
2011-10-02 18:41 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdpash.dll
2011-10-02 18:41 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdnepr.dll
2011-10-02 18:41 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdiultn.dll
2011-10-02 18:41 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdbhc.dll
2011-10-02 17:41 . 2011-10-02 17:41 -------- d-sh--w- c:\documents and settings\hynek\IETldCache
2011-10-02 17:33 . 2011-06-23 18:36 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-10-02 17:33 . 2011-06-23 18:36 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-10-02 17:33 . 2011-06-23 18:36 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-10-02 17:33 . 2011-06-23 18:36 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-10-02 17:33 . 2011-06-23 18:36 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-10-02 17:33 . 2011-06-23 18:36 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-10-02 17:33 . 2011-06-23 18:36 11081728 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-10-02 17:32 . 2011-10-02 17:32 -------- dc-h--w- c:\windows\ie8
2011-10-02 17:09 . 2011-10-02 17:09 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2011-10-02 16:53 . 2011-10-02 16:53 -------- d-----w- c:\windows\nview
2011-10-02 16:53 . 2008-05-16 12:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2011-10-02 16:52 . 2008-05-16 09:48 446464 ----a-w- c:\windows\system32\NVUNINST.EXE
2011-10-02 16:52 . 2003-11-10 16:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2011-10-02 16:52 . 2003-11-10 16:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2011-10-02 16:52 . 2003-11-10 16:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2011-10-02 16:52 . 2003-11-10 16:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2011-10-02 16:52 . 2003-11-10 16:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2011-10-02 16:52 . 2011-10-02 16:52 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2011-10-02 16:52 . 2011-10-02 16:52 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2011-10-02 16:52 . 2011-10-02 16:52 -------- d-----w- C:\NVIDIA
2011-09-17 20:31 . 2011-09-17 20:31 -------- d-----w- c:\program files\Plus500
2011-09-09 09:12 . 2011-09-09 09:12 599040 -c----w- c:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-09 09:12 . 2006-03-15 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-07-26 18:53 . 2011-07-26 18:54 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-26 18:53 . 2008-01-28 13:18 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-07-15 13:29 . 2006-03-15 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-10-05 18:07 . 2011-05-31 14:46 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960]
"ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2004-07-20 851968]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]
"pdfFactory Pro Dispatcher v2"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2005-03-03 479232]
"SoundMan"="SOUNDMAN.EXE" [2006-08-02 577536]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Server4PC.lnk - c:\program files\TechniSat DVB\bin\Server4PC.exe [2007-8-24 344064]
Status Monitor.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2007-3-15 819200]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\temp\\WAP54G-full package-0420\\Setup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.3.2007 14:19 639224]
R1 MpKsl294726ca;MpKsl294726ca;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{87064ADE-8B06-475E-BF33-AE15297D064E}\MpKsl294726ca.sys [6.10.2011 18:39 28752]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM);c:\windows\system32\drivers\SE31bus.sys [28.3.2007 22:47 61600]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter;c:\windows\system32\drivers\SE31mdfl.sys [1.5.2006 13:57 9360]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver;c:\windows\system32\drivers\SE31mdm.sys [1.5.2006 13:57 97184]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\SE31mgmt.sys [1.5.2006 13:58 88688]
S3 se31nd5;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS);c:\windows\system32\drivers\se31nd5.sys [1.5.2006 13:56 18704]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface;c:\windows\system32\drivers\SE31obex.sys [1.5.2006 13:59 86560]
S3 se31unic;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM);c:\windows\system32\drivers\se31unic.sys [1.5.2006 13:56 90800]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL294726CA
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-06 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.100.1
DPF: {D67DB088-70B4-4006-B052-57F614FD3AA8} - hxxp://www.vguard.net/myasp/chtIEx.cab
FF - ProfilePath - c:\documents and settings\hynek\Application Data\Mozilla\Firefox\Profiles\yf39my4j.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-DivX Codec - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-Image Mapper - c:\grafy\DeIsL1.isu
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-06 18:58
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(756)
c:\windows\system32\DNSAPI.dll
.
- - - - - - - > 'lsass.exe'(812)
c:\program files\Bonjour\mdnsNSP.dll
.
Celkový čas: 2011-10-06 19:01:41
ComboFix-quarantined-files.txt 2011-10-06 17:01
ComboFix2.txt 2009-10-04 11:04
ComboFix3.txt 2009-10-03 16:50
ComboFix4.txt 2009-08-16 14:23
.
Před spuštěním: 50 430 373 888 bytes free
Po spuštění: Volných bajtů: 54 489 075 712
.
Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - D0E90C990352502E8C6ED25B4ABEE5DF

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-

AtJob::

Replicator::

FixCSet::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Zapomněl jsem předem vypnout MS Essentials.

Mám proces zopakovat?

ComboFix 11-10-06.03 - hynek 06.10.2011 20:55:44.7.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.1022.500 [GMT 2:00]
Spuštěný z: c:\documents and settings\hynek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\hynek\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-06 do 2011-10-06 )))))))))))))))))))))))))))))))
.
.
2011-10-06 19:09 . 2011-10-06 19:09 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0980F0E2-4D84-4AD0-809E-11791800B02A}\MpKsl4e6f7720.sys
2011-10-06 19:09 . 2011-10-06 19:09 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0980F0E2-4D84-4AD0-809E-11791800B02A}\offreg.dll
2011-10-06 18:29 . 2011-10-06 18:29 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0980F0E2-4D84-4AD0-809E-11791800B02A}\MpKsl33030cf2.sys
2011-10-06 18:29 . 2011-09-12 14:14 7269712 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0980F0E2-4D84-4AD0-809E-11791800B02A}\mpengine.dll
2011-10-06 16:49 . 2011-10-06 16:49 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-10-05 20:16 . 2011-10-05 20:16 -------- d-----w- C:\_OTL
2011-10-04 19:32 . 2011-10-04 19:32 512 ----a-w- C:\PhysicalMBR.bin
2011-10-04 17:58 . 2011-10-04 17:58 -------- d-sh--w- c:\documents and settings\hynek\IECompatCache
2011-10-04 17:55 . 2011-10-04 17:55 -------- d-sh--w- c:\documents and settings\hynek\PrivacIE
2011-10-04 14:25 . 2011-09-12 14:14 7269712 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-10-04 14:18 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-10-04 14:15 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-10-04 14:11 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-10-04 14:08 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-10-04 14:08 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-10-04 13:33 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-10-04 13:33 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-10-02 20:37 . 2010-10-19 20:51 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-02 20:26 . 2011-10-02 20:26 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2011-10-02 20:25 . 2011-10-02 20:26 -------- d-----w- c:\program files\Microsoft Security Client
2011-10-02 20:19 . 2011-10-02 20:19 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2011-10-02 20:01 . 2011-10-02 20:01 -------- d-----w- c:\windows\system32\scripting
2011-10-02 20:01 . 2011-10-02 20:01 -------- d-----w- c:\windows\l2schemas
2011-10-02 20:01 . 2011-10-02 20:01 -------- d-----w- c:\windows\system32\en
2011-10-02 20:01 . 2011-10-02 20:01 -------- d-----w- c:\windows\system32\bits
2011-10-02 18:41 . 2008-04-14 00:12 33792 ------w- c:\windows\system32\mmcperf.exe
2011-10-02 18:41 . 2008-04-14 00:11 397312 ------w- c:\windows\system32\mmcex.dll
2011-10-02 18:41 . 2008-04-14 00:11 184320 ------w- c:\windows\system32\microsoft.managementconsole.dll
2011-10-02 18:41 . 2008-04-14 00:11 106496 ------w- c:\windows\system32\mmcfxcommon.dll
2011-10-02 18:41 . 2008-04-14 00:11 86016 ------w- c:\windows\system32\mdmxsdk.dll
2011-10-02 18:41 . 2004-08-03 20:41 11868 ------w- c:\windows\system32\drivers\mdmxsdk.sys
2011-10-02 18:41 . 2008-04-14 00:11 37376 ------w- c:\windows\system32\l2gpstore.dll
2011-10-02 18:41 . 2008-04-14 00:11 61440 ------w- c:\windows\system32\kmsvc.dll
2011-10-02 18:41 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdpash.dll
2011-10-02 18:41 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdnepr.dll
2011-10-02 18:41 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdiultn.dll
2011-10-02 18:41 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdbhc.dll
2011-10-02 17:41 . 2011-10-02 17:41 -------- d-sh--w- c:\documents and settings\hynek\IETldCache
2011-10-02 17:33 . 2011-06-23 18:36 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-10-02 17:33 . 2011-06-23 18:36 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-10-02 17:33 . 2011-06-23 18:36 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-10-02 17:33 . 2011-06-23 18:36 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-10-02 17:33 . 2011-06-23 18:36 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-10-02 17:33 . 2011-06-23 18:36 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-10-02 17:33 . 2011-06-23 18:36 11081728 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-10-02 17:32 . 2011-10-02 17:32 -------- dc-h--w- c:\windows\ie8
2011-10-02 17:09 . 2011-10-02 17:09 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2011-10-02 16:53 . 2011-10-02 16:53 -------- d-----w- c:\windows\nview
2011-10-02 16:53 . 2008-05-16 12:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2011-10-02 16:52 . 2008-05-16 09:48 446464 ----a-w- c:\windows\system32\NVUNINST.EXE
2011-10-02 16:52 . 2003-11-10 16:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2011-10-02 16:52 . 2003-11-10 16:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2011-10-02 16:52 . 2003-11-10 16:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2011-10-02 16:52 . 2003-11-10 16:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2011-10-02 16:52 . 2003-11-10 16:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2011-10-02 16:52 . 2011-10-02 16:52 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2011-10-02 16:52 . 2011-10-02 16:52 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2011-10-02 16:52 . 2011-10-02 16:52 -------- d-----w- C:\NVIDIA
2011-09-17 20:31 . 2011-09-17 20:31 -------- d-----w- c:\program files\Plus500
2011-09-09 09:12 . 2011-09-09 09:12 599040 -c----w- c:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-09 09:12 . 2006-03-15 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-07-26 18:53 . 2011-07-26 18:54 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-26 18:53 . 2008-01-28 13:18 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-07-15 13:29 . 2006-03-15 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-10-05 18:07 . 2011-05-31 14:46 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960]
"ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2004-07-20 851968]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]
"pdfFactory Pro Dispatcher v2"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2005-03-03 479232]
"SoundMan"="SOUNDMAN.EXE" [2006-08-02 577536]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Server4PC.lnk - c:\program files\TechniSat DVB\bin\Server4PC.exe [2007-8-24 344064]
Status Monitor.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2007-3-15 819200]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\temp\\WAP54G-full package-0420\\Setup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [17.3.2007 14:19 639224]
R1 MpKsl33030cf2;MpKsl33030cf2;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0980F0E2-4D84-4AD0-809E-11791800B02A}\MpKsl33030cf2.sys [6.10.2011 20:29 28752]
R1 MpKsl4e6f7720;MpKsl4e6f7720;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0980F0E2-4D84-4AD0-809E-11791800B02A}\MpKsl4e6f7720.sys [6.10.2011 21:09 28752]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM);c:\windows\system32\drivers\SE31bus.sys [28.3.2007 22:47 61600]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter;c:\windows\system32\drivers\SE31mdfl.sys [1.5.2006 13:57 9360]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver;c:\windows\system32\drivers\SE31mdm.sys [1.5.2006 13:57 97184]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\SE31mgmt.sys [1.5.2006 13:58 88688]
S3 se31nd5;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS);c:\windows\system32\drivers\se31nd5.sys [1.5.2006 13:56 18704]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface;c:\windows\system32\drivers\SE31obex.sys [1.5.2006 13:59 86560]
S3 se31unic;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM);c:\windows\system32\drivers\se31unic.sys [1.5.2006 13:56 90800]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL4E6F7720
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-06 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.100.1
DPF: {D67DB088-70B4-4006-B052-57F614FD3AA8} - hxxp://www.vguard.net/myasp/chtIEx.cab
FF - ProfilePath - c:\documents and settings\hynek\Application Data\Mozilla\Firefox\Profiles\yf39my4j.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-06 21:10
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(808)
c:\program files\Bonjour\mdnsNSP.dll
.
- - - - - - - > 'explorer.exe'(3608)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\brss01a.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\eHome\ehmsas.exe
.
**************************************************************************
.
Celkový čas: 2011-10-06 21:18:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-06 19:18
ComboFix2.txt 2011-10-06 17:01
ComboFix3.txt 2009-10-04 11:04
ComboFix4.txt 2009-10-03 16:50
ComboFix5.txt 2011-10-06 18:54
.
Před spuštěním: 54 464 806 912 bytes free
Po spuštění: Volných bajtů: 54 439 591 936
.
- - End Of File - - 185E3D0F5C968081674174B3A62C0409

Neni treba, CF provedlo co melo.

Jak se chova PC

Zdá se, že dobře.

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Dejte novy log z RSIT a napiste co PC, ci je vse OK

Myslím, že se ComboFix neodinstaloval.

Proběhl test:
ComboFix 09-10-01.05 - matej 09.10.2011 12:44.8.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.1022.276 [GMT 2:00]
Spuštěný z: c:\documents and settings\matej\Desktop\Uninstall.exe
AV: Microsoft Security Essentials *On-access scanning enabled* (Updated) {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.

((((((((((((((((((((((((( Soubory vytvořené od 2011-09-09 do 2011-10-09 )))))))))))))))))))))))))))))))
.

2011-10-07 08:28 . 2011-10-07 08:28 -------- d-sh--w- c:\documents and settings\matej\PrivacIE
2011-10-06 19:27 . 2011-10-06 19:27 -------- d-sh--w- c:\documents and settings\matej\IETldCache
2011-10-06 16:49 . 2011-10-06 16:49 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2011-10-06 16:46 . 2010-11-07 17:20 208896 ----a-w- c:\windows\MBR.exe
2011-10-05 20:16 . 2011-10-05 20:16 -------- d-----w- C:\_OTL
2011-10-04 19:32 . 2011-10-04 19:32 512 ----a-w- C:\PhysicalMBR.bin
2011-10-04 17:58 . 2011-10-04 17:58 -------- d-sh--w- c:\documents and settings\hynek\IECompatCache
2011-10-04 17:55 . 2011-10-04 17:55 -------- d-sh--w- c:\documents and settings\hynek\PrivacIE
2011-10-04 14:18 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-10-04 14:15 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-10-04 14:11 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-10-04 14:08 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-10-04 14:08 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-10-04 13:33 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-10-04 13:33 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-10-02 20:37 . 2010-10-19 20:51 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-02 20:26 . 2011-10-02 20:26 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2011-10-02 20:25 . 2011-10-02 20:26 -------- d-----w- c:\program files\Microsoft Security Client
2011-10-02 20:19 . 2011-10-02 20:19 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2011-10-02 20:01 . 2011-10-02 20:01 -------- d-----w- c:\windows\system32\scripting
2011-10-02 20:01 . 2011-10-02 20:01 -------- d-----w- c:\windows\l2schemas
2011-10-02 20:01 . 2011-10-02 20:01 -------- d-----w- c:\windows\system32\en
2011-10-02 20:01 . 2011-10-02 20:01 -------- d-----w- c:\windows\system32\bits
2011-10-02 18:41 . 2008-04-14 00:12 33792 ------w- c:\windows\system32\mmcperf.exe
2011-10-02 18:41 . 2008-04-14 00:11 397312 ------w- c:\windows\system32\mmcex.dll
2011-10-02 18:41 . 2008-04-14 00:11 184320 ------w- c:\windows\system32\microsoft.managementconsole.dll
2011-10-02 18:41 . 2008-04-14 00:11 106496 ------w- c:\windows\system32\mmcfxcommon.dll
2011-10-02 18:41 . 2008-04-14 00:11 86016 ------w- c:\windows\system32\mdmxsdk.dll
2011-10-02 18:41 . 2004-08-03 20:41 11868 ------w- c:\windows\system32\drivers\mdmxsdk.sys
2011-10-02 18:41 . 2008-04-14 00:11 37376 ------w- c:\windows\system32\l2gpstore.dll
2011-10-02 18:41 . 2008-04-14 00:11 61440 ------w- c:\windows\system32\kmsvc.dll
2011-10-02 18:41 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdpash.dll
2011-10-02 18:41 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdnepr.dll
2011-10-02 18:41 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdiultn.dll
2011-10-02 18:41 . 2008-04-14 00:09 6144 ------w- c:\windows\system32\kbdbhc.dll
2011-10-02 17:41 . 2011-10-02 17:41 -------- d-sh--w- c:\documents and settings\hynek\IETldCache
2011-10-02 17:34 . 2011-10-04 14:38 -------- d-----w- c:\windows\ie8updates
2011-10-02 17:33 . 2011-06-23 18:36 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-10-02 17:33 . 2011-06-23 18:36 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-10-02 17:33 . 2011-06-23 18:36 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-10-02 17:33 . 2011-06-23 18:36 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-10-02 17:33 . 2011-06-23 18:36 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-10-02 17:33 . 2011-06-23 18:36 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-10-02 17:33 . 2011-06-23 18:36 11081728 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-10-02 17:32 . 2011-10-02 17:32 -------- dc-h--w- c:\windows\ie8
2011-10-02 17:09 . 2011-10-02 17:09 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2011-10-02 16:53 . 2011-10-02 16:53 -------- d-----w- c:\windows\nview
2011-10-02 16:53 . 2008-05-16 12:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2011-10-02 16:52 . 2008-05-16 09:48 446464 ----a-w- c:\windows\system32\NVUNINST.EXE
2011-10-02 16:52 . 2011-10-02 16:52 -------- d-----w- C:\NVIDIA
2011-09-17 20:31 . 2011-09-17 20:32 -------- d-----w- c:\documents and settings\matej\Local Settings\Application Data\Plus500
2011-09-17 20:31 . 2011-09-17 20:31 -------- d-----w- c:\program files\Plus500

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-06 19:28 . 2007-05-12 06:00 85872 ----a-w- c:\documents and settings\matej\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2011-10-04 17:54 . 2008-07-31 18:49 -------- d-----w- c:\program files\Google
2011-10-04 15:49 . 2009-08-16 10:36 -------- d-----w- c:\program files\trend micro
2011-10-02 20:42 . 2008-11-05 17:56 -------- d-----w- c:\program files\Common Files\Apple
2011-10-02 20:41 . 2009-03-13 19:45 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2011-10-02 20:40 . 2007-03-15 16:09 -------- d--h--w- c:\program files\InstallShield Installation Information
2011-10-02 20:38 . 2007-03-17 22:44 -------- d-----w- c:\program files\Yahoo!
2011-10-02 20:26 . 2007-03-15 13:59 85872 ----a-w- c:\documents and settings\hynek\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2011-09-09 09:12 . 2006-03-15 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-07-26 18:53 . 2011-07-26 18:54 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-15 13:29 . 2006-03-15 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-10-05 18:07 . 2011-05-31 14:46 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.

((((((((((((((((((((((((((((( SnapShot_2011-10-06_16.58.41 )))))))))))))))))))))))))))))))))))))))))
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Google Update"="c:\documents and settings\matej\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-06-15 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960]
"ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2004-07-20 851968]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]
"pdfFactory Pro Dispatcher v2"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2005-03-03 479232]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2006-08-02 577536]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-05-16 1630208]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Server4PC.lnk - c:\program files\TechniSat DVB\bin\Server4PC.exe [2007-8-24 344064]
Status Monitor.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2007-3-15 819200]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"RequireSignedAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\temp\\WAP54G-full package-0420\\Setup.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R1 MpKsl7fd2796b;MpKsl7fd2796b;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0208DF78-EB0D-41F3-A4AA-E2D5CE858C13}\MpKsl7fd2796b.sys [9.10.2011 11:30 28752]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM);c:\windows\system32\drivers\SE31bus.sys [28.3.2007 22:47 61600]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter;c:\windows\system32\drivers\SE31mdfl.sys [1.5.2006 13:57 9360]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver;c:\windows\system32\drivers\SE31mdm.sys [1.5.2006 13:57 97184]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\SE31mgmt.sys [1.5.2006 13:58 88688]
S3 se31nd5;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS);c:\windows\system32\drivers\se31nd5.sys [1.5.2006 13:56 18704]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface;c:\windows\system32\drivers\SE31obex.sys [1.5.2006 13:59 86560]
S3 se31unic;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM);c:\windows\system32\drivers\se31unic.sys [1.5.2006 13:56 90800]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - MPKSL7FD2796B

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6a68349-b2a6-11de-a4ea-0019db21c900}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'

2011-10-08 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]

2011-10-08 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-507921405-1957994488-1152.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]

2011-10-08 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-507921405-1957994488-1152.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
Trusted Zone: vguard.net\www
DPF: {D67DB088-70B4-4006-B052-57F614FD3AA8} - hxxp://www.vguard.net/myasp/chtIEx.cab
FF - ProfilePath - c:\documents and settings\matej\Application Data\Mozilla\Firefox\Profiles\a89l7jg0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&q=
FF - component: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\documents and settings\matej\Application Data\Mozilla\Firefox\Profiles\a89l7jg0.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\matej\Local Settings\Application Data\Google\Update\1.3.21.71\npGoogleUpdate3.dll
FF - plugin: c:\picasa 3\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKCU-Run-EA Core - c:\hry\The sims 3\EADM\Core.exe
HKCU-Run-AdobeBridge - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-09 12:46
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1715567821-507921405-1957994488-1152\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(788)
c:\program files\Bonjour\mdnsNSP.dll

- - - - - - - > 'explorer.exe'(3404)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Celkový čas: 2011-10-09 12:49
ComboFix-quarantined-files.txt 2011-10-09 10:49
ComboFix2.txt 2011-10-06 19:18
ComboFix3.txt 2011-10-06 17:01
ComboFix4.txt 2009-10-04 11:04
ComboFix5.txt 2011-10-09 10:42

Před spuštěním: 54 026 846 208 bytes free
Po spuštění: Volných bajtů: 54 071 906 304

201 --- E O F --- 2011-10-04 15:20

Pokracujte dale T-Cleanerem a OTC, ti by si s nim meli tez poradit

PC se jeví OK.

Logfile of random's system information tool 1.09 (written by random/random)
Run by hynek at 2011-10-09 22:47:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 58 GB (19%) free of 305 GB
Total RAM: 1022 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:47:32, on 9.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Documents and Settings\hynek\Desktop\RSIT.exe
C:\Program Files\trend micro\hynek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: PDF-XChange Viewer IE-Plugin - {C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F} - C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /source=HKLM
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\ICQ\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\ICQ\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3967921166
O16 - DPF: {D67DB088-70B4-4006-B052-57F614FD3AA8} (ChtIEx Control) - http://www.vguard.net/myasp/chtIEx.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = hb-ware.cz
O17 - HKLM\Software\..\Telephony: DomainName = hb-ware.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = hb-ware.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = hb-ware.cz
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 6620 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-507921405-1957994488-1152.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-507921405-1957994488-1152.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\hynek\Application Data\Mozilla\Firefox\Profiles\yf39my4j.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.10, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.3, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Picasa 3\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647]
"Description"=12.0.1.647
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
nppl3260.dll
nprjplug.dll
nprpjplug.dll

C:\Program Files\Mozilla Firefox\searchplugins\
firmycz.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
mapycz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
zbocz.xml

C:\Documents and Settings\hynek\Application Data\Mozilla\Firefox\Profiles\yf39my4j.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-04-14 386776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5D07EB6-BBCE-4DAE-ACBB-D13A8D28CB1F}]
PDF-XChange Viewer IE-Plugin - C:\Program Files\Tracker Software\PDF-XChange Viewer\pdf-viewer\PDFXCviewIEPlugin.dll [2009-02-21 1098008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-26 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-07-26 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2004-04-14 57393]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2004-04-14 40960]
"ControlCenter2.0"=C:\Program Files\Brother\ControlCenter2\brctrcen.exe [2004-07-20 851968]
"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-14 143360]
"pdfFactory Pro Dispatcher v2"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe [2005-03-03 479232]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]
"PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2004-03-10 406016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Server4PC.lnk - C:\Program Files\TechniSat DVB\bin\Server4PC.exe
Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\temp\WAP54G-full package-0420\Setup.exe"="C:\temp\WAP54G-full package-0420\Setup.exe:*:Enabled:Setup Wizard of WAP54G"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"\\Hbwares\Společné\Instal\Hardware\TISKARNY\Belkin - printserver\files\setup.exe"="\\Hbwares\Společné\Instal\Hardware\TISKARNY\Belkin - printserver\files\setup.exe:*:Enabled:setup.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\wincmd\WINCMD32.EXE"="C:\wincmd\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit internationale Version, Dateimanager-Ersatz fuer Windows"
"\\Hbwares\Společné\Instal\Hardware\SITOVKY\bezdrát\Linksys WAP54G\Setup Wizard\WAP54G-full package-0420\Setup.exe"="\\Hbwares\Společné\Instal\Hardware\SITOVKY\bezdrát\Linksys WAP54G\Setup Wizard\WAP54G-full package-0420\Setup.exe:*:Enabled:Setup.exe"
"C:\temp\WAP54G-full package-0420\Setup.exe"="C:\temp\WAP54G-full package-0420\Setup.exe:*:Enabled:Setup Wizard of WAP54G"
"C:\ICQ\ICQ6\ICQ.exe"="C:\ICQ\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\QIP\qip\qip.exe"="C:\QIP\qip\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\QIP\qip.exe"="C:\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\matej\Desktop\Commander.exe"="C:\Documents and Settings\matej\Desktop\Commander.exe:*:Enabled:Commander"
"C:\HRY\FM08\fm.exe"="C:\HRY\FM08\fm.exe:*:Enabled:Football Manager 2008"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=vdrcodec.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.DIVX"=DivX.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"VIDC.MJPG"=Pvmjpg21.dll
"VIDC.PIM1"=pclepim1.dll
"vidc.XVID"=xvidvfw.dll
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave"=wdmaud.drv

======File associations======

.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"

======List of files/folders created in the last 1 month======

2011-10-09 22:47:28 ----D---- C:\rsit
2011-10-09 22:43:26 ----D---- C:\Program Files\CCleaner
2011-10-09 22:40:07 ----SHD---- C:\RECYCLER
2011-10-09 12:49:15 ----D---- C:\WINDOWS\temp
2011-10-04 17:20:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$
2011-10-04 17:08:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-10-04 17:07:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-10-04 17:07:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-10-04 17:06:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-10-04 17:06:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-10-04 17:05:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-10-04 17:05:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-10-04 17:05:03 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-10-04 17:04:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-10-04 17:04:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-10-04 17:04:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-10-04 17:03:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-10-04 17:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-10-04 17:03:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-10-04 17:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-10-04 17:02:39 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-10-04 17:01:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-10-04 17:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676-v2$
2011-10-04 17:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-10-04 17:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2011-10-04 17:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2503665$
2011-10-04 17:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-10-04 17:00:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-10-04 17:00:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-10-04 16:59:28 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-10-04 16:58:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-10-04 16:58:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2011-10-04 16:57:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-10-04 16:51:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2011-10-04 16:51:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-10-04 16:51:32 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-10-04 16:51:12 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-10-04 16:50:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-10-04 16:49:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-10-04 16:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-10-04 16:48:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-10-04 16:47:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-10-04 16:46:14 ----D---- C:\Config.Msi
2011-10-04 16:44:33 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-10-04 16:42:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893$
2011-10-04 16:38:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-10-04 16:38:01 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-10-04 16:37:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2011-10-04 16:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-10-04 16:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-10-04 16:36:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-10-04 16:35:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-10-04 16:35:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-10-04 16:35:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-10-04 16:34:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-10-02 22:37:52 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2011-10-02 22:25:54 ----D---- C:\Program Files\Microsoft Security Client
2011-10-02 22:19:03 ----D---- C:\WINDOWS\Prefetch
2011-10-02 22:17:36 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-10-02 22:17:29 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2011-10-02 22:17:16 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2011-10-02 22:17:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2011-10-02 22:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-10-02 22:16:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-10-02 22:16:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-10-02 22:16:39 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-10-02 22:16:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-10-02 22:16:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-10-02 22:16:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2011-10-02 22:16:06 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-10-02 22:15:58 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-10-02 22:15:46 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2011-10-02 22:15:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-10-02 22:15:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2011-10-02 22:15:20 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-10-02 22:15:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-10-02 22:15:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-10-02 22:14:59 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-10-02 22:14:49 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-10-02 22:14:42 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-10-02 22:14:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-10-02 22:14:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-10-02 22:14:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-10-02 22:14:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-10-02 22:14:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-10-02 22:13:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2011-10-02 22:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-10-02 22:13:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-10-02 22:13:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-10-02 22:13:27 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2011-10-02 22:13:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2011-10-02 22:13:10 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2011-10-02 22:13:02 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2011-10-02 22:12:54 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-10-02 22:12:46 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2011-10-02 22:12:41 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2011-10-02 22:12:31 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-10-02 22:12:24 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2011-10-02 22:12:15 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-10-02 22:12:04 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-10-02 22:11:56 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-10-02 22:11:49 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2011-10-02 22:11:42 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2011-10-02 22:11:24 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-10-02 22:11:17 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-10-02 22:11:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-10-02 22:10:59 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2011-10-02 22:10:52 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-10-02 22:10:45 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2011-10-02 22:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2011-10-02 22:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-10-02 22:10:19 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2011-10-02 22:10:12 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2011-10-02 22:10:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-10-02 22:09:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2011-10-02 22:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-10-02 22:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-10-02 22:09:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-10-02 22:09:15 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-10-02 22:09:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2011-10-02 22:09:00 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2011-10-02 22:08:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_1$
2011-10-02 22:08:47 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2011-10-02 22:08:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2011-10-02 22:08:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-10-02 22:08:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-10-02 22:08:15 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-10-02 22:08:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-10-02 22:07:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2011-10-02 22:07:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-10-02 22:07:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2011-10-02 22:07:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2011-10-02 22:07:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-10-02 22:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-10-02 22:07:14 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-10-02 22:07:08 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2011-10-02 22:07:00 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-10-02 22:06:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-10-02 22:01:59 ----D---- C:\WINDOWS\system32\scripting
2011-10-02 22:01:59 ----D---- C:\WINDOWS\l2schemas
2011-10-02 22:01:58 ----D---- C:\WINDOWS\system32\en
2011-10-02 22:01:58 ----D---- C:\WINDOWS\system32\bits
2011-10-02 21:55:01 ----D---- C:\WINDOWS\network diagnostic
2011-10-02 21:49:08 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-10-02 20:42:50 ----N---- C:\WINDOWS\system32\wlanapi.dll
2011-10-02 20:42:47 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2011-10-02 20:42:47 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2011-10-02 20:42:47 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2011-10-02 20:42:47 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2011-10-02 20:42:47 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2011-10-02 20:42:47 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2011-10-02 20:42:47 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2011-10-02 20:42:46 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2011-10-02 20:42:46 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2011-10-02 20:42:45 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2011-10-02 20:42:44 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2011-10-02 20:42:42 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2011-10-02 20:42:41 ----N---- C:\WINDOWS\system32\tspkg.dll
2011-10-02 20:42:41 ----N---- C:\WINDOWS\system32\tsgqec.dll
2011-10-02 20:42:35 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2011-10-02 20:42:32 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2011-10-02 20:42:31 ----N---- C:\WINDOWS\system32\slserv.exe
2011-10-02 20:42:31 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2011-10-02 20:42:31 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\slrundll.exe
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\slgen.dll
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\slextspk.dll
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\slcoinst.dll
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2011-10-02 20:42:30 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2011-10-02 20:42:30 ----N---- C:\WINDOWS\slrundll.exe
2011-10-02 20:42:28 ----N---- C:\WINDOWS\system32\setupn.exe
2011-10-02 20:42:28 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2011-10-02 20:42:26 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2011-10-02 20:42:25 ----N---- C:\WINDOWS\system32\s3gnb.dll
2011-10-02 20:42:25 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2011-10-02 20:42:24 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2011-10-02 20:42:24 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2011-10-02 20:42:24 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2011-10-02 20:42:23 ----N---- C:\WINDOWS\system32\rasqec.dll
2011-10-02 20:42:22 ----N---- C:\WINDOWS\system32\qutil.dll
2011-10-02 20:42:21 ----N---- C:\WINDOWS\system32\qcliprov.dll
2011-10-02 20:42:21 ----N---- C:\WINDOWS\system32\qagentrt.dll
2011-10-02 20:42:21 ----N---- C:\WINDOWS\system32\qagent.dll
2011-10-02 20:42:16 ----N---- C:\WINDOWS\system32\onex.dll
2011-10-02 20:42:11 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2011-10-02 20:42:06 ----N---- C:\WINDOWS\system32\napstat.exe
2011-10-02 20:42:06 ----N---- C:\WINDOWS\system32\napmontr.dll
2011-10-02 20:42:06 ----N---- C:\WINDOWS\system32\napipsec.dll
2011-10-02 20:42:06 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2011-10-02 20:42:06 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2011-10-02 20:42:05 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2011-10-02 20:42:05 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2011-10-02 20:42:05 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2011-10-02 20:42:03 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2011-10-02 20:42:03 ----N---- C:\WINDOWS\system32\mssha.dll
2011-10-02 20:41:49 ----N---- C:\WINDOWS\system32\mmcperf.exe
2011-10-02 20:41:48 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2011-10-02 20:41:48 ----N---- C:\WINDOWS\system32\mmcex.dll
2011-10-02 20:41:48 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2011-10-02 20:41:45 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2011-10-02 20:41:45 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2011-10-02 20:41:36 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2011-10-02 20:41:28 ----N---- C:\WINDOWS\system32\kmsvc.dll
2011-10-02 20:41:27 ----N---- C:\WINDOWS\system32\kbdpash.dll
2011-10-02 20:41:27 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2011-10-02 20:41:27 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2011-10-02 20:41:27 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2011-10-02 20:40:50 ----N---- C:\WINDOWS\system32\smtpapi.dll
2011-10-02 20:40:50 ----N---- C:\WINDOWS\system32\rwnh.dll
2011-10-02 20:40:42 ----N---- C:\WINDOWS\system32\comsdupd.exe
2011-10-02 20:40:40 ----N---- C:\WINDOWS\system32\ieencode.dll
2011-10-02 20:40:38 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2011-10-02 20:40:38 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2011-10-02 20:40:38 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2011-10-02 20:40:38 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2011-10-02 20:40:37 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2011-10-02 20:40:36 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2011-10-02 20:40:29 ----N---- C:\WINDOWS\system32\faxpatch.exe
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eapsvc.dll
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eapqec.dll
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eappprxy.dll
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eapphost.dll
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eappgnui.dll
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eappcfg.dll
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2011-10-02 20:40:27 ----N---- C:\WINDOWS\system32\eapolqec.dll
2011-10-02 20:40:24 ----N---- C:\WINDOWS\system32\dot3ui.dll
2011-10-02 20:40:24 ----N---- C:\WINDOWS\system32\dot3svc.dll
2011-10-02 20:40:24 ----N---- C:\WINDOWS\system32\dot3msm.dll
2011-10-02 20:40:24 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2011-10-02 20:40:24 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2011-10-02 20:40:24 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2011-10-02 20:40:24 ----N---- C:\WINDOWS\system32\dot3api.dll
2011-10-02 20:40:23 ----N---- C:\WINDOWS\system32\dimsroam.dll
2011-10-02 20:40:23 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2011-10-02 20:40:22 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2011-10-02 20:40:19 ----N---- C:\WINDOWS\system32\credssp.dll
2011-10-02 20:40:16 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2011-10-02 20:40:14 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2011-10-02 20:40:14 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2011-10-02 20:40:14 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2011-10-02 20:40:14 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2011-10-02 20:40:14 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2011-10-02 20:40:14 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2011-10-02 20:40:13 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2011-10-02 20:40:13 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2011-10-02 20:40:13 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2011-10-02 20:40:13 ----N---- C:\WINDOWS\system32\azroles.dll
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2011-10-02 20:40:12 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\ati3duag.dll
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2011-10-02 20:40:11 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2011-10-02 20:40:08 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2011-10-02 20:40:07 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2011-10-02 20:40:06 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2011-10-02 20:40:04 ----N---- C:\WINDOWS\system32\aaclient.dll
2011-10-02 19:34:47 ----D---- C:\WINDOWS\ie8updates
2011-10-02 19:33:15 ----D---- C:\WINDOWS\WBEM
2011-10-02 19:32:01 ----HDC---- C:\WINDOWS\ie8
2011-10-02 19:09:26 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2011-10-02 18:53:12 ----D---- C:\WINDOWS\nview
2011-10-02 18:53:12 ----A---- C:\WINDOWS\system32\nvudisp.exe
2011-10-02 18:52:57 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2011-10-02 18:52:46 ----D---- C:\NVIDIA
2011-09-17 22:31:47 ----D---- C:\Program Files\Plus500

======List of files/folders modified in the last 1 month======

2011-10-09 22:47:32 ----D---- C:\Program Files\trend micro
2011-10-09 22:46:04 ----SD---- C:\WINDOWS\Tasks
2011-10-09 22:44:44 ----D---- C:\WINDOWS\Debug
2011-10-09 22:44:44 ----D---- C:\WINDOWS
2011-10-09 22:43:26 ----RD---- C:\Program Files
2011-10-09 22:41:18 ----D---- C:\WINDOWS\Registration
2011-10-09 22:40:18 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-10-09 22:33:00 ----D---- C:\WINDOWS\Minidump
2011-10-09 22:28:40 ----SHD---- C:\System Volume Information
2011-10-09 22:28:40 ----D---- C:\WINDOWS\system32\Restore
2011-10-09 20:54:27 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-09 20:53:59 ----SHD---- C:\WINDOWS\CSC
2011-10-09 18:48:19 ----A---- C:\WINDOWS\hpbafd.ini
2011-10-09 18:41:56 ----D---- C:\WINDOWS\security
2011-10-09 12:49:18 ----D---- C:\WINDOWS\system32
2011-10-09 12:49:17 ----D---- C:\WINDOWS\system32\drivers
2011-10-09 12:46:31 ----A---- C:\WINDOWS\system.ini
2011-10-08 13:27:44 ----A---- C:\WINDOWS\NeroDigital.ini
2011-10-08 09:35:36 ----A---- C:\WINDOWS\WINCMD.INI
2011-10-06 21:10:22 ----D---- C:\WINDOWS\system32\drivers\etc
2011-10-06 21:03:13 ----D---- C:\WINDOWS\AppPatch
2011-10-06 21:03:10 ----D---- C:\Program Files\Common Files
2011-10-05 22:16:56 ----SHD---- C:\WINDOWS\Installer
2011-10-05 20:08:01 ----D---- C:\Program Files\Mozilla Firefox
2011-10-04 19:54:49 ----D---- C:\Program Files\Google
2011-10-04 19:54:49 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2011-10-04 17:48:08 ----HD---- C:\WINDOWS\inf
2011-10-04 17:41:08 ----RSD---- C:\WINDOWS\assembly
2011-10-04 17:31:35 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-04 17:19:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-04 17:18:14 ----D---- C:\WINDOWS\WinSxS
2011-10-04 17:08:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-04 17:08:00 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-04 16:59:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-10-04 16:44:36 ----D---- C:\Program Files\Movie Maker
2011-10-04 16:37:19 ----A---- C:\WINDOWS\win.ini
2011-10-04 16:36:08 ----D---- C:\Program Files\Internet Explorer
2011-10-04 16:35:12 ----D---- C:\Program Files\Outlook Express
2011-10-02 22:43:05 ----D---- C:\HRY
2011-10-02 22:42:42 ----D---- C:\WINDOWS\system32\appmgmt
2011-10-02 22:42:40 ----D---- C:\Program Files\Common Files\Apple
2011-10-02 22:41:50 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2011-10-02 22:40:19 ----HD---- C:\Program Files\InstallShield Installation Information
2011-10-02 22:39:28 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-10-02 22:38:41 ----D---- C:\Program Files\Yahoo!
2011-10-02 22:26:13 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2011-10-02 22:18:34 ----D---- C:\WINDOWS\system32\wbem
2011-10-02 22:18:34 ----D---- C:\WINDOWS\system32\Setup
2011-10-02 22:18:34 ----D---- C:\Program Files\Messenger
2011-10-02 22:18:33 ----RSD---- C:\WINDOWS\Fonts
2011-10-02 22:17:38 ----D---- C:\WINDOWS\system32\CatRoot
2011-10-02 22:02:15 ----D---- C:\WINDOWS\system32\inetsrv
2011-10-02 22:02:15 ----D---- C:\WINDOWS\Help
2011-10-02 22:02:14 ----D---- C:\WINDOWS\ime
2011-10-02 22:02:00 ----D---- C:\WINDOWS\system32\usmt
2011-10-02 22:02:00 ----D---- C:\WINDOWS\system32\oobe
2011-10-02 22:02:00 ----D---- C:\WINDOWS\system32\en-US
2011-10-02 22:01:58 ----D---- C:\WINDOWS\PeerNet
2011-10-02 21:57:26 ----D---- C:\WINDOWS\ServicePackFiles
2011-10-02 21:57:16 ----D---- C:\WINDOWS\system32\npp
2011-10-02 21:57:16 ----D---- C:\WINDOWS\mui
2011-10-02 21:57:15 ----D---- C:\WINDOWS\msagent
2011-10-02 21:57:13 ----D---- C:\WINDOWS\srchasst
2011-10-02 21:57:12 ----D---- C:\Program Files\NetMeeting
2011-10-02 21:57:11 ----D---- C:\WINDOWS\system32\Com
2011-10-02 21:57:08 ----D---- C:\Program Files\Windows NT
2011-10-02 21:57:02 ----D---- C:\Program Files\Common Files\System
2011-10-02 21:56:38 ----D---- C:\WINDOWS\system
2011-10-02 21:53:12 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-10-02 21:49:05 ----D---- C:\WINDOWS\ehome
2011-10-02 19:33:09 ----D---- C:\WINDOWS\Media
2011-09-28 22:00:30 ----A---- C:\WINDOWS\system32\MRT.exe
2011-09-21 20:22:18 ----A---- C:\WINDOWS\wcx_ftp.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-09-03 115680]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-01 43872]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-03-17 639224]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-06-21 78976]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 a6phkbir;a6phkbir; C:\WINDOWS\system32\drivers\a6phkbir.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\R:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 SE31bus;Sony Ericsson Device 049 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE31bus.sys [2006-05-01 61600]
S3 SE31mdfl;Sony Ericsson Device 049 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE31mdfl.sys [2006-05-01 9360]
S3 SE31mdm;Sony Ericsson Device 049 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE31mdm.sys [2006-05-01 97184]
S3 SE31mgmt;Sony Ericsson Device 049 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE31mgmt.sys [2006-05-01 88688]
S3 se31nd5;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (NDIS); C:\WINDOWS\system32\DRIVERS\se31nd5.sys [2006-05-01 18704]
S3 SE31obex;Sony Ericsson Device 049 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE31obex.sys [2006-05-01 86560]
S3 se31unic;Sony Ericsson Device 049 USB Ethernet Emulation SEMC49 (WDM); C:\WINDOWS\system32\DRIVERS\se31unic.sys [2006-05-01 90800]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 9360]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 97088]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 88624]
S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS); C:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 18704]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 86432]
S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM); C:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 90800]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-03-03 18944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2005-10-11 237568]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-03 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2006-11-06 210432]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Log tez vypada OK

Moc Vám děkuji!

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na rozloucenou vam zahraje nase kapela :guitar:

VIRY.CZ

Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku

Re: Prosím o preventivku