Kontrola logu

Zpráva

poverrr · #16 Příspěvek od **poverrr** » 21 lis 2012 19:35

smazano, zde je nový log

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.11.21.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
max :: DATIS-E13D97E4F [administrátor]

Ochrana: Povolena

21.11.2012 15:47
mbam-log-2012-11-21 (15-47-00).txt

Typ: Úplná kontrola (C:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 358660
Uplynulý čas: 3 hodin, 34 minut, 10 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FD31ED6-7C94-4BBC-8E95-F927F4D3A949} (Adware.180Solutions) -> Umístnění do karantény a smazání se zdařilo.
HKCU\SOFTWARE\VAV (Rogue.VistaAntiVirus2008) -> Umístnění do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

#17 Příspěvek od **vyosek** » 21 lis 2012 21:15

Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - File not found [Auto | Stopped] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - File not found [Disabled | Stopped] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (rkhdrv40)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\max\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\adusbser.sys -- (adusbser)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\adusbnet.sys -- (adusbnet)
DRV - [2007.09.24 15:31:29 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2007.09.24 15:31:28 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv)
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-861567501-1801674531-839522115-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-861567501-1801674531-839522115-1004\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKU\S-1-5-21-861567501-1801674531-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-861567501-1801674531-839522115-1004\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60446
IE - HKU\S-1-5-21-861567501-1801674531-839522115-1004\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-861567501-1801674531-839522115-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
IE - HKU\S-1-5-21-861567501-1801674531-839522115-1004\..\SearchScopes\{F05AD504-D77B-44DA-9F48-FCCB94A25010}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.defaultthis.engineName: "BS Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..keyword.URL: "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="
FF - prefs.js..network.proxy.type: 4
[2011.05.08 04:09:47 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\extensions\vshare@toolbar
[2010.01.20 12:13:52 | 000,000,921 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\conduit.xml
[2012.06.19 00:34:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-1.xml
[2009.08.05 04:59:28 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-10.xml
[2009.11.25 19:10:24 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-11.xml
[2010.01.08 18:30:08 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-12.xml
[2010.02.18 14:46:23 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-13.xml
[2010.02.18 15:18:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-14.xml
[2010.02.18 16:24:06 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-15.xml
[2010.02.19 07:52:48 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-16.xml
[2010.03.24 22:22:59 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-17.xml
[2010.04.02 19:34:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-18.xml
[2010.06.24 21:20:40 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-19.xml
[2009.04.23 12:09:04 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-2.xml
[2010.06.25 15:23:31 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-20.xml
[2010.06.25 22:15:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-21.xml
[2010.07.23 17:10:43 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-22.xml
[2010.07.24 04:19:54 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-23.xml
[2010.09.09 19:10:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-24.xml
[2010.09.17 02:46:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-25.xml
[2010.09.18 18:59:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-26.xml
[2010.09.18 22:38:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-27.xml
[2010.09.18 23:12:54 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-28.xml
[2010.09.19 08:40:00 | 000,000,656 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-29.xml
[2009.04.29 01:48:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-3.xml
[2009.05.01 11:53:41 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-4.xml
[2009.06.13 14:37:04 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-5.xml
[2009.07.01 02:21:49 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-6.xml
[2009.08.05 02:01:10 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-7.xml
[2009.08.05 02:34:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-8.xml
[2009.08.05 04:42:48 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin-9.xml
[2010.05.12 16:40:48 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\icqplugin.xml
[2011.05.08 04:07:45 | 000,001,583 | ---- | M] () -- C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\web-search.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5SAXBF63.DEFAULT\EXTENSIONS\{097D3191-E6FA-4728-9826-B533D755359D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5SAXBF63.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5SAXBF63.DEFAULT\EXTENSIONS\{446C03E0-2C35-11DB-A98B-0800200C9A67}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5SAXBF63.DEFAULT\EXTENSIONS\{6E764C17-863A-450F-BDD0-6772BD5AAA18}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5SAXBF63.DEFAULT\EXTENSIONS\{6E84150A-D526-41F1-A480-A67D3FED910D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5SAXBF63.DEFAULT\EXTENSIONS\{7E7165E2-0767-448C-852F-5FA8714F2C37}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5SAXBF63.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5SAXBF63.DEFAULT\EXTENSIONS\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5SAXBF63.DEFAULT\EXTENSIONS\{F68DF430-4534-4473-8CA4-D5DE32268A8D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5SAXBF63.DEFAULT\EXTENSIONS\CS@DICTIONARIES.ADDONS.MOZILLA.ORG
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5SAXBF63.DEFAULT\EXTENSIONS\FIREFOX@TVUNETWORKS.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MAX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\5SAXBF63.DEFAULT\EXTENSIONS\VSHARE@TOOLBAR
CHR - default_search_provider: ICQ Search (Enabled)
CHR - default_search_provider: search_url = http://search.icq.com/search/results/?q={searchTerms}&ch_id=icq-fx-plug
CHR - default_search_provider: suggest_url = ,
O3 - HKU\S-1-5-21-861567501-1801674531-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-861567501-1801674531-839522115-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-861567501-1801674531-839522115-1004\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-861567501-1801674531-839522115-1004\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O33 - MountPoints2\{0a041424-c381-11e1-a28c-0016cfacc36a}\Shell - "" = AutoRun
O33 - MountPoints2\{39c04de8-b37c-11df-9f1d-0016cfacc36a}\Shell - "" = AutoRun
O33 - MountPoints2\{39c04de9-b37c-11df-9f1d-0016cfacc36a}\Shell - "" = AutoRun
O33 - MountPoints2\{879e2636-b398-11df-9f1f-b93437b37594}\Shell - "" = AutoRun
[2012.11.20 18:25:33 | 097,495,576 | ---- | C] () -- C:\Documents and Settings\max\Plocha\avast_free_antivirus_setup.exe
[2009.11.22 11:51:21 | 000,002,516 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
[2009.11.22 11:51:21 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\46B445B147.sys
[2008.08.02 23:57:28 | 000,015,360 | -HS- | C] () -- C:\Documents and Settings\max\SetupDL.exe
[2007.12.04 12:45:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\max\Data aplikací\ICQ Toolbar
[11 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\$hf_mig$\KB960859\SP3QFE\*.tmp files -> C:\WINDOWS\$hf_mig$\KB960859\SP3QFE\*.tmp -> ]
[25 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[41 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[7 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\CatRoot\*.tmp files -> C:\WINDOWS\system32\CatRoot\*.tmp -> ]
[2012.11.21 11:53:12 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.11.19 22:54:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2012.11.20 18:50:14 | 000,000,310 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.11.18 02:19:03 | 000,000,354 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Fetch.job
[2012.11.21 11:39:03 | 000,000,966 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1801674531-839522115-1004Core.job
[2012.11.21 11:39:06 | 000,001,018 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1801674531-839522115-1004UA.job
[2012.11.19 17:49:42 | 000,000,274 | ---- | M] () -- C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-861567501-1801674531-839522115-1004.job
[2012.11.18 17:21:06 | 000,000,282 | ---- | M] () -- C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-861567501-1801674531-839522115-1004.job
[2012.11.20 14:05:44 | 000,000,462 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{1A8E0A58-0E0F-44CE-B9CC-BC465E3B5C97}.job
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:820563D3

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UpdateReminder"=-
"QuickTime Task"=-
"Adobe ARM"=-
"ISUSPM Startup"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=-
"Google Update"=-
"Chronograph"=-

:files
C:\Program Files\Eset
C:\Program Files\Spybot - Search & Destroy
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

poverrr · #18 Příspěvek od **poverrr** » 22 lis 2012 16:42

postupoval jsem podle vašich pokynu, vložil jsem skript do OTL a dal opravit po 6ti hodinách bylo ve spod OTL ...Proces killing dalši hodinu porad to same...po 8 hodinách jsem na tvrdo restnul ntb....ten proces opravy trvá tak dlouho ?

poverrr · #19 Příspěvek od **poverrr** » 22 lis 2012 17:22

pokus č.2

tentokrát oprava probehla behem cca 1 minuty, po ukoncení opravy naskočilo okenko s restartem dal jsem ok ...nic se nedelo, tak jsem zadal restart pres nabidku START, log jsem nikde nenašel

#20 Příspěvek od **vyosek** » 22 lis 2012 22:23

Dejte mi prosim novy log z RSIT

poverrr · #21 Příspěvek od **poverrr** » 22 lis 2012 22:42

Logfile of random's system information tool 1.09 (written by random/random)
Run by max at 2012-11-22 22:41:05
Microsoft Windows XP Home Edition
System drive C: has 41 GB (53%) free of 76 GB
Total RAM: 2038 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:41, on 22.11.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Mouse Driver\KMWDSrv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\msiexec.exe
C:\DOCUME~1\max\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe
C:\Program Files\O2\O2CZ\EMMSN.exe
C:\Program Files\O2\Nori\Nori.exe
C:\Documents and Settings\max\Plocha\RSIT.exe
C:\Program Files\trend micro\max.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [UpdateReminder] C:\Program Files\Eset\UpdateReminder.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\max\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Chronograph] "C:\Program Files\Chronograph\chrono.exe" /autorun
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://www.vexcast.com/download/vexcast.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = pop
O17 - HKLM\Software\..\Telephony: DomainName = pop
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0C354D4-A8AB-4561-9D26-7CBE9F811CAA}: NameServer = 160.218.167.5 160.218.161.60
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = pop
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Program Files\Eset\nod32krn.exe (file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O24 - Desktop Component 0: (no name) - http://www.afterwork.cz/eshop/_fotog.ph ... mala_1.jpg
O24 - Desktop Component 1: (no name) - file:///C:/DOCUME~1/max/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 11411 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\Driver Fetch.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1801674531-839522115-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1801674531-839522115-1004UA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-861567501-1801674531-839522115-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-861567501-1801674531-839522115-1004.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{1A8E0A58-0E0F-44CE-B9CC-BC465E3B5C97}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.com/"
prefs.js - "extensions.enabledItems" - "{446c03e0-2c35-11db-a98b-0800200c9a67}:0.5, {f68df430-4534-4473-8ca4-d5de32268a8d}:3.6, {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1, {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {7E7165E2-0767-448c-852F-5FA8714F2C37}:1.1.3, firefox@tvunetworks.com:2, 5, 3, 1, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.7, cs@dictionaries.addons.mozilla.org:1.0.2, {097d3191-e6fa-4728-9826-b533d755359d}:0.7.13, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, vshare@toolbar:1.0.0, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33, {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35, {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}:6.0.37, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "http://vshare.toolbarhome.com/search.aspx?srch=ku&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.16]
"Description"=Veetle Broadcaster Plugin
"Path"=C:\Program Files\Veetle\VLCBroadcast\npvbp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pages.tvunetworks.com/WebPlayer]
"Description"=TVU Web Player Plugin
"Path"=C:\Program Files\TVUPlayer\npTVUAx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bittorrent.com/BitTorrentDNA]
"Description"=Delivery Network Acceleration by BitTorrent™
"Path"=C:\Program Files\DNA\plugins\npbtdna.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npnul32.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\extensions\
cs@dictionaries.addons.mozilla(2).org
cs@dictionaries.addons.mozilla.org
firefox@ghostery(2).com
firefox@tvunetworks.com
staged-xpis
vshare@toolbar
{097d3191-e6fa-4728-9826-b533d755359d}
{097d3191-e6fa-4728-9826-b533d755359d}(2)
{097d3191-e6fa-4728-9826-b533d755359d}(3)
{20a82645-c095-46ed-80e3-08825760534b}
{446c03e0-2c35-11db-a98b-0800200c9a67}
{6e764c17-863a-450f-bdd0-6772bd5aaa18}
{6e84150a-d526-41f1-a480-a67d3fed910d}
{77b819fa-95ad-4f2c-ac7c-486b356188a9}
{7E7165E2-0767-448c-852F-5FA8714F2C37}
{800b5000-a755-47e1-992b-48a1c1357f07}
{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
{9AA46F4F-4DC7-4c06-97AF-5035170634FE}(2)
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
{f68df430-4534-4473-8ca4-d5de32268a8d}

C:\Documents and Settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-05 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ADECBED6-0366-4377-A739-E69DFBA04663}]
Catcher Class - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll [2007-12-05 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-05 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2008-07-27 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2008-07-27 491520]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"KMCONFIG"=C:\Program Files\Mouse Driver\StartAutorun.exe [2007-03-06 212992]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-17 2879488]
"UpdateReminder"=C:\Program Files\Eset\UpdateReminder.exe []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-16 221184]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\max\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-03-09 136176]
"Chronograph"=C:\Program Files\Chronograph\chrono.exe /autorun []

C:\Documents and Settings\max\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
C:\WINDOWS\system32\wlnotify.dll [2008-04-14 92672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
C:\WINDOWS\system32\wlnotify.dll [2008-04-14 92672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
C:\WINDOWS\system32\wlnotify.dll [2008-04-14 92672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
C:\WINDOWS\system32\wlnotify.dll [2008-04-14 92672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll [2008-04-14 19456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll [2012-06-08 8466944]
CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll [2012-06-08 8466944]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SRService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\termservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdtcp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdpipe.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SRService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpwd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpcdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ip6fw.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\Chronograph\chrono.exe"="C:\Program Files\Chronograph\chrono.exe:*:Enabled:Chronograph"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.l3codec"=l3codecp.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"VIDC.WMV3"=wmv9vcm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.MP42"=mpg4c32.dll
"VIDC.MPG4"=mpg4c32.dll
"vidc.CSCD"=camcodec.dll

======List of files/folders created in the last 1 month======

2012-11-22 09:54:16 ----D---- C:\_OTL
2012-11-21 15:35:35 ----D---- C:\Documents and Settings\max\Data aplikací\Malwarebytes
2012-11-21 15:34:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2012-11-21 15:34:47 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2012-11-21 15:34:46 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-11-20 18:50:21 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2012-11-20 18:50:20 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2012-11-20 18:50:17 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2012-11-20 18:50:16 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2012-11-20 18:50:15 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2012-11-20 18:50:13 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2012-11-20 18:50:13 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2012-11-20 18:50:11 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2012-11-20 18:49:10 ----A---- C:\WINDOWS\avastSS.scr
2012-11-20 18:49:09 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-11-20 18:48:32 ----D---- C:\Program Files\AVAST Software
2012-11-20 18:48:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-11-20 14:41:19 ----D---- C:\rsit
2012-11-15 03:55:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2012-11-15 03:50:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2761226$
2012-11-05 21:39:53 ----A---- C:\WINDOWS\system32\javaws.exe
2012-11-05 21:39:40 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2012-11-05 21:39:40 ----A---- C:\WINDOWS\system32\javaw.exe
2012-11-05 21:39:40 ----A---- C:\WINDOWS\system32\java.exe
2012-10-23 20:09:06 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of files/folders modified in the last 1 month======

2012-11-22 22:41:10 ----D---- C:\Program Files\trend micro
2012-11-22 22:39:53 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2012-11-22 21:17:06 ----D---- C:\WINDOWS\temp
2012-11-22 17:14:57 ----D---- C:\WINDOWS\Prefetch
2012-11-22 17:13:51 ----D---- C:\Program Files
2012-11-22 17:12:56 ----SHD---- C:\WINDOWS\Installer
2012-11-22 17:10:54 ----D---- C:\WINDOWS
2012-11-22 17:08:33 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-11-22 17:07:22 ----D---- C:\WINDOWS\system32\drivers\etc
2012-11-22 17:07:17 ----D---- C:\WINDOWS\system32\CatRoot
2012-11-22 17:07:17 ----D---- C:\WINDOWS\system32
2012-11-22 17:07:05 ----D---- C:\WINDOWS\system32\drivers
2012-11-22 09:54:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-11-20 18:50:14 ----SD---- C:\WINDOWS\Tasks
2012-11-20 18:49:51 ----D---- C:\WINDOWS\WinSxS
2012-11-15 04:50:25 ----RSD---- C:\WINDOWS\assembly
2012-11-15 04:46:54 ----D---- C:\WINDOWS\Microsoft.NET
2012-11-15 04:06:51 ----A---- C:\WINDOWS\system32\MRT.exe
2012-11-15 03:57:30 ----D---- C:\WINDOWS\inf
2012-11-15 03:56:00 ----DC---- C:\WINDOWS\system32\dllcache
2012-11-15 03:51:56 ----A---- C:\WINDOWS\imsins.BAK
2012-11-14 06:37:48 ----D---- C:\WINDOWS\$hf_mig$
2012-11-13 08:11:52 ----D---- C:\WINDOWS\system32\CatRoot2
2012-11-07 04:25:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Real
2012-11-07 04:24:56 ----D---- C:\Documents and Settings\max\Data aplikací\Real
2012-11-05 21:40:38 ----D---- C:\Program Files\Common Files\Java
2012-11-05 21:38:52 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2012-11-05 21:38:51 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-11-05 21:38:36 ----D---- C:\Program Files\Java
2012-10-24 02:04:51 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2012-10-23 20:05:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;Microsoft ACPI Driver; C:\WINDOWS\system32\DRIVERS\ACPI.sys [2008-04-14 188288]
R0 atapi;Standardní řadič disku IDE/ESDI; C:\WINDOWS\system32\DRIVERS\atapi.sys [2008-04-13 96512]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2004-08-25 28591]
R0 Compbatt;Microsoft Composite Battery Driver; C:\WINDOWS\system32\DRIVERS\compbatt.sys [2008-04-13 10240]
R0 Disk;Ovladač disku; C:\WINDOWS\system32\DRIVERS\disk.sys [2008-04-13 36352]
R0 FltMgr;FltMgr; C:\WINDOWS\system32\drivers\fltmgr.sys [2008-04-13 129792]
R0 Ftdisk;Ovladač správce svazků; C:\WINDOWS\system32\DRIVERS\ftdisk.sys [2004-08-18 125184]
R0 isapnp;Řadič Plug and Play sběrnice ISA/EISA; C:\WINDOWS\system32\DRIVERS\isapnp.sys [2008-04-14 37248]
R0 KSecDD;KSecDD; C:\WINDOWS\system32\drivers\KSecDD.sys [2009-06-24 92928]
R0 MountMgr;Správce připojovacích bodů; C:\WINDOWS\system32\drivers\MountMgr.sys [2008-04-13 42368]
R0 Mup;Služba Multiple UNC Provider; C:\WINDOWS\system32\drivers\Mup.sys [2011-04-21 105472]
R0 NDIS;Systémový ovladač NDIS; C:\WINDOWS\system32\drivers\NDIS.sys [2008-04-13 182656]
R0 PartMgr;Správce oddílů; C:\WINDOWS\system32\drivers\PartMgr.sys [2008-04-13 19712]
R0 PCI;Řadič sběrnice PCI; C:\WINDOWS\system32\DRIVERS\pci.sys [2008-04-14 68736]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]
R0 VolSnap;VolSnap; C:\WINDOWS\system32\drivers\VolSnap.sys [2008-04-14 52480]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 MUsbFltr;WayTechMUSBFilterDriver; C:\WINDOWS\system32\drivers\MUsbFltr.sys [2004-12-15 8704]
R1 RDPCDD;RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [2004-08-18 4224]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 TermDD;Ovladač terminálového zařízení; C:\WINDOWS\system32\DRIVERS\termdd.sys [2008-04-14 40840]
R1 tidnet;TID NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\tidnet.sys [2009-09-22 19200]
R1 UsbFltr;WayTechMUSBFilterDriver; C:\WINDOWS\system32\drivers\UsbFltr.sys [2005-02-21 8960]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2003-10-10 19712]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2004-08-11 10579]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-06-16 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-06-16 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-06-16 74752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-24 218496]
R3 HTTP;Služba HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [2009-10-20 265728]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2010-10-08 25856]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2011-01-30 73216]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2010-12-24 193792]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MRxDAV;Přesměrovač klienta WebDav; C:\WINDOWS\system32\DRIVERS\mrxdav.sys [2008-04-13 180608]
R3 mssmbios;Ovladač Microsoft System Management BIOS; C:\WINDOWS\system32\DRIVERS\mssmbios.sys [2008-04-13 15488]
R3 PSched;Plánovač paketů technologie QoS; C:\WINDOWS\system32\DRIVERS\psched.sys [2008-04-13 69120]
R3 RasPppoe;Remote Access PPPOE Driver; C:\WINDOWS\system32\DRIVERS\raspppoe.sys [2008-04-13 41472]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2004-08-11 81416]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S1 i2omgmt;i2omgmt; C:\WINDOWS\system32\drivers\i2omgmt.sys []
S1 Imapi;CD-Burning Filter Driver; C:\WINDOWS\system32\DRIVERS\imapi.sys [2008-04-13 42112]
S1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys []
S2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys []
S3 adusbnet;Anydata USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\adusbnet.sys []
S3 adusbser;Anydata USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys []
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 aec;Microsoft Kernel Acoustic Echo Canceller; C:\WINDOWS\system32\drivers\aec.sys [2008-04-13 142592]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2011-12-08 30312]
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-04-05 546112]
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-10-31 45312]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2004-08-25 10804]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\max\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2011-12-08 80184]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\WINDOWS\system32\drivers\drmkaud.sys [2008-04-13 2944]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2010-12-24 235392]
S3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
S3 hwusbfake;Huawei DataCard USB Fake; C:\WINDOWS\system32\DRIVERS\ewusbfake.sys []
S3 Ip6Fw;Ovladač IPv6 brány firewall systému Windows; C:\WINDOWS\system32\drivers\ip6fw.sys [2008-04-13 36608]
S3 IpwP;IPWireless 3G Network Adapter; C:\WINDOWS\system32\DRIVERS\ipw3gnet.sys [2007-06-12 51040]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [2009-01-17 7680]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-06-28 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-06-28 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-06-28 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-06-28 12288]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS []
S3 PDCOMP;PDCOMP; C:\WINDOWS\system32\drivers\PDCOMP.sys []
S3 PDFRAME;PDFRAME; C:\WINDOWS\system32\drivers\PDFRAME.sys []
S3 PDRELI;PDRELI; C:\WINDOWS\system32\drivers\PDRELI.sys []
S3 PDRFRAME;PDRFRAME; C:\WINDOWS\system32\drivers\PDRFRAME.sys []
S3 RDPWD;RDPWD; C:\WINDOWS\system32\drivers\RDPWD.sys [2012-07-04 139784]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 rkhdrv40;Rootkit Unhooker Driver; C:\WINDOWS\system32\drivers\rkhdrv40.sys []
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 Secdrv;Secdrv; C:\WINDOWS\system32\DRIVERS\secdrv.sys [2007-11-13 20480]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 splitter;Microsoft Kernel Audio Splitter; C:\WINDOWS\system32\drivers\splitter.sys [2008-04-13 6272]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-12-08 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2011-12-08 181432]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudobex.sys [2011-12-08 181432]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TDPIPE;TDPIPE; C:\WINDOWS\system32\drivers\TDPIPE.sys [2008-04-14 12040]
S3 TDTCP;TDTCP; C:\WINDOWS\system32\drivers\TDTCP.sys [2008-04-14 21896]
S3 ubi_bus;Ubiquam CDMA2000 Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ubi_bus.sys [2008-06-27 22656]
S3 ubi_flt;Ubiquam CDMA2000 Filter; C:\WINDOWS\system32\DRIVERS\ubi_flt.sys [2008-06-09 3712]
S3 ubi_mdm;Ubiquam CDMA2000 Drivers; C:\WINDOWS\system32\DRIVERS\ubi_mdm.sys [2008-06-27 41984]
S3 ubi_prt;%Ubiquam.Port.ServiceDesc%; C:\WINDOWS\system32\DRIVERS\ubi_prt.sys [2008-08-13 40192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-08-11 60756]
S3 WDICA;WDICA; C:\WINDOWS\system32\drivers\WDICA.sys []
S3 WinUSB;SAMSUNG Android USB Driver; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2009-01-17 104960]
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2009-01-17 105344]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2009-01-17 104960]
S4 AliIde;AliIde; C:\WINDOWS\system32\drivers\AliIde.sys []
S4 cbidf2k;cbidf2k; C:\WINDOWS\system32\drivers\cbidf2k.sys [2004-08-18 13952]
S4 CmdIde;CmdIde; C:\WINDOWS\system32\drivers\CmdIde.sys []
S4 dac2w2k;dac2w2k; C:\WINDOWS\system32\drivers\dac2w2k.sys []
S4 dmio;dmio; C:\WINDOWS\System32\drivers\dmio.sys [2008-04-14 153856]
S4 dmload;dmload; C:\WINDOWS\System32\drivers\dmload.sys [2004-08-18 5888]
S4 dpti2o;dpti2o; C:\WINDOWS\system32\drivers\dpti2o.sys []
S4 hpn;hpn; C:\WINDOWS\system32\drivers\hpn.sys []
S4 i2omp;i2omp; C:\WINDOWS\system32\drivers\i2omp.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 perc2;perc2; C:\WINDOWS\system32\drivers\perc2.sys []
S4 perc2hib;perc2hib; C:\WINDOWS\system32\drivers\perc2hib.sys []
S4 ql12160;ql12160; C:\WINDOWS\system32\drivers\ql12160.sys []
S4 ql1280;ql1280; C:\WINDOWS\system32\drivers\ql1280.sys []
S4 sym_u3;sym_u3; C:\WINDOWS\system32\drivers\sym_u3.sys []
S4 TosIde;TosIde; C:\WINDOWS\system32\drivers\TosIde.sys []
S4 ultra;ultra; C:\WINDOWS\system32\drivers\ultra.sys []
S4 ViaIde;ViaIde; C:\WINDOWS\system32\drivers\ViaIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
R2 AudioSrv;Zvuk systému Windows; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 CryptSvc;CryptSvc; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 DcomLaunch;Spouštěč procesů serveru DCOM; C:\WINDOWS\system32\svchost -k DcomLaunch []
R2 ERSvc;Error Reporting Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 helpsvc;Nápověda a odborná pomoc; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 HidServ;HID Input Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-11-05 161768]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files\Mouse Driver\KMWDSrv.exe [2007-09-07 204800]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 ShellHWDetection;Rozpoznávání hardwaru; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 srservice;Služba obnovení systému; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 stisvc;Načítání obrázků (WIA); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Themes;Motivy; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WebClient;Webový klient; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2005-11-11 18944]
R2 wscsvc;Centrum zabezpečení; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ALG;Služba brány aplikačního rozhraní; C:\WINDOWS\System32\alg.exe [2008-04-14 44544]
R3 FastUserSwitchingCompatibility;Kompatibilita pro rychlé přepínání uživatelů; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 Nla;Sledování umístění v síti (NLA); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 SSDPSRV;Služba rozpoznávání pomocí protokolu SSDP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 TermService;Terminálová služba; C:\WINDOWS\System32\svchost -k DComLaunch []
R3 WmiApSrv;Adaptér výkonu služby WMI; C:\WINDOWS\system32\wbem\wmiapsrv.exe [2008-04-14 126464]
S2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE []
S2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 vvdsvc;VJVodClientServices; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-19 250808]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 COMSysApp;Systémové aplikace modelu COM+; C:\WINDOWS\system32\dllhost.exe [2008-04-14 5120]
S3 Dot3svc;Automatická konfigurace pevné sítě; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 EapHost;Služba EAP (Extensible Authentication Protocol); C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-06 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 hkmsvc;Služba Správa klíčů a certifikátů stavu; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 HTTPFilter;Služba HTTP SSL; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ImapiService;Služba modelu COM pro zápis na disk CD (IMAPI); C:\WINDOWS\system32\imapi.exe [2008-04-14 150528]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 napagent;Agent architektury NAP (Network Access Protection); C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 RDSessMgr;Správce relací nápovědy ke vzdálené ploše; C:\WINDOWS\system32\sessmgr.exe [2008-04-14 141824]
S3 SonicStage Back-End Service;SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe [2007-02-05 112184]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SSScsiSV;SonicStage SCSI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [2007-02-05 75320]
S3 SwPrv;MS Software Shadow Copy Provider; C:\WINDOWS\system32\dllhost.exe [2008-04-14 5120]
S3 upnphost;Hostitel zařízení UPnP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 VSS;Stínová kopie svazku; C:\WINDOWS\System32\vssvc.exe [2008-04-14 290816]
S3 WmdmPmSN;Služba sériového čísla přenosného zařízení; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 xmlprov;Služba pro síťová ustanovení; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#22 Příspěvek od **vyosek** » 22 lis 2012 23:26

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

poverrr · #23 Příspěvek od **poverrr** » 23 lis 2012 14:40

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/23/2012 02:38:53 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\System32\WLTRYSVC.EXE (PID: 1208) [WD-HEUR]
* C:\WINDOWS\System32\bcmwltry.exe (PID: 1220) [WD-HEUR]
* C:\DOCUME~1\max\LOCALS~1\Temp\RtkBtMnt.exe (PID: 3604) [SUP-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

ÿþ1 2 7 . 0 . 0 . 1 l o c a l h o s t

: : 1 l o c a l h o s t

Program finished at: 11/23/2012 02:40:08 PM
Execution time: 0 hours(s), 1 minute(s), and 14 seconds(s)

poverrr · #24 Příspěvek od **poverrr** » 23 lis 2012 15:24

ComboFix 12-11-22.03 - max 23.11.2012 14:53:18.20.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2038.1445 [GMT 1:00]
Spuštěný z: c:\documents and settings\max\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Eset NOD32 Antivirus 2.70 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall Pro *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0405.exe
c:\windows\system32\Nagasoft
c:\windows\system32\Nagasoft\Codecs\asyncflt.ax
c:\windows\system32\Nagasoft\Codecs\atrc.dll
c:\windows\system32\Nagasoft\Codecs\cook.dll
c:\windows\system32\Nagasoft\Codecs\drvc.dll
c:\windows\system32\Nagasoft\Codecs\raac.dll
c:\windows\system32\Nagasoft\Codecs\RealMediaSplitter.ax
c:\windows\system32\Nagasoft\Codecs\WMFDemux.dll
c:\windows\system32\Nagasoft\GifShower.dll
c:\windows\system32\Nagasoft\vjocx.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_vvdsvc
-------\Legacy_vvdsvc
-------\Service_vvdsvc
-------\Service_vvdsvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-23 do 2012-11-23 )))))))))))))))))))))))))))))))
.
.
2012-11-22 08:54 . 2012-11-22 08:54 -------- d-----w- C:\_OTL
2012-11-21 14:35 . 2012-11-21 14:35 -------- d-----w- c:\documents and settings\max\Data aplikací\Malwarebytes
2012-11-21 14:34 . 2012-11-21 14:34 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-11-21 14:34 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-21 14:34 . 2012-11-21 14:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-21 10:25 . 2012-11-21 10:25 512 ----a-w- C:\PhysicalMBR.bin
2012-11-20 17:50 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-11-20 17:50 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-11-20 17:50 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-11-20 17:50 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-11-20 17:50 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-11-20 17:50 . 2012-10-30 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-11-20 17:50 . 2012-10-30 22:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-11-20 17:50 . 2012-10-30 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-11-20 17:49 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2012-11-20 17:49 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-11-20 17:48 . 2012-11-20 17:48 -------- d-----w- c:\program files\AVAST Software
2012-11-20 17:48 . 2012-11-20 17:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2012-11-20 13:41 . 2012-11-20 13:41 -------- d-----w- C:\rsit
2012-11-06 21:27 . 2012-11-06 21:27 -------- d-----w- c:\documents and settings\max\Local Settings\Data aplikací\Sun
2012-11-05 20:39 . 2012-11-05 20:39 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-19 12:04 . 2012-10-23 19:09 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-19 12:04 . 2012-10-23 19:09 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-05 20:38 . 2007-10-08 20:46 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-11-05 20:38 . 2012-07-07 14:57 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-11-05 20:38 . 2010-06-08 13:08 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-22 19:57 . 2004-08-18 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-02 18:04 . 2004-08-18 12:00 58368 ----a-w- c:\windows\system32\synceng.dll
2012-08-28 15:18 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:18 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:18 . 2004-08-18 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2007-03-06 212992]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16270848]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\max\Nabídka Start\Programy\Po spuštění\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-5-14 384512]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [20.11.2012 18:50 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20.11.2012 18:50 361032]
R1 MUsbFltr;WayTechMUSBFilterDriver;c:\windows\system32\drivers\MUsbFltr.sys [13.10.2007 23:19 8704]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [26.5.2009 9:05 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [19.8.2008 22:34 55024]
R1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\drivers\tidnet.sys [22.9.2009 18:33 19200]
R1 UsbFltr;WayTechMUSBFilterDriver;c:\windows\system32\drivers\UsbFltr.sys [13.10.2007 23:19 8960]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20.11.2012 18:50 21256]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [7.9.2008 13:10 204800]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [21.11.2012 15:34 676936]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\drivers\ewdcsc.sys [29.2.2012 17:17 25856]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [29.2.2012 17:17 73216]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [21.11.2012 15:34 22856]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys --> c:\windows\system32\drivers\nod32drv.sys [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 12:28 160944]
S3 adusbnet;Anydata USB-NDIS miniport;c:\windows\system32\DRIVERS\adusbnet.sys --> c:\windows\system32\DRIVERS\adusbnet.sys [?]
S3 adusbser;Anydata USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys --> c:\windows\system32\DRIVERS\adusbser.sys [?]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [4.2.2012 17:50 30312]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [4.2.2012 17:56 80184]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [29.2.2012 17:17 102784]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [29.2.2012 17:17 235392]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys --> c:\windows\system32\DRIVERS\ewusbfake.sys [?]
S3 IpwP;IPWireless 3G Network Adapter;c:\windows\system32\drivers\ipw3gnet.sys [31.12.2007 20:26 51040]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [4.11.2010 1:13 7680]
S3 rkhdrv40;Rootkit Unhooker Driver; [x]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [19.8.2008 22:34 7408]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [4.2.2012 17:50 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [4.2.2012 17:50 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [4.2.2012 17:50 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [4.2.2012 17:50 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [4.2.2012 17:56 181432]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\drivers\ssudobex.sys [4.2.2012 17:56 181432]
S3 ubi_bus;Ubiquam CDMA2000 Composite Device driver (WDM);c:\windows\system32\drivers\ubi_bus.sys [14.7.2010 15:48 22656]
S3 ubi_flt;Ubiquam CDMA2000 Filter;c:\windows\system32\drivers\ubi_flt.sys [14.7.2010 15:56 3712]
S3 ubi_mdm;Ubiquam CDMA2000 Drivers;c:\windows\system32\drivers\ubi_mdm.sys [14.7.2010 15:56 41984]
S3 ubi_prt;%Ubiquam.Port.ServiceDesc%;c:\windows\system32\drivers\ubi_prt.sys [14.7.2010 15:56 40192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
vvdsvc REG_MULTI_SZ vvdsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-23 12:04]
.
2012-11-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2012-11-23 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-11-20 22:50]
.
2012-11-18 c:\windows\Tasks\Driver Fetch.job
- c:\program files\Driver Fetch\2.3.0.5\DriverFetch.exe [2010-03-29 08:51]
.
2012-11-23 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-861567501-1801674531-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 12:27]
.
2012-11-18 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-861567501-1801674531-839522115-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 12:27]
.
2012-11-22 c:\windows\Tasks\User_Feed_Synchronization-{1A8E0A58-0E0F-44CE-B9CC-BC465E3B5C97}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
LSP: c:\windows\system32\imon.dll
TCP: Interfaces\{B0C354D4-A8AB-4561-9D26-7CBE9F811CAA}: NameServer = 160.218.161.60 194.228.211.33
FF - ProfilePath - c:\documents and settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: !HIDDEN! 2009-08-23 01:05; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-Chronograph - c:\program files\Chronograph\chrono.exe
HKLM-Run-UpdateReminder - c:\program files\Eset\UpdateReminder.exe
AddRemove-Convert Image To PDF_is1 - c:\program files\Softinterface
AddRemove-Labtec USB NumPad for Notebook - c:\windows\ISUN0405.EXE
AddRemove-NOD32 - c:\program files\Eset\Setup\setup.exe
AddRemove-Sada bezdrátového príslušenství Labtec pro prenosný pocítac - c:\windows\ISUN0405.EXE
AddRemove-Wireless Keyboard - c:\windows\IsUn0405.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-23 15:12
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-861567501-1801674531-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\Tiskové agentury\R*\Aktuality]
"Order"=hex:08,00,00,00,02,00,00,00,ea,03,00,00,01,00,00,00,0b,00,00,00,5a,00,
00,00,01,00,00,00,4c,00,32,00,fa,00,00,00,3d,34,16,6e,20,00,41,4b,54,55,4c,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(556)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\System32\BCMLogon.dll
.
- - - - - - - > 'lsass.exe'(612)
c:\windows\system32\imon.dll
.
- - - - - - - > 'explorer.exe'(2316)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Mouse Driver\KMConfig.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\msiexec.exe
c:\program files\Mouse Driver\KMProcess.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\docume~1\max\LOCALS~1\Temp\RtkBtMnt.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Celkový čas: 2012-11-23 15:21:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-23 14:20
.
Před spuštěním: Volných bajtů: 42 263 355 392
Po spuštění: Volných bajtů: 42 497 744 896
.
- - End Of File - - BCB832417091F0F5FF2EA2E2B0588642

#25 Příspěvek od **vyosek** » 23 lis 2012 20:47

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

SecCenter::
AV: Eset NOD32 Antivirus 2.70 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
{E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

Driver::
nod32drv

Folder::
C:\Program Files\Eset
C:\Program Files\Spybot - Search & Destroy
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy

File::
c:\windows\system32\drivers\nod32drv.sys
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\AppleSoftwareUpdate.job
c:\windows\Tasks\avast! Emergency Update.job
c:\windows\Tasks\Driver Fetch.job
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-861567501-1801674531-839522115-1004.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-861567501-1801674531-839522115-1004.job
c:\windows\Tasks\User_Feed_Synchronization-{1A8E0A58-0E0F-44CE-B9CC-BC465E3B5C97}.job

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
"Adobe ARM"=-
"ISUSPM Startup"=-
"SunJavaUpdateSched"=-
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
"vvdsvc"=-

NetSvc::
vvdsvc

Firefox::
FF - ProfilePath - c:\documents and settings\max\Data aplikací\Mozilla\Firefox\Profiles\5saxbf63.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q=
FF - prefs.js: network.proxy.type - 4

RegLock::
[HKEY_USERS\S-1-5-21-861567501-1801674531-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\Tiskové agentury\R*\Aktuality]

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

poverrr · #26 Příspěvek od **poverrr** » 24 lis 2012 21:58

nemohu nikde najit NOD ( ani pres start hledat )abych jej vypnul, myslel jsem ze jsou vsechny casti jiz odinstalovanx

#27 Příspěvek od **vyosek** » 24 lis 2012 22:13

Ano, on je tam jen pozustatek, skript jej resi (domaze)...

Hlasku CF odkliknete

poverrr · #28 Příspěvek od **poverrr** » 25 lis 2012 12:48

1. přetáhnu vytvořený CFScript.txt na Combofix

2. proběhne scan

3. počítač se zrestartuje

4. naběhne jen plocha bez ikonek a modrý ráměček od Combofixu s textem "prosím čekejte" ...cekam 5,10,15 hodinu dvě a nic se nedeje. Následne se pokusím ntb zrestartovat, restart nejde kvuli nejake blokaci. Potom vypnu ntb natvrdo po nabehnutí windows na ploše žadny log nenajdu

#29 Příspěvek od **vyosek** » 25 lis 2012 18:32

Dle kolegy aplikujte SecurityCheck

stell píše:Stiahni SecurityCheck
Ulož ho na plochu.
Dvakrát kliknite SecurityCheck.exe a postupujte podľa pokynov na obrazovke .
po skonceni skenu Notepad sa automaticky otvorí s názvom checkup.txt,obsah vloz sem.

poverrr · #30 Příspěvek od **poverrr** » 25 lis 2012 23:26

Results of screen317's Security Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
avast! Free Antivirus
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
SUPERAntiSpyware Free Edition
Malwarebytes Anti-Malware verze 1.65.1.1000
HijackThis 2.0.2
CCleaner
Java(TM) 6 Update 12
Java(TM) 6 Update 37
Java 7 Update 9
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Adobe Flash Player 11.4.402.287
Adobe Reader 9 Adobe Reader out of Date!
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox (3.6.28) Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C::
````````````````````End of Log``````````````````````

VIRY.CZ

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu