viry rozsirene pres flesku

[Karel ZYKMUND]

Ahoj, jsem rad, ze jsi tady

Bydlim v Hodoníně a obcas jezdim i na Hornacko. Kde bydlis ty? treba zajdem nekdy na pivko. Mozna najdeme oblast, kde bych ti mohl byt napomocny zase ja a treba bych pro tebe mel kseft co se PC tyce u nas ve firme

nevim, co je serilas ale asi to nebude neco s virem

posilam log:


DDS (Ver_09-11-24.02) - NTFSx86
Run by User at 13:50:21,31 on út 24.11.2009
Internet Explorer: 8.0.6001.18702
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2047.1302 [GMT 1:00]

AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\StkCSrv.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\WINDOWS\ASScrPro.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\User\Plocha\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://google.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Settings,ProxyOverride = <local>;
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: WebTransBHO Class: {2db66063-bb98-466a-aa0d-3e7acf5ed853} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Pomocník pro přihlášení ke službě Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: WebTranslator: {bfc32e1d-ee75-4a48-bc60-104e11ee2431} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
uRun: [AdobeUpdater] "c:\program files\common files\adobe\updater5\AdobeUpdater.exe"
mRun: [ATKHOTKEY] "c:\program files\atk hotkey\Hcontrol.exe"
mRun: [ATKOSD2] "c:\program files\atkosd2\ATKOSD2.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SkyTel] SkyTel.EXE
mRun: [SMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ATKMEDIA] c:\program files\asus\atk media\DMEDIA.EXE
mRun: [Power_Gear] c:\program files\asus\power4 gear\BatteryLife.exe 1
mRun: [ACMON] "c:\program files\asus\splendid\ACMON.exe"
mRun: [ASUS Camera ScreenSaver] c:\windows\ASScrProlog.exe
mRun: [ASUS Screen Saver Protector] c:\windows\ASScrPro.exe
mRun: [Wireless Console 2] "c:\program files\wireless console 2\wcourier.exe"
mRun: [OODefragTray] c:\windows\system32\oodtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uExplorerRun: [My Girl] c:\program-files\Services.exe
StartupFolder: c:\docume~1\alluse~1\nabdka~1\programy\posput~1\google~1.lnk - c:\program files\google\google calendar sync\GoogleCalendarSync.exe
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Přizpůsobit Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: RF Nástrojová lišta - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Uložit formuláře - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Vyplnit formulář - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {BFC32E1D-EE75-4A48-BC60-104E11EE2431}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdat ... 3778317703
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

============= SERVICES / DRIVERS ===============

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-5-14 107256]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\common files\abbyy\finereader\9.00\licensing\pe\NetworkLicenseServer.exe [2007-12-6 660768]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-5-14 731840]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-3-28 55152]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\system32\StkCSrv.exe [2008-2-28 24576]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2009-8-27 92008]
R3 ASNDIS5;ASNDIS5 Protocol Driver;c:\progra~1\atkhot~1\ASNDIS5.SYS [2008-2-28 16269]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\drivers\StkCMini.sys [2008-2-28 1260672]
S2 gupdate1c993b08a607838;Služba Google Update (gupdate1c993b08a607838);c:\program files\google\update\GoogleUpdate.exe [2009-2-21 133104]
S3 Asushwio;Asushwio;c:\windows\system32\drivers\Asushwio.sys [2008-2-28 5824]
S3 fsssvc;Windows Live Zabezpečení rodiny;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]

=============== Created Last 30 ================

2009-11-12 20:32:02 0 d-----w- c:\docume~1\user\dataap~1\TeamViewer
2009-11-12 20:31:53 0 d-----w- c:\program files\TeamViewer
2009-11-12 20:30:41 0 d-----w- c:\documents and settings\user\temp
2009-11-11 23:23:04 3417 ----a-w- c:\windows\system32\wbem\Outlook_01ca6325eaf6e30e.mof

==================== Find3M ====================

2009-11-11 23:23:04 441160 ----a-w- c:\windows\system32\perfh005.dat
2009-11-11 23:23:03 84378 ----a-w- c:\windows\system32\perfc005.dat
2009-09-11 14:19:35 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:05:18 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:58:59 916480 ----a-w- c:\windows\system32\wininet.dll
2008-06-18 11:56:55 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008061820080619\index(1).dat
2008-06-18 06:42:51 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008061820080619\index.dat

============= FINISH: 13:50:57,92 ===============

[Karel ZYKMUND]

ComboFix 09-11-23.04 - User 24.11.2009 14:32.7.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2047.1451 [GMT 1:00]
Spuštěný z: c:\documents and settings\User\Plocha\abraka.com
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-10-24 do 2009-11-24 )))))))))))))))))))))))))))))))
.

2009-11-24 13:28 . 2009-11-24 13:28 390144 ----a-w- c:\windows\system32\CF28268.exe
2009-11-12 20:31 . 2009-11-18 13:25 -------- d-----w- c:\program files\TeamViewer
2009-11-12 20:30 . 2009-11-12 20:30 -------- d-----w- c:\documents and settings\User\temp

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-13 14:26 . 2008-06-19 09:19 -------- d-----w- c:\program files\totalcmd
2009-11-12 21:19 . 2008-03-04 21:47 -------- d-----w- c:\program files\Google
2009-11-11 23:23 . 2007-10-29 12:00 441160 ----a-w- c:\windows\system32\perfh005.dat
2009-11-11 23:23 . 2007-10-29 12:00 84378 ----a-w- c:\windows\system32\perfc005.dat
2009-10-20 05:30 . 2009-10-20 05:30 -------- d-----w- c:\program files\TomTom International B.V
2009-10-20 05:29 . 2009-10-20 05:29 -------- d-----w- c:\program files\TomTom HOME 2
2009-10-20 05:26 . 2009-10-20 05:26 -------- d-----w- c:\program files\TomTom DesktopSuite
2009-10-09 11:33 . 2009-10-09 11:33 -------- d-----w- c:\program files\Trend Micro
2009-10-06 12:01 . 2009-10-05 19:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-11 14:19 . 2007-10-29 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-10 12:54 . 2009-10-05 19:26 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 12:53 . 2009-10-05 19:26 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-04 21:05 . 2007-10-29 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-29 07:58 . 2007-10-29 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2008-06-18 11:56 . 2008-06-18 11:57 32768 --sha-w- c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008061820080619\index(1).dat
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2006-10-01 139322]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-27 247144]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-11-09 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe 1" [X]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-06-29 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-07-10 851968]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-02-28 37232]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2008-02-28 33136]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2007-05-11 2512392]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-11-14 16270848]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Karel Zikmund\Nabˇdka Start\Programy\Po spuçtŘnˇ\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2008-10-2 546288]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Acer\\ProjectorGateway\\AcerProjectorGateway.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 14:47 107256]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 21:03 660768]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 14:47 731840]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [28.3.2009 22:18 55152]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\system32\StkCSrv.exe [28.2.2008 15:32 24576]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [27.8.2009 16:05 92008]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\drivers\StkCMini.sys [28.2.2008 15:32 1260672]
S2 gupdate1c993b08a607838;Služba Google Update (gupdate1c993b08a607838);c:\program files\Google\Update\GoogleUpdate.exe [21.2.2009 00:11 133104]
S3 Asushwio;Asushwio;c:\windows\system32\drivers\Asushwio.sys [28.2.2008 15:14 5824]
S3 fsssvc;Windows Live Zabezpečení rodiny;c:\program files\Windows Live\Family Safety\fsssvc.exe [6.2.2009 18:08 533360]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Obsah adresáře 'Naplánované úlohy'

2009-11-13 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-05-20 17:17]

2009-11-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 15:57]

2009-11-24 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-20 14:46]

2009-11-24 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-20 23:11]

2009-11-24 c:\windows\Tasks\User_Feed_Synchronization-{3607E8A8-277C-41D2-98FA-C4010CC5ACF3}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Settings,ProxyOverride = <local>;
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Přizpůsobit Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RF Nástrojová lišta - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Uložit formuláře - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Vyplnit formulář - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Explorer_Run-My Girl - c:\program-files\Services.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-24 14:38
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="C47115C00F37A67294E1E069447DBC9E43325C25AF6A5C4787445EF3424E9A1A886DF96F30077557D4AC4EDAC3FE4FE59177AB41FEFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B98088EDD5E5BE2F6E6675D575E7D6A3B98081CA1B2CDA8F31CF2891D97137C955418B1CF3ACCFA6DD8E457764F181E9B1A85704101BA33569B02AD4A8CE1A6890F668562DD2C5C468634DB26CF069A042E2632646DD989321C4B6C5AC907B317B16220BCE6B52A028796F78DA96B2AC96C7D2C44667A581EF270794BF0C20B2B12ACBDC0C5B7A583D14C1595BF4004E48C078FF2E0E3F0CAB7497072A6C4B549C8188329706EB0C120447C7DF67082628970EFCFD3CD4877C662CCF613346107B3AE7502E18E52C9EFA5DF55BB5D2863229BC6933A66F6F8BFFAF1D3E32BE08EF22D002B95BE353804C9CF04FBDA9799591F6F48144C3AB98885A2DA48B7A91FEC026F5B8F1AA942E2BCC4C32A2E98CF78472CCDE51772B6462B0BADF5DAD50A4AD3F71AD32E20AED3C29A20BC96176107111FD5374F2581674637C5A40B2335F7F9AF44EB80B058E8CE91FD2FC223BDD72F51669271FB3E1CE598ED12B3F29BA782900B660796AFF18CCA1100D6F0E9FB88305B886EC12857CE84C6FD314C4CCD2C7972552BB13686D6CE63B06A57FE4AB70BE32D2B688A5278B442ADD6D76824EBABD4CC4E0205FEC18A53C90A5428DE8A1782178185C7098D46AA6AE8E4A6A66ACEDCE743B146F912CB1255B6852619056B8DE1BDD055BAEEBA1A7F24E3D19805EC0DC24F88B9DB40C4A5DFE230CC1BDB86AF2E21A8BAEBAE77803EB36BC6FC4BF339012F78B148FA8F68FEF63C844D7A47E81FE00D186615C521FA3B36789E03B70B46919297A9A3260748CE34CA5900728A5C26A11C331D54168E50A06D0A226CFDBD980E642FCFE704D53BC9AD303EAFBB910DB18DA4F632C8557CADC010D7ADE315DB45A8CAC818B3C6004F53033B0DF66E272945CE065779B03E031E4604FAE1FC663887B18BDDC23E543E734A32798CA6F998318A619A3D8588694B85B9B46FAA3889375E4A47AC61E4B1D941914A1D71FD35D0F155BB7A3BC0D09B6B43A259D9437F05116A40C4DCD168E666FBB8210B21D7BBE5E059EDBE404AFA581DEE42C5ED064E48069D2F5D30488F7D485EE233C37D990B37FBA502D50B677275A69CB214AB874D6A96E61785D85C8C7FBD812D3AC6A7C9418B8777C2EDF2A2B33EB26405A2B7A897C63840504567DFE2BA6FC0CD79384D97554B9A3EEF4315EE8B212483C1F9A8C5AE47137E5D6406629E7239BCFCAF070E0AF9E57133133CF4485841C505FCDFDBAF87CDF49594D2A5932667B65F88A9A4C076D97A7E314C44139D0DF88B05A479924435"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1072)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2896)
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2009-11-24 14:40
ComboFix-quarantined-files.txt 2009-11-24 13:40

Před spuštěním: 872.550.400
Po spuštění: 1.328.693.248

- - End Of File - - C654F5C9177658E1DDF4C3206442206B

[Karel ZYKMUND]

zde je vysledek testu:

http://www.virustotal.com/cs/analisis/6 ... 1259076997

zvuk jsem v Outlooku odskrtnutim uplne vyhodil. Zkusim tak postupovat i u jinych programu, kde se tento zvuk nachazi jako je synchronizace aj.

ted uz nam snad zbyvaji jen ty skryte soubory

muj mail je karel.zykmund (zavinac) c-box.cz, to kdybychom si chteli dat na sebe i kontakt

//e-mail edited by riff

[Karel ZYKMUND]

Ahoj , stahl jsem a nainstaloval jsem to. Jen to nemohu spustit protoze se me to pta pri pokusu o spusteni na licenci.

prosim o pomoc s postupem

[Karel ZYKMUND]

Ahoj, v priloze posilam jednotliva okna jak se mi otviraji za sebou. at klikam kam klikam tak to vede k ukonceni programu. Mozna jsem ho nekdy moc davno mel nainstalovany, neco malo mi to rika.

Popis.zip

(36.06 KiB) Staženo 101 x

[Karel ZYKMUND]

mame jeste nejake jine moznosti? treba odstranit jeho zbytky abychom ho mohli nainstalovat znovu? popripade odkryt skryte soubory necim jinym?

[Karel ZYKMUND]

Ahoj, tak jsem to asi nejak skopal pri instalaci protoze jsem to zkusil znova a uz mi to funguje.

Takze, mam to otevrene ale problem je ze v te nove verzi v levem menu v zalozce optimizer uplne chybi nabidka System Repair a tuto nabidku se mi nedari nikde jinde najit. Mam pouzit neco jineho z nabidky a nebo se mam pokusit nekde sehnat a nainstalovat starsi verzi?

[Karel ZYKMUND]

takze jsem udelal vse dle tveho navodu a nakonci restartoval. Problem vsak nadale pretrvava a skryte slozky nelze rozkryt

[Karel ZYKMUND]

Ahoj, protoze nevim o jine flesce, ktera by mela po nakazeni trojskym konem stejny problem se skrytymi soubory tak jsem zkusil alespon nasledujici:

moji flesku jsem vyzkousel v jinem PC u asistentky a chova se uplne stejne, nemohu odskrtnout volbu skryt slozku v jeji vlastnostech. Takze se takto projevuji jen a pouze ty slozky, ktere byly nakazene virem a to je jejich chovani na kteremkoliv PC. Po poslednim pouziti ComboFixu jak jsme odstranili ten zjisteny smejd tak uz mohu nastavit v moznostech slozky zobrazit skryte soubory. To znamena, ze mohu uz skryte soubory na flesce zobrazovat primo a uz nemusim pouzivat total commander. Tim jsem vypozoroval nasledujici jev:

pokud dam volbu zobrazit skryte soubory a soucasne i zobrazit chranene soubory operacniho systemu tak se mi skryte soubory na flesce zobrazi. Ale pokud dam jen jedno z toho, tak se nic nezobrazi.

z toho mi vyplyva, ze skryte slozky na flesce maji asi priznak jak skrytych souboru tak i chranenych souboru operacniho systemu. Takze si myslim, ze kdyz se nam podari vyresit to, aby se skryte soubory na flesce nechovaly jako chranene systemove soubory, tak by u nich snad uz nebylo neaktivni zaskrtavaci pole skrytych souboru a tim by mohl byt problem vyresen.

Zkusme tedy nejak upravit nastaveni slozek na flesce aby se nechovaly jako chranene systemove soubory.

[Karel ZYKMUND]

pise, ze Nelze zmýnit atribut - F:/utorun.inf/lpt3.This folder was created by Flash_Disi

pokud jsem vytvoril novou slozku a dal do ni veskery obsak te skryte slozky na flesce a pojmenoval jsem ji uplne identicky a nakopiroval ji na flesku a dale povolil prepsat puvodni slozku tak to problem nevyresilo. Pokud jsem udelal to same ale misto prepsat puvodni slozku jsem tu puvodni nejprve vymazal a pak tam nakopiroval novou upravenou slozku, tak byl problem vyresen. Dokonce se diktafon chova naprosto normalne a uklada nahravky na flesku presne do tech slozek jak ma. Takze bych tak mohl rucne opravit vsechny slozky ktere mi Trojan preformatoval.

[Karel ZYKMUND]

Ahoj, vidim, ze mas novy obrazek ve tvem profilu. Dlouho jsem tu nebyl, ten had je moc pekny

mam tuto prosbu: od vcerejska mi outlook vyhazuje neustale okno, ktere si zada potvrzeni do site. jakmile na okno kliknu (je jedno zda storno nebo OK, nebo ho zavru krizkem) tak se hned zobrazi znovu. to okno tak obtezuje, ze se neda pracovat v outlooku a kdyz outlook vypnu, tak se okno zobrazuje dal i po zavreni outlooku. Mam podezreni, ze se muze jednat o vyr uz jen proto, ze se vyznamne zpomalila prace na netu.

Snazil jsem se udelat log z RISTu, ale pri pokusu o spusteni tohoto souboru se zobrazi chybova hlaska RIST.exe neni platna aplikace typu Win32.

tady posilam aspon log z Hijack This, prosim o kontrolu:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:30, on 8.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\WINDOWS\ASScrPro.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\StkCSrv.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\ASScrPro.exe
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Přizpůsobit Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RF Nástrojová lišta - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Uložit formuláře - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Vyplnit formulář - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Vyplnit formulář - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Uložit - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Uložit formuláře - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RF Nástrojová lišta - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3778317703
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate1c993b08a607838) (gupdate1c993b08a607838) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\WINDOWS\System32\StkCSrv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 14603 bytes

[Karel ZYKMUND]

Take te zdravim v tom roce 2010 a preji mnoho pracovnich i osobnich uspechu

problem s vyskakovanim okna jsme jiz vyresili, z nejakeho duvodu bylo prepsano heslo v nastaveni emailoveho uctu. Ale i tak se mi zda byt PC pomalejsi tak prosim jen o kontrolu zda je to jen plnym diskem C a nebo je tu nejaky smejd. Diky

Zprava je moc velka tak ji rozdelim na dve casti

1. cast:

DDS (Ver_09-12-01.01) - NTFSx86
Run by User at 17:00:52,78 on pá 08.01.2010
Internet Explorer: 8.0.6001.18702
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2047.1116 [GMT 1:00]

AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\WINDOWS\ASScrPro.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
svchost.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\StkCSrv.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\User\plocha\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://google.cz/
uSearch Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
uDefault_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
mDefault_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
mSearch Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
mLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
mSearch Bar = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
uInternet Settings,ProxyOverride = <local>;
uSearchURL,(Default) = hxxp://home.microsoft.com/access/autosearch.asp?p=%s
mSearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
mCustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
uURLSearchHooks: Microsoft Url Search Hook: {cfbfae00-17a6-11d0-99cb-00c04fd64497} - c:\windows\system32\ieframe.dll
mWinlogon: Shell=Explorer.exe
mWinlogon: Userinit=c:\windows\system32\userinit.exe,
mWinlogon: UIHost=logonui.exe
mWinlogon: SFCDisable=0 (0x0)
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: WebTransBHO Class: {2db66063-bb98-466a-aa0d-3e7acf5ed853} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: RoboForm: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Pomocník pro přihlášení ke službě Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
TB: WebTranslator: {bfc32e1d-ee75-4a48-bc60-104e11ee2431} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: &Adresa: {01e04581-4eee-11d0-bfe9-00aa005b4383} - %SystemRoot%\system32\browseui.dll
TB: &Odkazy: {0e5cbf21-d15f-11d0-8301-00aa005b4383} - %SystemRoot%\system32\SHELL32.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
EB: Shell Search Band: {21569614-b795-46b1-85f4-e737a8dc09ad} - %SystemRoot%\system32\browseui.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
EB: File Search Explorer Band: {c4ee31f3-4768-11d2-be5c-00a0c9a83da1} - %SystemRoot%\system32\SHELL32.dll
EB: Favorites Band: {efa24e61-b078-11d0-89e4-00c04fc9e26e} - %SystemRoot%\system32\shdocvw.dll
EB: Pruh aplikace Explorer: {efa24e64-b078-11d0-89e4-00c04fc9e26e} - %SystemRoot%\system32\shdocvw.dll
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
uRun: [AdobeUpdater] "c:\program files\common files\adobe\updater5\AdobeUpdater.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ATKHOTKEY] "c:\program files\atk hotkey\Hcontrol.exe"
mRun: [ATKOSD2] "c:\program files\atkosd2\ATKOSD2.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SkyTel] SkyTel.EXE
mRun: [SMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ATKMEDIA] c:\program files\asus\atk media\DMEDIA.EXE
mRun: [Power_Gear] c:\program files\asus\power4 gear\BatteryLife.exe 1
mRun: [ACMON] "c:\program files\asus\splendid\ACMON.exe"
mRun: [ASUS Camera ScreenSaver] c:\windows\ASScrProlog.exe
mRun: [ASUS Screen Saver Protector] c:\windows\ASScrPro.exe
mRun: [Wireless Console 2] "c:\program files\wireless console 2\wcourier.exe"
mRun: [OODefragTray] c:\windows\system32\oodtray.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\nabdka~1\programy\posput~1\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
StartupFolder: c:\docume~1\alluse~1\nabdka~1\programy\posput~1\google~1.lnk - c:\program files\google\google calendar sync\GoogleCalendarSync.exe
uPolicies-explorer: NoDriveTypeAutoRun = 323 (0x143)
uPolicies-explorer: NoDriveAutoRun = 67108863 (0x3ffffff)
uPolicies-explorer: NoDrives = 0 (0x0)
uPolicies-system: DisableRegistryTools = 0 (0x0)
mPolicies-explorer: NoDriveAutoRun = 67108863 (0x3ffffff)
mPolicies-explorer: NoDriveTypeAutoRun = 323 (0x143)
mPolicies-explorer: NoDrives = 0 (0x0)
mPolicies-explorer: HonorAutoRunSetting = 1 (0x1)
mPolicies-system: dontdisplaylastusername = 0 (0x0)
mPolicies-system: legalnoticecaption =
mPolicies-system: legalnoticetext =
mPolicies-system: shutdownwithoutlogon = 1 (0x1)
mPolicies-system: undockwithoutlogon = 1 (0x1)
mPolicies-system: DisableRegistryTools = 0 (0x0)
dPolicies-explorer: NoDriveTypeAutoRun = 323 (0x143)
dPolicies-explorer: NoDriveAutoRun = 67108863 (0x3ffffff)
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Přizpůsobit Menu - file://c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: RF Nástrojová lišta - file://c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: Uložit formuláře - file://c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Vyplnit formulář - file://c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: WikiKomentáře Google... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {BFC32E1D-EE75-4A48-BC60-104E11EE2431}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\all users\data aplikací\langsoft\WebIE.dll
LSP: %SystemRoot%\system32\mswsock.dll
LSP: %SystemRoot%\system32\rsvpsp.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdat ... 3778317703
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - c:\windows\system32\mscoree.dll
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - c:\windows\system32\mscoree.dll
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - c:\windows\system32\mscoree.dll
Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - c:\windows\system32\urlmon.dll
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\windows\system32\urlmon.dll
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\windows\system32\urlmon.dll
Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - c:\windows\system32\urlmon.dll
Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} -
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office11\MSOXMLMF.DLL
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - c:\windows\system32\mshtml.dll
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - c:\windows\system32\urlmon.dll
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - c:\windows\system32\msvidctl.dll
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - c:\windows\system32\urlmon.dll
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - c:\windows\system32\urlmon.dll
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - c:\windows\system32\urlmon.dll
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - c:\windows\system32\urlmon.dll
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\program files\common files\system\ole db\MSDAIPP.DLL
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\program files\common files\system\ole db\MSDAIPP.DLL
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - c:\windows\system32\urlmon.dll
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\program files\common files\system\ole db\MSDAIPP.DLL
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\program files\common files\system\ole db\MSDAIPP.DLL
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\program files\common files\system\ole db\MSDAIPP.DLL
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - c:\windows\system32\mshtml.dll
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - c:\progra~1\wi1f86~1\messen~1\MSGRAP~1.DLL
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - c:\windows\system32\urlmon.dll
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - c:\windows\system32\mshtml.dll
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} -
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - c:\windows\system32\urlmon.dll
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\program files\common files\microsoft shared\information retrieval\MSITSS.DLL
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - c:\program files\common files\system\ole db\MSDAIPP.DLL
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - c:\program files\common files\system\ole db\MSDAIPP.DLL
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - c:\progra~1\wi1f86~1\messen~1\MSGRAP~1.DLL
Handler: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - c:\progra~1\common~1\micros~1\webcom~1\10\OWC10.DLL
Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - c:\progra~1\common~1\micros~1\webcom~1\11\OWC11.DLL
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - c:\windows\system32\mshtml.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} -
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - c:\windows\system32\msvidctl.dll
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - c:\windows\system32\mshtml.dll
Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - c:\windows\system32\wiascr.dll
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - c:\program files\windows live\mail\mailcomm.dll
Name-Space Handler: mk\* - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - c:\windows\system32\itss.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: crypt32chain - crypt32.dll
Notify: cryptnet - cryptnet.dll
Notify: cscdll - cscdll.dll
Notify: dimsntfy - c:\windows\system32\dimsntfy.dll
Notify: ScCertProp - wlnotify.dll
Notify: Schedule - wlnotify.dll
Notify: sclgntfy - sclgntfy.dll
Notify: SensLogn - WlNotify.dll
Notify: termsrv - wlnotify.dll
Notify: WgaLogon - WgaLogon.dll
Notify: wlballoon - wlnotify.dll
SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\SHELL32.dll
SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\SHELL32.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\system32\webcheck.dll
SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - c:\windows\system32\stobject.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - c:\windows\system32\upnpui.dll
STS: Browseui preloader: {438755c2-a8ba-11d1-b96b-00a0c90312e1} - %SystemRoot%\system32\browseui.dll
STS: Proces mezipaměti kategorií součástí: {8c7461ef-2b13-11d2-be35-3078302c2030} - %SystemRoot%\system32\browseui.dll
SEH: URL Exec Hook: {aeb6717e-7e19-11d0-97ee-00c04fd91972} - shell32.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
LSA: Authentication Packages = msv1_0
LSA: Notification Packages = scecli
SubSystems: Windows = basesrv
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
mASetup: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection c:\windows\inf\msnetmtg.inf,NetMtg.Install.PerUser.NT
mASetup: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection c:\windows\inf\msmsgs.inf,BLC.QuietInstall.PerUser
mASetup: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection c:\windows\inf\wmp11.inf,PerUserStub
mASetup: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
mASetup: {89820200-ECBD-11cf-8B85-00AA005B4383} - c:\windows\system32\ie4uinit.exe -BaseSettings
mASetup: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\windows\system32\rundll32.exe c:\windows\system32\mscories.dll,Install
mASetup: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - c:\windows\system32\ieudinit.exe
mASetup: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - c:\windows\inf\unregmp2.exe /ShowWMP
mASetup: >{26923b43-4d38-484f-9b9e-de460746276c} - c:\windows\system32\ie4uinit.exe -UserIconConfig
mASetup: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
mASetup: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
mASetup: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

============= SERVICES / DRIVERS ===============

R0 ACPI;Microsoft ACPI Driver;c:\windows\system32\drivers\acpi.sys [2007-10-29 188288]
R0 ACPIEC;Ovladač zabudovaného řadiče Microsoft;c:\windows\system32\drivers\acpiec.sys [2007-10-29 11776]
R0 atapi;Standardní řadič disku IDE/ESDI;c:\windows\system32\drivers\atapi.sys [2007-10-29 96512]
R0 Compbatt;Microsoft Composite Battery Driver;c:\windows\system32\drivers\compbatt.sys [2008-2-28 10240]
R0 Disk;Ovladač disku;c:\windows\system32\drivers\disk.sys [2007-10-29 36352]
R0 dmio;Ovladač správce logických disků;c:\windows\system32\drivers\dmio.sys [2007-10-29 153856]
R0 dmload;dmload;c:\windows\system32\drivers\dmload.sys [2007-10-29 5888]
R0 FltMgr;FltMgr;c:\windows\system32\drivers\fltmgr.sys [2008-2-28 129792]
R0 Ftdisk;Ovladač správce svazků;c:\windows\system32\drivers\ftdisk.sys [2007-10-29 125184]
R0 isapnp;Řadič Plug and Play sběrnice ISA/EISA;c:\windows\system32\drivers\isapnp.sys [2007-10-29 37248]
R0 KSecDD;KSecDD;c:\windows\system32\drivers\ksecdd.sys [2007-10-29 92928]
R0 MountMgr;Správce připojovacích bodů;c:\windows\system32\drivers\mountmgr.sys [2007-10-29 42368]
R0 Mup;Služba Multiple UNC Provider;c:\windows\system32\drivers\mup.sys [2007-10-29 105344]
R0 NDIS;Systémový ovladač NDIS;c:\windows\system32\drivers\ndis.sys [2007-10-29 182656]
R0 PartMgr;Správce oddílů;c:\windows\system32\drivers\partmgr.sys [2007-10-29 19712]
R0 PCI;Řadič sběrnice PCI;c:\windows\system32\drivers\pci.sys [2007-10-29 68736]
R0 PCIIde;PCIIde;c:\windows\system32\drivers\pciide.sys [2007-10-29 3328]
R0 sr;Ovladač filtru Obnovy systému;c:\windows\system32\drivers\sr.sys [2008-2-28 73344]
R0 VolSnap;VolSnap;c:\windows\system32\drivers\volsnap.sys [2007-10-29 52480]
R1 AFD;AFD;c:\windows\system32\drivers\afd.sys [2007-10-29 138496]
R1 Beep;Beep;c:\windows\system32\drivers\beep.sys [2007-10-29 4224]
R1 Cdrom;Ovladač jednotky CD-ROM;c:\windows\system32\drivers\cdrom.sys [2007-10-29 62976]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-5-14 107256]
R1 epfwtdi;epfwtdi;c:\windows\system32\drivers\epfwtdi.sys [2009-5-14 55768]
R1 Fips;Fips;c:\windows\system32\drivers\fips.sys [2007-10-29 44544]
R1 i8042prt;i8042 Keyboard and PS/2 Mouse Port Driver;c:\windows\system32\drivers\i8042prt.sys [2007-10-29 52096]
R1 Imapi;CD-Burning Filter Driver;c:\windows\system32\drivers\imapi.sys [2007-10-29 42112]
R1 intelppm;Řadič procesoru Intel;c:\windows\system32\drivers\intelppm.sys [2007-10-29 40192]
R1 IPSec;Ovladač IPSEC;c:\windows\system32\drivers\ipsec.sys [2007-10-29 75264]
R1 Kbdclass;Ovladač třídy klávesnic;c:\windows\system32\drivers\kbdclass.sys [2007-10-29 24576]
R1 mnmdd;mnmdd;c:\windows\system32\drivers\mnmdd.sys [2007-10-29 4224]
R1 Mouclass;Ovladač třídy myší;c:\windows\system32\drivers\mouclass.sys [2004-8-17 23040]
R1 MRxSmb;MRXSMB;c:\windows\system32\drivers\mrxsmb.sys [2007-10-29 455296]
R1 Msfs;Msfs;c:\windows\system32\drivers\msfs.sys [2007-10-29 19072]
R1 NetBIOS;Rozhraní NetBIOS;c:\windows\system32\drivers\netbios.sys [2007-10-29 34688]
R1 NetBT;Rozhraní NetBios nad protokolem TCP/IP;c:\windows\system32\drivers\netbt.sys [2007-10-29 162816]
R1 Npfs;Npfs;c:\windows\system32\drivers\npfs.sys [2007-10-29 30848]
R1 Null;Null;c:\windows\system32\drivers\null.sys [2007-10-29 2944]
R1 RasAcd;Ovladač automatického připojení pomocí vzdáleného přístupu;c:\windows\system32\drivers\rasacd.sys [2007-10-29 8832]
R1 Rdbss;Rdbss;c:\windows\system32\drivers\rdbss.sys [2007-10-29 175744]
R1 RDPCDD;RDPCDD;c:\windows\system32\drivers\rdpcdd.sys [2007-10-29 4224]
R1 redbook;Digital CD Audio Playback Filter Driver;c:\windows\system32\drivers\redbook.sys [2008-2-28 58496]
R1 SCDEmu;SCDEmu;c:\windows\system32\drivers\scdemu.sys [2008-11-2 56572]
R1 Tcpip;Ovladač protokolu TCP/IP;c:\windows\system32\drivers\tcpip.sys [2007-10-29 361600]
R1 TermDD;Ovladač terminálového zařízení;c:\windows\system32\drivers\termdd.sys [2008-2-28 40840]
R1 Tosrfcom;Bluetooth RFCOMM;c:\windows\system32\drivers\tosrfcom.sys [2009-12-29 64000]
R1 VgaSave;Řadič zobrazovače VGA;c:\windows\system32\drivers\vga.sys [2007-10-29 20992]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\common files\abbyy\finereader\9.00\licensing\pe\NetworkLicenseServer.exe [2007-12-6 660768]
R2 Apple Mobile Device;Apple Mobile Device;c:\program files\common files\apple\mobile device support\bin\AppleMobileDeviceService.exe [2008-2-18 110592]
R2 Ati HotKey Poller;Ati HotKey Poller;c:\windows\system32\ati2evxx.exe [2007-3-6 446464]
R2 AudioSrv;Zvuk systému Windows;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 BITS;Služba inteligentního přenosu na pozadí (BITS);c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 Bonjour Service;Bonjour Service;c:\program files\bonjour\mDNSResponder.exe [2007-7-24 229376]
R2 Browser;Prohledávání počítačů;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 CryptSvc;CryptSvc;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 DcomLaunch;Spouštěč procesů serveru DCOM;c:\windows\system32\svchost -k dcomlaunch --> c:\windows\system32\svchost -k DcomLaunch [?]
R2 Dhcp;Klient DHCP;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 dmserver;Správce logických disků;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 Dnscache;Klient DNS;c:\windows\system32\svchost.exe -k NetworkService [2007-10-29 14336]
R2 eamon;eamon;c:\windows\system32\drivers\eamon.sys [2009-5-14 114472]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-5-14 731840]
R2 epfw;epfw;c:\windows\system32\drivers\epfw.sys [2009-5-14 133000]
R2 ERSvc;Error Reporting Service;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 Eventlog;Protokol událostí;c:\windows\system32\services.exe [2007-10-29 111104]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-3-28 55152]
R2 ghaio;ghaio;c:\program files\asus\nb probe\spm\ghaio.sys [2008-2-28 20936]
R2 helpsvc;Nápověda a odborná pomoc;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 HidServ;HID Input Service;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 JavaQuickStarterService;Java Quick Starter;c:\program files\java\jre6\bin\jqs.exe [2009-2-26 152984]
R2 lanmanserver;Server;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 lanmanworkstation;Pracovní stanice;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service;c:\program files\common files\lightscribe\LSSrvc.exe [2007-6-28 79136]
R2 LmHosts;Podpora rozhraní NetBIOS nad protokolem TCP/IP;c:\windows\system32\svchost.exe -k LocalService [2007-10-29 14336]
R2 MDM;Machine Debug Manager;c:\program files\common files\microsoft shared\vs7debug\MDM.EXE [2003-6-19 322120]
R2 O&O Defrag;O&O Defrag;c:\windows\system32\oodag.exe [2007-5-11 1050120]
R2 PlugPlay;Plug and Play;c:\windows\system32\services.exe [2007-10-29 111104]
R2 PolicyAgent;Služby IPSEC;c:\windows\system32\lsass.exe [2007-10-29 13312]
R2 ProtectedStorage;Chráněné úložiště;c:\windows\system32\lsass.exe [2007-10-29 13312]
R2 RemoteRegistry;Vzdálený registr;c:\windows\system32\svchost.exe -k LocalService [2007-10-29 14336]
R2 RpcSs;Vzdálené volání procedur (RPC);c:\windows\system32\svchost -k rpcss --> c:\windows\system32\svchost -k rpcss [?]
R2 SamSs;Správce zabezpečení účtů;c:\windows\system32\lsass.exe [2007-10-29 13312]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R2 seclogon;Secondary Logon;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 SENS;Oznamování systémových událostí;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 SharedAccess;Brána Firewall / Sdílení připojení k Internetu (ICS);c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 ShellHWDetection;Rozpoznávání hardwaru;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 Schedule;Plánovač úloh;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 spmgr;spmgr;c:\program files\asus\nb probe\spm\spmgr.exe [2008-2-28 125496]
R2 Spooler;Zařazování tisku;c:\windows\system32\spoolsv.exe [2007-10-29 57856]
R2 srservice;Služba obnovení systému;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 stisvc;Načítání obrázků (WIA);c:\windows\system32\svchost.exe -k imgsvc [2007-10-29 14336]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\system32\StkCSrv.exe [2008-2-28 24576]
R2 Themes;Motivy;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2009-8-27 92008]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;c:\program files\toshiba\bluetooth toshiba stack\TosBtSrv.exe [2007-2-25 125048]
R2 TrkWks;Klient služby sledování distribuovaných propojení;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 UxTuneUp;TuneUp Theme Extension;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 W32Time;Systémový čas;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 WebClient;Webový klient;c:\windows\system32\svchost.exe -k LocalService [2007-10-29 14336]
R2 winmgmt;Služba WMI;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 wscsvc;Centrum zabezpečení;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 wuauserv;Automatické aktualizace;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R2 WZCSVC;Automatická konfigurace bezdrátových zařízení;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R3 ALG;Služba brány aplikačního rozhraní;c:\windows\system32\alg.exe [2007-10-29 44544]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service;c:\windows\system32\drivers\athw.sys [2008-4-3 1333152]
R3 ASNDIS5;ASNDIS5 Protocol Driver;c:\progra~1\atkhot~1\ASNDIS5.SYS [2008-2-28 16269]
R3 ati2mtag;ati2mtag;c:\windows\system32\drivers\ati2mtag.sys [2007-3-6 1972736]
R3 audstub;Prázdný zvukový ovladač;c:\windows\system32\drivers\audstub.sys [2008-2-28 3072]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver;c:\windows\system32\drivers\cmbatt.sys [2008-2-28 13952]
R3 Epfwndis;Eset Personal Firewall;c:\windows\system32\drivers\epfwndis.sys [2009-5-14 33096]
R3 EventSystem;Systém událostí modelu COM+;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R3 FastUserSwitchingCompatibility;Kompatibilita pro rychlé přepínání uživatelů;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R3 Gpc;Obecné třídění paketů;c:\windows\system32\drivers\msgpc.sys [2007-10-29 35072]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio;c:\windows\system32\drivers\hdaudbus.sys [2005-1-7 144384]
R3 HTTP;Služba HTTP;c:\windows\system32\drivers\http.sys [2007-10-29 265728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM);c:\windows\system32\drivers\RtkHDAud.Sys [2008-2-28 4225920]
R3 IpNat;IP Network Address Translator;c:\windows\system32\drivers\ipnat.sys [2007-10-29 152832]
R3 kbfiltr;Keyboard Filter;c:\windows\system32\drivers\kbfiltr.sys [2008-2-28 5632]
R3 kmixer;Směšovač Microsoft Kernel Wave Audio Mixer;c:\windows\system32\drivers\kmixer.sys [2008-2-28 172416]
R3 Modem;Modem;c:\windows\system32\drivers\modem.sys [2004-8-17 30080]
R3 MODEMCSA;Unimodem Streaming Filter Device;c:\windows\system32\drivers\MODEMCSA.sys [2008-2-28 16128]
R3 MRxDAV;Přesměrovač klienta WebDav;c:\windows\system32\drivers\mrxdav.sys [2007-10-29 180608]
R3 MSIServer;Windows Installer;c:\windows\system32\msiexec.exe [2007-10-29 78848]
R3 mssmbios;Ovladač Microsoft System Management BIOS;c:\windows\system32\drivers\mssmbios.sys [2004-8-4 15488]
R3 MTsensor;ATK0100 ACPI UTILITY;c:\windows\system32\drivers\ATKACPI.sys [2008-2-28 5760]
R3 NdisTapi;Ovladač Remote Access NDIS TAPI;c:\windows\system32\drivers\ndistapi.sys [2007-10-29 10112]
R3 Ndisuio;Protokol NDIS uživatelského režimu V/V;c:\windows\system32\drivers\ndisuio.sys [2004-8-4 14592]
R3 NdisWan;Ovladač Remote Access NDIS WAN;c:\windows\system32\drivers\ndiswan.sys [2007-10-29 91520]
R3 NDProxy;Služba NDIS Proxy;c:\windows\system32\drivers\ndproxy.sys [2007-10-29 40576]
R3 Netman;Síťová připojení;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R3 Nla;Sledování umístění v síti (NLA);c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R3 PptpMiniport;WAN Miniport (PPTP);c:\windows\system32\drivers\raspptp.sys [2007-10-29 48384]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2007-10-29 69120]
R3 Ptilink;Direct Parallel Link Driver;c:\windows\system32\drivers\ptilink.sys [2007-10-29 17792]
R3 Rasl2tp;WAN Miniport (L2TP);c:\windows\system32\drivers\rasl2tp.sys [2007-10-29 51328]
R3 RasMan;Správce vzdáleného přístupu;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R3 RasPppoe;Remote Access PPPOE Driver;c:\windows\system32\drivers\raspppoe.sys [2007-10-29 41472]
R3 Raspti;Přímé propojení paralelním kabelem;c:\windows\system32\drivers\raspti.sys [2007-10-29 16512]
R3 rdpdr;Ovladač přesměrovače zařízení terminálového serveru;c:\windows\system32\drivers\rdpdr.sys [2008-2-28 196224]
R3 ROOTMODEM;Microsoft Legacy Modem Driver;c:\windows\system32\drivers\rootmdm.sys [2007-10-29 5888]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver;c:\windows\system32\drivers\Rtnicxp.sys [2008-2-28 83968]
R3 RTSTOR;USB Mass Stroage Device;c:\windows\system32\drivers\RTSTOR.sys [2008-2-28 34816]
R3 smserial;smserial;c:\windows\system32\drivers\smserial.sys [2008-2-28 982272]
R3 Srv;Srv;c:\windows\system32\drivers\srv.sys [2007-10-29 333952]
R3 SSDPSRV;Služba rozpoznávání pomocí protokolu SSDP;c:\windows\system32\svchost.exe -k LocalService [2007-10-29 14336]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\drivers\StkCMini.sys [2008-2-28 1260672]
R3 swenum;Softwarový ovladač sběrnice;c:\windows\system32\drivers\swenum.sys [2004-8-3 4352]
R3 SynTP;Synaptics TouchPad Driver;c:\windows\system32\drivers\SynTP.sys [2008-2-28 193088]
R3 sysaudio;Microsoft Kernel System Audio Device;c:\windows\system32\drivers\sysaudio.sys [2008-2-28 60800]
R3 TapiSrv;Telefonní subsystém;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
R3 TermService;Terminálová služba;c:\windows\system32\svchost -k dcomlaunch --> c:\windows\system32\svchost -k DComLaunch [?]
R3 tosporte;Bluetooth COM Port;c:\windows\system32\drivers\tosporte.sys [2009-12-29 41600]
R3 Update;Ovladač aktualizace mikrokódu;c:\windows\system32\drivers\update.sys [2007-10-29 384768]
R3 upnphost;Hostitel zařízení UPnP;c:\windows\system32\svchost.exe -k LocalService [2007-10-29 14336]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0;c:\windows\system32\drivers\usbehci.sys [2007-10-29 30208]
R3 usbhub;Ovladač standardního rozbočovače USB;c:\windows\system32\drivers\usbhub.sys [2007-10-29 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB;c:\windows\system32\drivers\usbohci.sys [2007-10-29 17152]
R3 Wanarp;Ovladač Remote Access IP ARP;c:\windows\system32\drivers\wanarp.sys [2007-10-29 34560]
R3 wdmaud;Microsoft WINMM WDM Audio Compatibility Driver;c:\windows\system32\drivers\wdmaud.sys [2008-2-28 83072]
R3 WmiApSrv;Adaptér výkonu služby WMI;c:\windows\system32\wbem\wmiapsrv.exe [2008-2-28 126464]
R4 Cdfs;Cdfs;c:\windows\system32\drivers\cdfs.sys [2007-10-29 63744]
R4 Ntfs;Ntfs;c:\windows\system32\drivers\ntfs.sys [2007-10-29 574976]

[Karel ZYKMUND]

2. cast

S1 Cdaudio;Cdaudio;c:\windows\system32\drivers\cdaudio.sys [2001-8-17 18688]
S1 Fdc;Fdc;c:\windows\system32\drivers\fdc.sys [2007-10-29 27392]
S1 Flpydisk;Flpydisk;c:\windows\system32\drivers\flpydisk.sys [2007-10-29 20480]
S1 Changer;Changer; [x]
S1 i2omgmt;i2omgmt; [x]
S1 lbrtfdc;lbrtfdc; [x]
S1 PCIDump;PCIDump; [x]
S1 Sfloppy;Sfloppy;c:\windows\system32\drivers\sfloppy.sys [2007-10-29 11392]
S2 gupdate1c993b08a607838;Služba Google Update (gupdate1c993b08a607838);c:\program files\google\update\GoogleUpdate.exe [2009-2-21 133104]
S2 gusvc;Google Software Updater;c:\program files\google\common\google updater\GoogleUpdaterService.exe [2009-5-20 182768]
S2 ParVdm;ParVdm;c:\windows\system32\drivers\parvdm.sys [2007-10-29 6784]
S2 Serial;Serial;c:\windows\system32\drivers\serial.sys [2007-10-29 64256]
S3 aec;Microsoft Kernel Acoustic Echo Canceller;c:\windows\system32\drivers\aec.sys [2008-2-28 142592]
S3 AppMgmt;Správa aplikací;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
S3 AR5211;Atheros Wireless Network Adapter Service;c:\windows\system32\drivers\ar5211.sys [2008-3-23 546976]
S3 aspnet_state;Stavová služba ASP.NET;c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe [2008-7-25 34312]
S3 Asushwio;Asushwio;c:\windows\system32\drivers\Asushwio.sys [2008-2-28 5824]
S3 AsyncMac;Ovladač asynchronních médií připojení RAS;c:\windows\system32\drivers\asyncmac.sys [2007-10-29 14336]
S3 Atmarpc;Protokol ATM ARP Client;c:\windows\system32\drivers\atmarpc.sys [2007-10-29 59904]
S3 catchme;catchme;\??\c:\docume~1\user\locals~1\temp\catchme.sys --> c:\docume~1\user\locals~1\temp\catchme.sys [?]
S3 CCDECODE;Dekodér Closed Caption;c:\windows\system32\drivers\ccdecode.sys [2008-2-28 17024]
S3 CiSvc;Indexing Service;c:\windows\system32\cisvc.exe [2007-10-29 5632]
S3 ClipSrv;Síťová schránka;c:\windows\system32\clipsrv.exe [2007-10-29 33280]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86;c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe [2008-7-25 69632]
S3 COMSysApp;Systémové aplikace modelu COM+;c:\windows\system32\dllhost.exe [2007-10-29 5120]
S3 dmadmin;Služba správy pro Správce logických disků;c:\windows\system32\dmadmin.exe [2007-10-29 225280]
S3 DMusic;Syntezátor Microsoft Kernel DLS;c:\windows\system32\drivers\dmusic.sys [2008-2-28 52864]
S3 Dot3svc;Automatická konfigurace pevné sítě;c:\windows\system32\svchost.exe -k dot3svc [2007-10-29 14336]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler;c:\windows\system32\drivers\drmkaud.sys [2008-2-28 2944]
S3 EapHost;Služba EAP (Extensible Authentication Protocol);c:\windows\system32\svchost.exe -k eapsvcs [2007-10-29 14336]
S3 EhttpSrv;ESET HTTP Server;c:\program files\eset\eset smart security\EHttpSrv.exe [2009-5-14 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0;c:\windows\microsoft.net\framework\v3.0\wpf\PresentationFontCache.exe [2008-7-29 46104]
S3 fsssvc;Windows Live Zabezpečení rodiny;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]
S3 hidusb;Ovladač třídy standardu HID;c:\windows\system32\drivers\hidusb.sys [2007-10-29 10368]
S3 hkmsvc;Služba Správa klíčů a certifikátů stavu;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
S3 HTTPFilter;Služba HTTP SSL;c:\windows\system32\svchost.exe -k HTTPFilter [2007-10-29 14336]
S3 idsvc;Windows CardSpace;c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe [2008-7-29 881664]
S3 ImapiService;Služba modelu COM pro zápis na disk CD (IMAPI);c:\windows\system32\imapi.exe [2007-10-29 150528]
S3 Ip6Fw;Ovladač IPv6 brány firewall systému Windows;c:\windows\system32\drivers\ip6fw.sys [2007-10-29 36608]
S3 IpFilterDriver;IP Traffic Filter Driver;c:\windows\system32\drivers\ipfltdrv.sys [2007-10-29 32896]
S3 IpInIp;IP in IP Tunnel Driver;c:\windows\system32\drivers\ipinip.sys [2007-10-29 20864]
S3 IRENUM;Služba čítače výčtu IR;c:\windows\system32\drivers\irenum.sys [2008-2-28 11264]
S3 mnmsrvc;NetMeeting - Vzdálené sdílení plochy;c:\windows\system32\mnmsrvc.exe [2008-2-28 32768]
S3 mouhid;Ovladač myši standardu HID;c:\windows\system32\drivers\mouhid.sys [2001-10-24 12160]
S3 MSDTC;Koordinátor DTC;c:\windows\system32\msdtc.exe [2008-2-28 6144]
S3 MSKSSRV;Microsoft Streaming Service Proxy;c:\windows\system32\drivers\mskssrv.sys [2008-2-28 7552]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy;c:\windows\system32\drivers\mspclock.sys [2008-2-28 5376]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy;c:\windows\system32\drivers\mspqm.sys [2008-2-28 4992]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter;c:\windows\system32\drivers\mstee.sys [2008-2-28 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec;c:\windows\system32\drivers\nabtsfec.sys [2008-2-28 85248]
S3 napagent;Agent architektury NAP (Network Access Protection);c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
S3 NBService;NBService;c:\program files\nero\nero 7\nero backitup\NBService.exe [2007-4-13 792112]
S3 NdisIP;Microsoft TV/Video Connection;c:\windows\system32\drivers\ndisip.sys [2008-2-28 10880]
S3 Netlogon;Přihlašování k síti;c:\windows\system32\lsass.exe [2007-10-29 13312]
S3 NMIndexingService;NMIndexingService;c:\program files\common files\ahead\lib\NMIndexingService.exe [2007-6-1 271920]
S3 NtLmSsp;Zprostředkovatel zabezpečení NT LM;c:\windows\system32\lsass.exe [2007-10-29 13312]
S3 NtmsSvc;Vyměnitelné úložiště;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
S3 NwlnkFlt;IPX Traffic Filter Driver;c:\windows\system32\drivers\nwlnkflt.sys [2007-10-29 12416]
S3 NwlnkFwd;IPX Traffic Forwarder Driver;c:\windows\system32\drivers\nwlnkfwd.sys [2007-10-29 32512]
S3 ose;Office Source Engine;c:\program files\common files\microsoft shared\source engine\OSE.EXE [2003-7-28 89136]
S3 Parport;Parport;c:\windows\system32\drivers\parport.sys [2004-8-17 80000]
S3 PDCOMP;PDCOMP; [x]
S3 PDFRAME;PDFRAME; [x]
S3 PDRELI;PDRELI; [x]
S3 PDRFRAME;PDRFRAME; [x]
S3 RasAuto;Správce automatického připojení pomocí vzdáleného přístupu;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
S3 RDPWD;RDPWD;c:\windows\system32\drivers\rdpwd.sys [2008-2-28 139656]
S3 RDSessMgr;Správce relací nápovědy ke vzdálené ploše;c:\windows\system32\sessmgr.exe [2008-2-28 141824]
S3 RpcLocator;Lokátor vzdáleného volání procedur (RPC);c:\windows\system32\locator.exe [2007-10-29 75264]
S3 RSVP;QoS RSVP;c:\windows\system32\rsvp.exe [2007-10-29 132608]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver;c:\windows\system32\drivers\RTL8139.sys [2008-2-28 20992]
S3 SCardSvr;Smart Card;c:\windows\system32\scardsvr.exe [2007-10-29 97792]
S3 Secdrv;Secdrv;c:\windows\system32\drivers\secdrv.sys [2007-10-29 20480]
S3 SLIP;BDA Slip De-Framer;c:\windows\system32\drivers\slip.sys [2008-2-28 11136]
S3 splitter;Microsoft Kernel Audio Splitter;c:\windows\system32\drivers\splitter.sys [2008-2-28 6272]
S3 streamip;BDA IPSink;c:\windows\system32\drivers\streamip.sys [2008-2-28 15232]
S3 swmidi;Microsoft Kernel GS Wavetable Synthesizer;c:\windows\system32\drivers\swmidi.sys [2008-2-28 56576]
S3 SwPrv;MS Software Shadow Copy Provider;c:\windows\system32\dllhost.exe [2007-10-29 5120]
S3 SysmonLog;Výstrahy a protokolování výkonu;c:\windows\system32\smlogsvc.exe [2007-10-29 90112]
S3 TDPIPE;TDPIPE;c:\windows\system32\drivers\tdpipe.sys [2008-2-28 12040]
S3 TDTCP;TDTCP;c:\windows\system32\drivers\tdtcp.sys [2008-2-28 21896]
S3 toshidpt;Bluetooth HID Port;c:\windows\system32\drivers\Toshidpt.sys [2009-12-29 3712]
S3 tosrfbd;Bluetooth RFBUS;c:\windows\system32\drivers\tosrfbd.sys [2009-12-29 113920]
S3 tosrfbnp;Bluetooth RFBNEP;c:\windows\system32\drivers\tosrfbnp.sys [2009-12-29 36480]
S3 Tosrfhid;Bluetooth RFHID;c:\windows\system32\drivers\Tosrfhid.sys [2009-12-29 73728]
S3 tosrfnds;Bluetooth Personal Area Network;c:\windows\system32\drivers\tosrfnds.sys [2009-12-29 18612]
S3 TosRfSnd;Bluetooth Audio;c:\windows\system32\drivers\TosRfSnd.sys [2009-12-29 53376]
S3 tosrfusb;Bluetooth USB Controller;c:\windows\system32\drivers\tosrfusb.sys [2009-12-29 41856]
S3 UPS;Uninterruptible Power Supply;c:\windows\system32\ups.exe [2007-10-29 18432]
S3 usb_rndisx;Adaptér USB RNDIS;c:\windows\system32\drivers\usb8023x.sys [2008-6-18 12800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB;c:\windows\system32\drivers\usbccgp.sys [2009-12-15 32128]
S3 usbscan;Ovladač skeneru USB;c:\windows\system32\drivers\usbscan.sys [2009-10-5 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB;c:\windows\system32\drivers\usbstor.sys [2007-10-29 26368]
S3 VSS;Stínová kopie svazku;c:\windows\system32\vssvc.exe [2007-10-29 290816]
S3 wceusbsh;Windows CE USB Serial Host Driver;c:\windows\system32\drivers\wceusbsh.sys [2006-11-6 28672]
S3 WDICA;WDICA; [x]
S3 WmdmPmSN;Služba sériového čísla přenosného zařízení;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
S3 Wmi;Rozšíření ovladače WMI;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing;c:\program files\windows media player\wmpnetwk.exe [2007-1-5 913920]
S3 WSTCODEC;Dálnopisný kodek světového standardu;c:\windows\system32\drivers\wstcodec.sys [2008-2-28 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver;c:\windows\system32\drivers\WudfPf.sys [2006-9-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector;c:\windows\system32\drivers\WudfRd.sys [2006-9-28 82944]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework;c:\windows\system32\svchost.exe -k WudfServiceGroup [2007-10-29 14336]
S3 xmlprov;Služba pro síťová ustanovení;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
S4 Abiosdsk;Abiosdsk; [x]
S4 abp480n5;abp480n5; [x]
S4 adpu160m;adpu160m; [x]
S4 Aha154x;Aha154x; [x]
S4 aic78u2;aic78u2; [x]
S4 aic78xx;aic78xx; [x]
S4 Alerter;Výstrahy;c:\windows\system32\svchost.exe -k LocalService [2007-10-29 14336]
S4 AliIde;AliIde; [x]
S4 amsint;amsint; [x]
S4 asc;asc; [x]
S4 asc3350p;asc3350p; [x]
S4 asc3550;asc3550; [x]
S4 Atdisk;Atdisk; [x]
S4 cbidf2k;cbidf2k;c:\windows\system32\drivers\cbidf2k.sys [2007-10-29 13952]
S4 cd20xrnt;cd20xrnt; [x]
S4 CmdIde;CmdIde; [x]
S4 Cpqarray;Cpqarray; [x]
S4 dac960nt;dac960nt; [x]
S4 dmboot;dmboot;c:\windows\system32\drivers\dmboot.sys [2007-10-29 800000]
S4 dpti2o;dpti2o; [x]
S4 Fastfat;Fastfat;c:\windows\system32\drivers\fastfat.sys [2007-10-29 143744]
S4 hpn;hpn; [x]
S4 i2omp;i2omp; [x]
S4 ini910u;ini910u; [x]
S4 IntelIde;IntelIde; [x]
S4 Messenger;Kurýrní služba;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
S4 mraid35x;mraid35x; [x]
S4 NetDDE;Služba DDE v síti;c:\windows\system32\netdde.exe [2007-10-29 111616]
S4 NetDDEdsdm;Správce DSDM služby DDE v síti;c:\windows\system32\netdde.exe [2007-10-29 111616]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;"c:\windows\microsoft.net\framework\v3.0\windows communication foundation\SMSvcHost.exe" [2008-7-29 132096]
S4 Pcmcia;Pcmcia;c:\windows\system32\drivers\pcmcia.sys [2007-10-29 120064]
S4 perc2;perc2; [x]
S4 perc2hib;perc2hib; [x]
S4 ql1080;ql1080; [x]
S4 Ql10wnt;Ql10wnt; [x]
S4 ql12160;ql12160; [x]
S4 ql1240;ql1240; [x]
S4 ql1280;ql1280; [x]
S4 RemoteAccess;Směrování a vzdálený přístup;c:\windows\system32\svchost.exe -k netsvcs [2007-10-29 14336]
S4 Simbad;Simbad; [x]
S4 Sparrow;Sparrow; [x]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys --> c:\windows\system32\drivers\sptd.sys [?]
S4 sym_hi;sym_hi; [x]
S4 sym_u3;sym_u3; [x]
S4 symc810;symc810; [x]
S4 symc8xx;symc8xx; [x]
S4 TlntSvr;Telnet;c:\windows\system32\tlntsvr.exe [2007-10-29 73728]
S4 TosIde;TosIde; [x]
S4 Udfs;Udfs;c:\windows\system32\drivers\udfs.sys [2007-10-29 66048]
S4 ultra;ultra; [x]
S4 ViaIde;ViaIde; [x]

============== File Associations ===============

batfile="%1" %*
chm.file="%SYSTEMROOT%\hh.exe" %1
cmdfile="%1" %*
comfile="%1" %*
exefile="%1" %*
inffile=%SystemRoot%\System32\NOTEPAD.EXE %1
inifile=%SystemRoot%\System32\NOTEPAD.EXE %1
JSEFile=%SystemRoot%\System32\WScript.exe "%1" %*
piffile="%1" %*
regedit=regedit.exe %1
regfile=regedit.exe "%1"
scrfile="%1" /S
txtfile=%SystemRoot%\system32\NOTEPAD.EXE %1
VBEFile=%SystemRoot%\System32\WScript.exe "%1" %*
VBSFile=%SystemRoot%\System32\WScript.exe "%1" %*

=============== Created Last 30 ================

2010-01-08 12:18:33 0 d-----w- c:\program files\common files\Skype
2010-01-07 21:46:10 0 d-sh--w- c:\documents and settings\user\Recent
2009-12-29 22:16:43 0 ----a-w- c:\windows\tosOBEX.INI
2009-12-29 22:10:11 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-12-29 22:04:18 41856 ----a-w- c:\windows\system32\drivers\tosrfusb.sys
2009-12-29 22:04:17 113920 ----a-w- c:\windows\system32\drivers\tosrfbd.sys
2009-12-29 22:04:15 73728 ----a-w- c:\windows\system32\drivers\Tosrfhid.sys
2009-12-29 22:04:14 3712 ----a-w- c:\windows\system32\drivers\Toshidpt.sys
2009-12-29 22:04:13 36480 ----a-w- c:\windows\system32\drivers\tosrfbnp.sys
2009-12-29 22:04:12 18612 ----a-w- c:\windows\system32\drivers\tosrfnds.sys
2009-12-29 22:04:10 53376 ----a-w- c:\windows\system32\drivers\TosRfSnd.sys
2009-12-29 22:04:09 64000 ----a-w- c:\windows\system32\drivers\tosrfcom.sys
2009-12-29 22:04:07 41600 ----a-w- c:\windows\system32\drivers\tosporte.sys
2009-12-29 22:03:37 0 d-----w- c:\program files\Toshiba
2009-12-15 17:20:32 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-12-10 08:06:16 0 dc-h--w- c:\windows\$NtUninstallKB970430$
2009-12-10 08:05:48 0 dc-h--w- c:\windows\$NtUninstallKB974318$
2009-12-10 08:04:50 0 dc-h--w- c:\windows\$NtUninstallKB973904$
2009-12-10 08:04:42 0 dc-h--w- c:\windows\$NtUninstallKB974392$
2009-12-10 08:04:32 0 dc-h--w- c:\windows\$NtUninstallKB971737$

==================== Find3M ====================

2010-01-08 16:00:49 69632 ---ha-w- c:\documents and settings\user\NTUSER.DAT.LOG
2010-01-08 12:17:03 13646 ----a-w- c:\windows\system32\wpa.dbl
2010-01-08 08:33:58 1571243 ----a-w- c:\windows\WindowsUpdate.log
2010-01-07 23:23:46 2048 --s-a-w- c:\windows\bootstat.dat
2010-01-07 23:23:41 2145386496 --sha-w- C:\pagefile.sys
2010-01-07 23:23:41 187719 ----a-w- c:\windows\system32\oodbs.lor
2010-01-07 23:22:37 32468 ----a-w- c:\windows\SchedLgU.Txt
2010-01-07 23:22:31 272 --sh--w- c:\documents and settings\user\ntuser.ini
2010-01-07 23:22:31 11812864 ----a-w- c:\documents and settings\user\ntuser.dat
2010-01-06 00:12:41 84378 ----a-w- c:\windows\system32\perfc005.dat
2010-01-06 00:12:41 72494 ----a-w- c:\windows\system32\perfc009.dat
2010-01-06 00:12:41 444236 ----a-w- c:\windows\system32\perfh009.dat
2010-01-06 00:12:41 441160 ----a-w- c:\windows\system32\perfh005.dat
2010-01-06 00:12:40 1054510 ----a-w- c:\windows\system32\PerfStringBackup.INI
2009-12-29 22:05:00 8250 ----a-w- c:\windows\inf\oem33.PNF
2009-12-29 22:04:55 1673448 ----a-w- c:\windows\inf\INFCACHE.1
2009-12-29 22:04:52 47714 ----a-w- c:\windows\inf\oem40.PNF
2009-12-29 22:04:17 9632 ----a-w- c:\windows\inf\oem39.PNF
2009-12-29 22:04:16 7562 ----a-w- c:\windows\inf\oem38.PNF
2009-12-29 22:04:15 7530 ----a-w- c:\windows\inf\oem37.PNF
2009-12-29 22:04:14 7858 ----a-w- c:\windows\inf\oem36.PNF
2009-12-29 22:04:12 9346 ----a-w- c:\windows\inf\oem35.PNF
2009-12-29 22:04:11 13178 ----a-w- c:\windows\inf\oem34.PNF
2009-12-29 22:04:09 7858 ----a-w- c:\windows\inf\oem32.PNF
2009-12-29 21:32:59 9852 ----a-w- c:\windows\inf\netamd.PNF
2009-12-29 21:31:59 71236 ----a-w- c:\windows\inf\mdmrock4.PNF
2009-12-16 18:15:07 101 ----a-w- c:\docume~1\user\dataap~1\AVSDVDPlayer.m3u
2009-12-13 12:25:36 4676 ----a-w- c:\windows\inf\branches.PNF
2009-12-01 20:06:19 25966024 ----a-w- c:\windows\system32\MRT.exe
2009-11-26 13:41:10 4249 ----a-w- c:\windows\ODBCINST.INI
2009-11-24 23:20:21 592968 ----a-w- c:\windows\system32\TZLog.log
2009-11-24 13:40:48 13583 ----a-w- C:\ComboFix.txt
2009-11-24 13:28:26 390144 ----a-w- c:\windows\system32\CF28268.exe
2009-11-11 23:23:04 3417 ----a-w- c:\windows\system32\wbem\Outlook_01ca6325eaf6e30e.mof
2009-11-11 23:21:46 287704 ----a-w- c:\windows\system32\FNTCACHE.DAT
2009-10-29 07:43:54 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:43:54 1208832 ----a-w- c:\windows\system32\urlmon.dll
2009-10-29 07:43:53 206848 ----a-w- c:\windows\system32\occache.dll
2009-10-29 07:43:52 5940736 ----a-w- c:\windows\system32\mshtml.dll
2009-10-29 07:43:48 594432 ----a-w- c:\windows\system32\msfeeds.dll
2009-10-29 07:43:48 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2009-10-29 07:43:48 25600 ----a-w- c:\windows\system32\jsproxy.dll
2009-10-29 07:43:48 1985536 ----a-w- c:\windows\system32\iertutil.dll
2009-10-29 07:43:48 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2009-10-29 07:43:47 184320 ----a-w- c:\windows\system32\iepeers.dll
2009-10-29 07:43:46 11069952 ----a-w- c:\windows\system32\ieframe.dll
2009-10-29 07:43:43 387584 ----a-w- c:\windows\system32\iedkcs32.dll
2009-10-28 15:07:15 46080 ------w- c:\windows\system32\tzchange.exe
2009-10-28 14:40:47 173056 ----a-w- c:\windows\system32\ie4uinit.exe
2009-10-21 05:40:39 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40:39 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-13 13:59:31 54156 ---ha-w- c:\windows\QTFont.qfn
2009-10-13 10:34:22 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40:19 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40:19 150016 ----a-w- c:\windows\system32\rastls.dll
2009-10-05 20:43:51 27968 ----a-w- c:\windows\inf\sti.PNF
2009-10-05 20:43:50 10788 ----a-w- c:\windows\inf\ptpusb.PNF
2009-08-06 17:22:18 57552 ----a-w- c:\windows\inf\wuau.adm
2009-07-26 10:05:35 127762 ----a-w- c:\windows\inf\oem23.PNF
2009-07-26 10:05:06 8180 ----a-w- c:\windows\inf\oem22.PNF
2009-07-26 10:05:05 8266 ----a-w- c:\windows\inf\oem21.PNF
2009-07-15 12:06:40 5306 ----a-w- c:\windows\inf\oem19.PNF
2009-07-15 12:06:38 7362 ----a-w- c:\windows\inf\oem18.PNF
2009-06-17 20:44:37 6800 ----a-w- c:\windows\inf\netrndis.PNF
2009-05-30 14:02:35 4440 ----a-w- c:\windows\inf\ieaccess.PNF
2009-05-30 14:01:51 1612 ----a-w- c:\windows\inf\ieaccess.inf
2009-05-29 13:25:56 4684 ----a-w- c:\windows\inf\Erma.PNF
2009-05-14 13:41:04 3421 ----a-w- c:\windows\inf\oem18.inf
2009-03-28 21:56:08 4624 ----a-w- c:\windows\inf\msxpsdrv.PNF
2009-03-28 21:18:40 5512 ----a-w- c:\windows\inf\oem29.PNF
2009-03-28 20:46:58 4860 ----a-w- c:\windows\inf\d3dx9_32_x86.PNF
2009-03-08 12:18:32 2796196 ----a-w- c:\windows\inf\inetres.adm
2009-03-08 12:18:28 13748 ----a-w- c:\windows\inf\iem\0405\inetcorp.iem
2008-09-12 16:28:41 11928 ----a-w- c:\windows\inf\wceusbsh.PNF
2008-07-18 10:46:16 8298 ----a-w- c:\windows\inf\oem24.PNF
2008-06-27 07:53:12 110792 ----a-w- c:\windows\inf\oem20.PNF
2008-06-27 07:37:42 175313 ----a-w- c:\windows\inf\oem20.inf
2008-06-27 07:25:05 62380 ----a-w- c:\windows\inf\font.PNF
2008-06-20 07:17:55 146476 ----a-w- c:\windows\inf\prtupg9x.PNF
2008-06-20 07:13:00 5936 ----a-w- c:\windows\inf\oem16.PNF
2008-06-20 05:43:57 61308 ----a-w- c:\windows\inf\msnetmtg.PNF
2008-06-19 05:33:47 2204 ----a-w- c:\windows\inf\msxpsdrv.inf
2008-06-18 06:58:50 101948 ----a-w- c:\windows\inf\syssetup.PNF
2008-06-18 06:44:12 41076 ----a-w- c:\windows\inf\sceregvl.PNF
2008-06-18 06:44:05 36124 ----a-w- c:\windows\inf\msoe50.PNF
2008-06-18 06:43:36 3704 ----a-w- c:\windows\inf\netfw.PNF
2008-06-18 06:31:06 6900 ----a-w- c:\windows\inf\hdaudbus.PNF
2008-06-18 06:31:02 10964 ----a-w- c:\windows\inf\sdbus.PNF
2008-06-18 06:31:01 222468 ----a-w- c:\windows\inf\drvindex.PNF
2008-06-18 06:31:01 1056884 ----a-w- c:\windows\inf\LAYOUT.PNF
2008-06-18 06:31:00 25924 ----a-w- c:\windows\inf\bth.PNF
2008-05-27 16:45:48 118040 ----a-w- c:\windows\inf\oem14.PNF
2008-05-27 16:45:19 5900 ----a-w- c:\windows\inf\GEARAspiWDM.PNF
2008-04-14 08:49:42 411768 ----a-w- c:\windows\inf\layout.inf
2008-04-14 07:16:02 239806 ----a-w- c:\windows\inf\tsoc.inf
2008-04-14 07:16:00 858162 ----a-w- c:\windows\inf\iis.inf
2008-04-13 20:15:00 1498978 ----a-w- c:\windows\inf\ntprint.inf
2008-04-13 20:14:26 925108 ----a-w- c:\windows\inf\intl.inf
2008-04-13 20:13:44 67899 ----a-w- c:\windows\inf\drvindex.inf
2008-04-03 03:03:00 143174 ----a-w- c:\windows\inf\oem14.inf
2008-03-28 19:33:26 16034 ----a-w- c:\windows\inf\fp40ext.inf
2008-03-23 13:22:17 82480 ----a-w- c:\windows\inf\oem13.PNF
2008-03-23 13:06:21 101800 ----a-w- c:\windows\inf\oem12.PNF
2008-03-23 12:58:05 8020 ----a-w- c:\windows\inf\wmp11.PNF
2008-03-23 12:58:05 5256 ----a-w- c:\windows\inf\WPDMTPHW.PNF
2008-03-23 12:58:05 12016 ----a-w- c:\windows\inf\wpdmtp.PNF
2008-03-05 16:48:28 7720 ----a-w- c:\windows\inf\oem11.PNF
2008-02-28 21:54:59 5752 ----a-w- c:\windows\inf\iereset.PNF
2008-02-28 21:53:55 5844 ----a-w- c:\windows\inf\multiprt.PNF
2008-02-28 21:53:55 3696 ----a-w- c:\windows\inf\netclass.PNF
2008-02-28 21:53:54 3972 ----a-w- c:\windows\inf\legcydrv.PNF
2008-02-28 21:53:50 3260 ----a-w- c:\windows\inf\SVCPACK.PNF
2008-02-28 15:06:39 3988 ----a-w- c:\windows\inf\wmsetsdk.PNF
2008-02-28 15:04:28 44964 ----a-w- c:\windows\inf\printupg.PNF
2008-02-28 14:57:12 10524 ----a-w- c:\windows\inf\WPD10.PNF
2008-02-28 14:57:09 22146 ----a-w- c:\windows\inf\WMDM10.PNF
2008-02-28 14:56:59 10744 ----a-w- c:\windows\inf\WMFSDK10.PNF
2008-02-28 14:56:57 13082 ----a-w- c:\windows\inf\codecs10.PNF
2008-02-28 14:56:55 6770 ----a-w- c:\windows\inf\DRM10.PNF
2008-02-28 14:56:52 6178 ----a-w- c:\windows\inf\MPPRE10.PNF
2008-02-28 14:56:34 4858 ----a-w- c:\windows\inf\d3dx9_30_x86.PNF
2008-02-28 14:56:33 4858 ----a-w- c:\windows\inf\d3dx9_28_x86.PNF
2008-02-28 14:52:55 108468 ----a-w- c:\windows\inf\monitor.PNF
2008-02-28 14:36:43 8240 ----a-w- c:\windows\inf\oem9.PNF
2008-02-28 14:35:58 204844 ----a-w- c:\windows\inf\oem8.PNF
2008-02-28 14:35:58 10038 ----a-w- c:\windows\inf\oem7.PNF
2008-02-28 14:35:29 16764 ----a-w- c:\windows\inf\oem6.PNF
2008-02-28 14:32:23 20252 ----a-w- c:\windows\inf\bda.PNF
2008-02-28 14:32:16 9668 ----a-w- c:\windows\inf\ccdecode.PNF
2008-02-28 14:32:14 110688 ----a-w- c:\windows\inf\oem5.PNF
2008-02-28 14:32:00 8760 ----a-w- c:\windows\inf\dshowext.PNF
2008-02-28 14:30:03 11836 ----a-w- c:\windows\inf\modemcsa.PNF
2008-02-28 14:29:45 96460 ----a-w- c:\windows\inf\oem4.PNF
2008-02-28 14:28:57 240164 ----a-w- c:\windows\inf\oem3.PNF
2008-02-28 14:28:52 45016 ----a-w- c:\windows\inf\wdmaudio.PNF
2008-02-28 14:28:11 279152 ----a-w- c:\windows\inf\oem2.PNF
2008-02-28 14:27:28 41404 ----a-w- c:\windows\inf\hdaudio.PNF
2008-02-28 14:18:59 72408 ----a-w- c:\windows\inf\oem1.PNF
2008-02-28 14:18:58 39292 ----a-w- c:\windows\inf\msdv.PNF
2008-02-28 14:17:11 5960 ----a-w- c:\windows\inf\oem0.PNF
2008-02-28 14:16:11 7800 ----a-w- c:\windows\inf\certclas.PNF
2008-02-28 14:16:11 11836 ----a-w- c:\windows\inf\hal.PNF
2008-02-28 14:13:42 21368 ----a-w- c:\windows\inf\wab50.PNF
2008-02-28 14:13:41 87736 ----a-w- c:\windows\inf\msmsgs.PNF
2008-02-28 14:13:37 16784 ----a-w- c:\windows\inf\wordpad.PNF
2008-02-18 10:16:24 2488 ----a-w- c:\windows\inf\oem11.inf
2007-11-21 16:45:46 2222 ----a-r- c:\windows\inf\oem24.inf
2007-10-15 18:27:40 1803734 ----a-w- c:\windows\inf\system.adm
2007-10-04 08:12:30 39158 ------w- c:\windows\inf\iem\0405\inetset.iem
2007-06-11 14:09:16 26290 ----a-w- c:\windows\inf\oem40.inf
2007-06-06 02:55:00 175313 ----a-r- c:\windows\inf\oem5.inf
2007-05-24 13:15:22 3118 ----a-w- c:\windows\inf\oem33.inf
2007-05-02 11:00:32 84470 ----a-r- c:\windows\inf\oem13.inf
2007-05-02 11:00:32 113687 ----a-r- c:\windows\inf\oem12.inf
2007-04-24 13:57:46 7864 ----a-w- c:\windows\inf\oem39.inf
2007-03-19 05:32:54 53100 ----a-r- c:\windows\inf\oem1.inf
2007-03-14 15:13:20 69570 ----a-w- c:\windows\inf\wmplayer.adm
2007-03-01 17:08:20 2649 ----a-w- c:\windows\inf\oem38.inf
2007-01-27 10:22:40 38142 ----a-w- c:\windows\inf\AER_1048.ADM
2007-01-24 09:13:22 4735 ----a-r- c:\windows\inf\oem9.inf
2007-01-22 10:26:52 6515 ----a-w- c:\windows\inf\oem34.inf
2007-01-18 12:09:10 14384 ----a-w- c:\windows\inf\oem6.inf
2007-01-18 00:58:58 34980 ----a-w- c:\windows\inf\AER_1055.ADM
2007-01-05 20:33:38 2434 ------w- c:\windows\inf\wmp11.inf
2006-12-08 23:12:22 36968 ----a-w- c:\windows\inf\AER_1049.ADM
2006-12-02 07:03:06 36652 ----a-w- c:\windows\inf\AER_1035.ADM
2006-11-30 18:43:00 2924 ----a-w- c:\windows\inf\oem32.inf
2006-11-22 09:28:12 79817 ----a-r- c:\windows\inf\oem4.inf
2006-11-20 17:07:12 2636 ----a-w- c:\windows\inf\oem36.inf
2006-11-15 05:31:34 160198 ----a-w- c:\windows\inf\oem3.inf
2006-11-06 16:04:56 63596 ----a-w- c:\windows\inf\oem23.inf
2006-10-11 09:35:00 3513 ----a-w- c:\windows\inf\oem35.inf
2006-10-03 07:27:00 2961 ----a-w- c:\windows\inf\oem37.inf
2006-09-24 20:30:38 37996 ----a-w- c:\windows\inf\AER_1043.ADM
2006-09-24 20:27:32 34898 ----a-w- c:\windows\inf\AER_1053.ADM
2006-09-13 22:58:36 33980 ----a-w- c:\windows\inf\AER_1054.ADM
2006-09-13 09:31:32 35984 ----a-w- c:\windows\inf\AER_2068.ADM
2006-09-11 16:00:24 8019 ----a-w- c:\windows\inf\wpdmtp.inf
2006-09-01 09:30:22 37634 ----a-w- c:\windows\inf\AER_1027.ADM
2006-08-21 06:11:50 274680 ----a-r- c:\windows\inf\oem2.inf
2006-06-01 02:13:28 374567 ----a-w- c:\windows\inf\oem8.inf
2006-05-30 15:18:10 3293 ----a-w- c:\windows\inf\oem22.inf
2006-05-25 12:34:04 35928 ----a-w- c:\windows\inf\AER_1081.ADM
2006-05-25 12:09:32 4717 ----a-w- c:\windows\inf\oem7.inf
2006-05-04 04:41:52 23312 ----a-w- c:\windows\inf\AER_3076.ADM
2006-04-25 09:09:36 1816 ------w- c:\windows\inf\WPDMTPHW.INF
2006-03-08 07:57:18 3432 ----a-w- c:\windows\inf\oem21.inf
2006-02-15 16:22:08 36736 ----a-w- c:\windows\inf\AER_2074.ADM
2006-02-09 15:34:02 36456 ----a-w- c:\windows\inf\AER_1058.ADM
2006-02-09 08:33:22 37104 ----a-w- c:\windows\inf\AER_1063.ADM
2006-02-09 02:46:46 37316 ----a-w- c:\windows\inf\AER_1026.ADM
2006-02-08 05:39:16 35884 ----a-w- c:\windows\inf\AER_1062.ADM
2006-02-02 03:02:56 35922 ----a-w- c:\windows\inf\AER_1061.ADM
2006-02-01 21:15:26 36702 ----a-w- c:\windows\inf\AER_1050.ADM
2006-01-30 17:05:52 31654 ----a-w- c:\windows\inf\AER_1037.ADM
2006-01-26 06:35:12 36188 ----a-w- c:\windows\inf\AER_1060.ADM
2006-01-25 19:50:34 36366 ----a-w- c:\windows\inf\AER_1051.ADM
2005-10-12 11:28:48 39376 ----a-w- c:\windows\inf\AER_1032.ADM
2005-09-14 18:14:20 36256 ----a-w- c:\windows\inf\AER_1038.ADM
2005-09-14 07:34:06 37184 ----a-w- c:\windows\inf\AER_2070.ADM
2005-08-17 08:00:04 35566 ----a-w- c:\windows\inf\AER_1044.ADM
2005-07-15 09:12:54 37028 ----a-w- c:\windows\inf\AER_1045.ADM
2005-06-29 11:20:08 36986 ----a-w- c:\windows\inf\AER_1030.ADM
2005-06-22 12:13:24 37516 ----a-w- c:\windows\inf\AER_1046.ADM
2005-01-07 16:09:30 52614 ----a-w- c:\windows\inf\hdaudio.inf
2004-09-14 03:09:34 33672 ----a-w- c:\windows\inf\AER_1025.ADM
2004-08-11 00:45:06 3954 ----a-w- c:\windows\inf\wpd10.inf
2004-08-11 00:45:04 4668 ----a-w- c:\windows\inf\WMFSDK10.inf
2004-08-11 00:45:04 4395 ----a-w- c:\windows\inf\codecs10.inf
2004-08-11 00:45:04 1911 ----a-w- c:\windows\inf\DRM10.inf
2004-08-11 00:45:04 16724 ----a-w- c:\windows\inf\WMDM10.inf
2003-07-18 13:44:18 36782 ----a-w- c:\windows\inf\AER_1029.ADM
2003-07-18 13:42:28 39132 ----a-w- c:\windows\inf\AER_1040.ADM
2003-07-18 13:37:32 38066 ----a-w- c:\windows\inf\AER_3082.ADM
2003-07-12 01:55:58 23748 ----a-w- c:\windows\inf\AER_2052.ADM
2003-07-12 01:52:10 26616 ----a-w- c:\windows\inf\AER_1042.ADM
2003-07-12 01:48:02 23282 ----a-w- c:\windows\inf\AER_1028.ADM
2003-07-12 01:43:56 26292 ----a-w- c:\windows\inf\AER_1041.ADM
2003-07-12 01:40:04 39516 ----a-w- c:\windows\inf\AER_1031.ADM
2003-01-13 16:11:20 39366 ----a-w- c:\windows\inf\AER_1036.ADM
2002-10-10 07:44:12 34066 ----a-w- c:\windows\inf\AER_1033.ADM
2009-03-29 13:59:17 20992 --sha-w- c:\windows\Thumbs.db
2007-10-29 12:00:00 48680 --sh--w- c:\windows\winnt.bmp
2007-10-29 12:00:00 48680 --sh--w- c:\windows\winnt256.bmp
2008-02-28 14:20:20 227 --sha-r- c:\windows\assembly\Desktop.ini
2007-10-29 12:00:00 2855648 --sh--r- c:\windows\pchealth\helpctr\packagestore\instance_Professional_32_1029.cab
2008-02-28 14:07:53 783 --sh--r- c:\windows\pchealth\helpctr\packagestore\package_1.cab
2008-02-28 14:07:53 20362 --sh--r- c:\windows\pchealth\helpctr\packagestore\package_2.cab
2008-02-28 14:07:53 246649 --sh--r- c:\windows\pchealth\helpctr\packagestore\package_3.cab
2007-10-29 12:00:00 7068 --sh--r- c:\windows\pchealth\helpctr\packagestore\package_4.cab
2007-10-29 12:00:00 339653 --sh--r- c:\windows\pchealth\helpctr\packagestore\package_5.cab
2008-06-18 06:29:08 354884 --sh--r- c:\windows\pchealth\helpctr\packagestore\package_6.cab
2009-03-29 13:56:53 5120 --sha-w- c:\windows\shellnew\Thumbs.db
2009-03-29 13:56:54 5120 --sha-w- c:\windows\system32\Thumbs.db
2008-02-28 21:53:50 62 --sha-w- c:\windows\system32\config\systemprofile\data aplikací\desktop.ini
2008-02-28 21:53:50 62 --sha-w- c:\windows\system32\config\systemprofile\local settings\desktop.ini
2008-02-28 14:11:58 113 --sh--w- c:\windows\system32\config\systemprofile\local settings\history\desktop.ini
2008-02-28 14:11:58 113 --sh--w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\desktop.ini
2008-06-18 11:56:55 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008061820080619\index(1).dat
2008-06-18 06:42:51 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008061820080619\index.dat
2008-02-28 14:11:58 67 --sh--w- c:\windows\system32\config\systemprofile\local settings\temporary internet files\desktop.ini
2008-02-28 14:11:58 67 --sh--w- c:\windows\system32\config\systemprofile\local settings\temporary internet files\content.ie5\desktop.ini
2008-02-28 14:11:58 67 --sh--w- c:\windows\system32\config\systemprofile\local settings\temporary internet files\content.ie5\il0s2gvy\desktop.ini
2008-02-28 14:11:58 67 --sh--w- c:\windows\system32\config\systemprofile\local settings\temporary internet files\content.ie5\oz0uoa8o\desktop.ini
2008-02-28 14:11:58 67 --sh--w- c:\windows\system32\config\systemprofile\local settings\temporary internet files\content.ie5\y54slyb1\desktop.ini
2008-02-28 14:11:58 67 --sh--w- c:\windows\system32\config\systemprofile\local settings\temporary internet files\content.ie5\yuh1pax8\desktop.ini
2008-02-28 21:53:50 62 --sha-w- c:\windows\system32\config\systemprofile\nabídka start\desktop.ini
2008-02-28 14:08:38 145 --sha-w- c:\windows\system32\config\systemprofile\nabídka start\programy\desktop.ini
2008-02-28 14:08:38 84 --sha-w- c:\windows\system32\config\systemprofile\nabídka start\programy\po spuštění\desktop.ini
2008-02-28 14:08:38 521 --sha-w- c:\windows\system32\config\systemprofile\nabídka start\programy\příslušenství\desktop.ini
2008-02-28 14:08:38 293 --sha-w- c:\windows\system32\config\systemprofile\nabídka start\programy\příslušenství\usnadnění\desktop.ini
2008-02-28 14:08:38 84 --sha-w- c:\windows\system32\config\systemprofile\nabídka start\programy\příslušenství\zábava\desktop.ini
2008-02-28 14:07:38 188 --sha-w- c:\windows\system32\config\systemprofile\sendto\desktop.ini
2006-12-28 22:31:32 19569 --sh--r- c:\windows\system32\restore\filelist.xml
2009-03-29 13:56:54 7168 --sha-w- c:\windows\web\Thumbs.db

============= FINISH: 17:01:17,73 ===============

[Karel ZYKMUND]

Ahoj, silnice jsou desne ale u vas to je asi stejne

PC se chova stale podezrele, kdyz jsem ted notebook zavrel tak se neprepl do usporneho rezimu a nekdy je celou dobu zaply jen s vyplou obrazovkou a pak kdyz se dotknu klavesnice ze ho probudim k praci tak v ten okamzik se prave vypne.

ComboFix 10-01-04.01 - User 08.01.2010 23:23:58.8.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2047.1397 [GMT 1:00]
Spuštěný z: c:\documents and settings\User\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Thumbs.db

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-08 do 2010-01-08 )))))))))))))))))))))))))))))))
.

2010-01-08 12:18 . 2010-01-08 12:18 -------- d-----w- c:\program files\Common Files\Skype
2009-12-29 22:10 . 2008-04-14 07:51 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-12-29 22:04 . 2007-06-11 13:25 41856 ----a-w- c:\windows\system32\drivers\tosrfusb.sys
2009-12-29 22:04 . 2007-04-24 12:20 113920 ----a-w- c:\windows\system32\drivers\tosrfbd.sys
2009-12-29 22:04 . 2007-03-01 15:53 73728 ----a-w- c:\windows\system32\drivers\Tosrfhid.sys
2009-12-29 22:04 . 2005-07-11 17:58 3712 ----a-w- c:\windows\system32\drivers\Toshidpt.sys
2009-12-29 22:04 . 2006-11-20 16:55 36480 ----a-w- c:\windows\system32\drivers\tosrfbnp.sys
2009-12-29 22:04 . 2005-01-06 12:42 18612 ----a-w- c:\windows\system32\drivers\tosrfnds.sys
2009-12-29 22:04 . 2007-01-22 09:43 53376 ----a-w- c:\windows\system32\drivers\TosRfSnd.sys
2009-12-29 22:04 . 2007-05-24 13:27 64000 ----a-w- c:\windows\system32\drivers\tosrfcom.sys
2009-12-29 22:04 . 2006-10-10 18:33 41600 ----a-w- c:\windows\system32\drivers\tosporte.sys
2009-12-29 22:03 . 2009-12-29 22:03 -------- d-----w- c:\program files\Toshiba
2009-12-15 17:20 . 2008-04-13 23:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-08 12:18 . 2008-03-04 21:46 -------- d-----r- c:\program files\Skype
2010-01-06 00:12 . 2007-10-29 12:00 84378 ----a-w- c:\windows\system32\perfc005.dat
2010-01-06 00:12 . 2007-10-29 12:00 441160 ----a-w- c:\windows\system32\perfh005.dat
2009-12-10 08:05 . 2008-06-19 09:17 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-11-25 22:39 . 2009-11-25 22:39 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-11-24 13:28 . 2009-11-24 13:28 390144 ----a-w- c:\windows\system32\CF28268.exe
2009-11-18 13:25 . 2009-11-12 20:31 -------- d-----w- c:\program files\TeamViewer
2009-11-13 14:26 . 2008-06-19 09:19 -------- d-----w- c:\program files\totalcmd
2009-11-12 21:19 . 2008-03-04 21:47 -------- d-----w- c:\program files\Google
2009-10-29 07:43 . 2007-10-29 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2007-10-29 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2007-10-29 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2007-10-29 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2007-10-29 12:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2007-10-29 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2007-10-29 12:00 150016 ----a-w- c:\windows\system32\rastls.dll
2008-06-18 11:56 . 2008-06-18 11:57 32768 --sha-w- c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008061820080619\index(1).dat
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2006-10-01 139322]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-27 247144]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-11-09 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-06-29 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16270848]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-07-10 851968]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-02-28 37232]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2008-02-28 33136]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2007-05-11 2512392]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Karel Zikmund\Nabˇdka Start\Programy\Po spuçtŘnˇ\
CCC.lnk - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-9-29 49152]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2008-10-2 546288]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Acer\\ProjectorGateway\\AcerProjectorGateway.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 14:47 107256]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 21:03 660768]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 14:47 731840]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [28.3.2009 22:18 55152]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\system32\StkCSrv.exe [28.2.2008 15:32 24576]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [27.8.2009 16:05 92008]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\drivers\StkCMini.sys [28.2.2008 15:32 1260672]
S2 gupdate1c993b08a607838;Služba Google Update (gupdate1c993b08a607838);c:\program files\Google\Update\GoogleUpdate.exe [21.2.2009 00:11 133104]
S3 Asushwio;Asushwio;c:\windows\system32\drivers\Asushwio.sys [28.2.2008 15:14 5824]
S3 fsssvc;Windows Live Zabezpečení rodiny;c:\program files\Windows Live\Family Safety\fsssvc.exe [6.2.2009 18:08 533360]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 11:47 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-01-08 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-05-20 17:17]

2010-01-05 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 15:57]

2010-01-08 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-20 14:46]

2010-01-08 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-20 23:11]

2010-01-08 c:\windows\Tasks\User_Feed_Synchronization-{3607E8A8-277C-41D2-98FA-C4010CC5ACF3}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Settings,ProxyOverride = <local>;
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Přizpůsobit Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RF Nástrojová lišta - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Uložit formuláře - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Vyplnit formulář - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-08 23:27
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="C47115C00F37A67294E1E069447DBC9E43325C25AF6A5C4787445EF3424E9A1A886DF96F30077557D4AC4EDAC3FE4FE59177AB41FEFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B98088EDD5E5BE2F6E6675D575E7D6A3B98081CA1B2CDA8F31CF2891D97137C955418B1CF3ACCFA6DD8E457764F181E9B1A85704101BA33569B02AD4A8CE1A6890F668562DD2C5C468634DB26CF069A042E2632646DD989321C4B6C5AC907B317B16220BCE6B52A028796F78DA96B2AC96C7D2C44667A581EF270794BF0C20B2B12ACBDC0C5B7A583D14C1595BF4004E48C078FF2E0E3F0CAB7497072A6C4B549C8188329706EB0C120447C7DF67082628970EFCFD3CD4877C662CCF613346107B3AE7502E18E52C9EFA5DF55BB5D2863229BC6933A66F6F8BFFAF1D3E32BE08EF22D002B95BE353804C9CF04FBDA9799591F6F48144C3AB98885A2DA48B7A91FEC026F5B8F1AA942E2BCC4C32A2E98CF78472CCDE51772B6462B0BADF5DAD50A4AD3F71AD32E20AED3C29A20BC96176107111FD5374F2581674637C5A40B2335F7F9AF44EB80B058E8CE91FD2FC223BDD72F51669271FB3E1CE598ED12B3F29BA782900B660796AFF18CCA1100D6F0E9FB88305B886EC12857CE84C6FD314C4CCD2C7972552BB13686D6CE63B06A57FE4AB70BE32D2B688A5278B442ADD6D76824EBABD4CC4E0205FEC18A53C90A5428DE8A1782178185C7098D46AA6AE8E4A6A66ACEDCE743B146F912CB1255B6852619056B8DE1BDD055BAEEBA1A7F24E3D19805EC0DC24F88B9DB40C4A5DFE230CC1BDB86AF2E21A8BAEBAE77803EB36BC6FC4BF339012F78B148FA8F68FEF63C844D7A47E81FE00D186615C521FA3B36789E03B70B46919297A9A3260748CE34CA5900728A5C26A11C331D54168E50A06D0A226CFDBD980E642FCFE704D53BC9AD303EAFBB910DB18DA4F632C8557CADC010D7ADE315DB45A8CAC818B3C6004F53033B0DF66E272945CE065779B03E031E4604FAE1FC663887B18BDDC23E543E734A32798CA6F998318A619A3D8588694B85B9B46FAA3889375E4A47AC61E4B1D941914A1D71FD35D0F155BB7A3BC0D09B6B43A259D9437F05116A40C4DCD168E666FBB8210B21D7BBE5E059EDBE404AFA581DEE42C5ED064E48069D2F5D30488F7D485EE233C37D990B37FBA502D50B677275A69CB214AB874D6A96E61785D85C8C7FBD812D3AC6A7C9418B8777C2EDF2A2B33EB26405A2B7A897C63840504567DFE2BA6FC0CD79384D97554B9A3EEF4315EE8B212483C1F9A8C5AE47137E5D6406629E7239BCFCAF070E0AF9E57133133CF4485841C505FCDFDBAF87CDF49594D2A5932667B65F88A9A4C076D97A7E314C44139D0DF88B05A479924435"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1072)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-01-08 23:29:26
ComboFix-quarantined-files.txt 2010-01-08 22:29
ComboFix2.txt 2009-11-24 13:40

Před spuštěním: 555.749.376
Po spuštění: 545.550.336

- - End Of File - - 38675CFD51872A76CBFC013130217967

[Karel ZYKMUND]

Ahoj Toshiba se mi nainstalovala v souvislosti s Bluetooth managerem. Podobnou neplechu to delalo i pred tim a od vcerejska jsem zaznamenal i problemy s internet explorerem - nekdy se nenacte stranka jak kdybych nebyl na netu a nekdy se zas zasekne hned po otevreni a nenacte se ani domovska stranka. Zacina to poruznu zlobit.

Hezky vecer na Kyjovsko