VIRY.CZ

Ted tam je v modrem okně napsáno připojuji se k http://download.microsoft.com a je tam 100% a zatim nic nedělá

No, pokud se pořád nic neděje (dejte tomu 5minut), tak dejte nový RSIT log. Třeba jeden z nástrojů zabral a havěť smazal.

Tak hotovo.. Combofix trval hodinu... mám log..

ComboFix 10-02-18.03 - Lukáš 18.02.2010 20:44:39.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1279.772 [GMT 1:00]
Spuštěný z: c:\documents and settings\Lukáš\Plocha\mrcha.com.exe
AV: avast! antivirus 4.8.1368 [VPS 100216-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
PEV Error: PersonalFile

((((((((((((((((((((((((( Soubory vytvořené od 2010-01-18 do 2010-02-18 )))))))))))))))))))))))))))))))
.

2010-02-18 17:12 . 2010-02-18 17:12 -------- d-----w- C:\_OTM
2010-02-17 10:25 . 2008-04-13 18:41 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-02-17 10:25 . 2008-04-13 18:41 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-02-17 10:22 . 2001-08-17 19:13 27165 -c--a-w- c:\windows\system32\dllcache\fetnd5.sys
2010-02-17 10:22 . 2001-08-17 19:13 27165 ----a-w- c:\windows\system32\drivers\fetnd5.sys
2010-02-17 10:20 . 2008-04-13 18:45 52864 -c--a-w- c:\windows\system32\dllcache\dmusic.sys
2010-02-17 10:20 . 2008-04-13 18:45 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2010-02-17 10:20 . 2008-04-13 18:40 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-02-17 10:20 . 2008-04-13 18:40 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2010-02-17 10:15 . 2010-02-17 10:15 148 ----a-w- c:\windows\system32\fjhdyfhsn.bat
2010-02-17 10:14 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-02-17 10:14 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-02-16 21:34 . 2010-02-16 21:34 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-09 12:04 . 2010-02-09 12:04 -------- d-----w- c:\windows\nview
2010-02-09 12:04 . 2008-05-16 13:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2010-02-09 11:25 . 2010-02-09 11:25 -------- d-----w- c:\program files\Ubisoft
2010-02-08 19:24 . 2010-02-08 19:24 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-02-07 20:05 . 2010-02-07 20:05 -------- d-----w- c:\program files\NeroInstall.bak
2010-02-07 19:59 . 2010-02-07 20:02 -------- d-----w- c:\program files\Common Files\Nero
2010-02-07 19:22 . 2010-02-07 19:22 -------- d-----w- c:\program files\Ask.com
2010-02-07 19:22 . 2010-02-07 19:22 -------- d-----w- c:\program files\uTorrent
2010-02-07 18:39 . 2010-02-07 18:39 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-02-07 12:21 . 2010-02-15 18:16 -------- d-----w- c:\program files\The Hell in Vietnam
2010-02-07 12:19 . 2010-02-07 12:20 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-02-07 12:19 . 2010-02-07 12:20 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-02-07 09:24 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-07 09:24 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-06 20:14 . 2010-02-06 20:15 -------- d-----w- c:\program files\trend micro
2010-02-06 20:14 . 2010-02-06 20:15 -------- d-----w- C:\rsit
2010-02-06 12:54 . 2010-02-06 12:54 -------- d-----w- c:\windows\system32\oodag
2010-02-06 12:41 . 2010-02-06 12:41 -------- d-----w- c:\program files\OO Software
2010-02-05 14:46 . 2010-02-05 16:10 -------- d-----w- c:\windows\Globalization
2010-02-05 14:40 . 2008-04-13 18:45 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2010-02-05 14:40 . 2008-04-13 18:45 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2010-02-05 14:34 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-02-05 14:32 . 2010-02-05 14:32 -------- d-----w- c:\program files\Common Files\PCSuite
2010-02-05 14:31 . 2010-02-05 16:10 -------- d-----w- c:\program files\Common Files\Nokia
2010-02-05 14:31 . 2010-02-05 14:31 -------- d-----w- c:\program files\DIFX
2010-02-05 14:31 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-02-05 14:31 . 2010-02-05 14:31 -------- d-----w- c:\program files\PC Connectivity Solution
2010-02-05 14:31 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-02-05 14:30 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-02-05 14:30 . 2009-10-06 10:52 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-02-05 14:30 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2010-02-05 14:30 . 2009-10-06 10:52 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-02-05 14:30 . 2009-10-06 10:52 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-02-05 14:30 . 2009-10-06 10:52 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-02-05 14:30 . 2010-02-05 16:10 -------- d-----w- c:\program files\Nokia
2010-01-30 10:50 . 2010-01-30 10:50 -------- d-sh--w- c:\windows\ftpcache
2010-01-29 20:29 . 2010-01-29 19:24 15688 ----a-w- c:\windows\system32\lsdelete.exe
2010-01-29 19:24 . 2010-01-29 19:23 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-01-29 13:59 . 1998-11-13 11:58 307200 ----a-w- c:\windows\IsUn0405.exe
2010-01-27 21:15 . 2010-01-27 21:15 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-01-26 18:36 . 2010-01-26 18:36 -------- d--h--w- c:\windows\msdownld.tmp
2010-01-26 18:35 . 2010-01-26 18:36 -------- d-----w- c:\program files\QIP
2010-01-25 17:21 . 2010-01-25 17:21 -------- d-----w- c:\program files\Archiving
2010-01-24 15:17 . 2005-06-24 15:24 438272 ----a-r- c:\windows\system32\vp6vfw.dll
2010-01-24 12:04 . 2010-01-24 12:05 -------- d-----w- c:\program files\VDOWNLOADER
2010-01-24 12:04 . 2010-01-24 12:04 -------- d-----w- c:\program files\Common Files\eBay
2010-01-23 21:23 . 2010-02-05 19:07 -------- d-----w- c:\program files\DivX
2010-01-22 16:14 . 2010-01-22 16:14 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-01-21 23:04 . 2006-12-08 11:02 251672 ----a-w- c:\windows\system32\xactengine2_5.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-07 19:59 . 2010-01-05 19:43 -------- d-----w- c:\program files\Nero
2010-02-07 09:35 . 2010-01-17 19:56 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-07 09:02 . 2010-01-02 11:52 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-06 19:54 . 2004-08-18 12:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2010-02-06 19:54 . 2004-08-18 12:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2010-02-06 19:43 . 2010-01-15 20:57 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-02-06 17:49 . 2010-01-17 14:37 -------- d-----w- c:\program files\Skype
2010-02-05 19:09 . 2010-01-17 14:33 -------- d-----w- c:\program files\IrfanView
2010-02-05 14:42 . 2010-02-05 14:42 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-05 14:42 . 2010-02-05 14:42 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-02-05 14:34 . 2010-02-05 14:34 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-02-05 14:34 . 2010-02-05 14:34 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-01-25 18:37 . 2010-01-17 18:55 -------- d-----w- c:\program files\Lavasoft
2010-01-24 12:52 . 2010-01-10 09:59 -------- d-----w- c:\program files\Ashampoo
2010-01-23 21:24 . 2010-01-23 21:23 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-01-23 19:25 . 2010-01-02 11:43 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-18 19:39 . 2010-01-18 19:39 -------- d-----w- c:\program files\Common Files\ACTIV Software
2010-01-18 19:39 . 2010-01-18 19:39 -------- d-----w- c:\program files\ACTIV Software
2010-01-17 20:59 . 2010-01-17 20:59 -------- d-----w- c:\program files\Opera
2010-01-17 14:38 . 2010-01-17 14:38 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-17 14:37 . 2010-01-17 14:37 -------- d-----w- c:\program files\Common Files\Skype
2010-01-15 23:05 . 2010-01-15 23:05 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-15 20:11 . 2010-01-05 19:43 -------- d-----w- c:\program files\Common Files\Ahead
2010-01-14 19:00 . 2010-01-14 19:00 -------- d-----w- c:\program files\Webteh
2010-01-14 18:28 . 2010-01-14 18:28 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-01-14 18:27 . 2010-01-14 18:28 737280 ----a-w- c:\windows\iun6002.exe
2010-01-12 15:46 . 2010-01-12 15:46 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-01-11 22:46 . 2010-01-11 21:19 126984 ----a-w- c:\windows\hpoins11.dat
2010-01-11 22:45 . 2010-01-11 21:00 -------- d-----w- c:\program files\HP
2010-01-11 22:44 . 2010-01-11 22:43 -------- d-----w- c:\program files\Common Files\HP
2010-01-11 22:42 . 2010-01-11 22:41 -------- d-----w- c:\program files\Hewlett-Packard
2010-01-11 22:41 . 2010-01-11 22:41 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2010-01-11 18:54 . 2010-01-11 18:54 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2010-01-11 18:54 . 2010-01-11 18:54 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2010-01-11 18:51 . 2010-01-11 18:51 -------- d-----w- c:\program files\Common Files\LogiShared
2010-01-11 18:51 . 2010-01-11 18:51 127034 ------r- c:\windows\bwUnin-8.1.1.50-8876480SL.exe
2010-01-11 18:51 . 2010-01-11 18:49 -------- d-----w- c:\program files\Logitech
2010-01-11 18:49 . 2010-01-11 18:49 -------- d-----w- c:\program files\Common Files\Logitech
2010-01-10 11:21 . 2010-01-02 11:14 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-10 11:21 . 2010-01-02 11:14 2684 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-10 11:15 . 2010-01-02 11:14 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-10 10:06 . 2010-01-10 10:06 -------- d-----w- c:\program files\MSBuild
2010-01-10 10:06 . 2010-01-10 10:06 -------- d-----w- c:\program files\Reference Assemblies
2010-01-10 09:59 . 2010-01-10 09:59 -------- d-----w- c:\program files\MSXML 6.0
2010-01-05 19:24 . 2010-01-05 19:24 0 ----a-w- c:\windows\nsreg.dat
2010-01-05 19:18 . 2010-01-05 19:18 -------- d-----w- c:\program files\Windows Media Connect 2
2010-01-05 18:55 . 2010-01-05 18:55 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-05 18:53 . 2010-01-02 12:43 -------- d-----w- c:\program files\ATI Technologies
2010-01-05 17:42 . 2010-01-05 17:42 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-02 12:44 . 2010-01-02 12:44 -------- d-----w- c:\program files\Microsoft.NET
2010-01-02 12:33 . 2010-01-02 12:33 -------- d-----w- c:\program files\Alwil Software
2010-01-02 11:52 . 2010-01-02 11:52 -------- d-----w- c:\program files\C-Media 3D Audio
2010-01-02 11:15 . 2010-01-02 11:15 -------- d-----w- c:\program files\microsoft frontpage
2010-01-02 11:11 . 2010-01-02 11:11 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2004-08-18 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 23:14 . 2010-01-15 20:58 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2009-12-17 23:08 . 2010-01-15 20:58 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2009-12-17 07:42 . 2010-01-02 11:10 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-18 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-04 18:22 . 2004-08-18 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2004-08-18 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2004-08-17 15:49 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2004-08-18 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2004-08-18 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2004-08-18 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2004-08-17 15:49 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-24 23:54 . 2010-01-02 12:33 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2010-01-02 12:33 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2010-01-02 12:33 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:49 . 2010-01-02 12:33 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2010-01-02 12:33 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2010-01-02 12:33 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2010-01-02 12:33 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2004-08-18 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}"= "c:\program files\Internet Explorer\qipsearchbar.dll" [2009-07-09 150768]

[HKEY_CLASSES_ROOT\clsid\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[HKEY_CLASSES_ROOT\qipbar.QIPBHO.1]
[HKEY_CLASSES_ROOT\qipbar.QIPBHO]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
2009-07-09 11:08 150768 ----a-w- c:\program files\Internet Explorer\qipsearchbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-09-02 13:56 1175944 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-09-02 1175944]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-02-07 319280]
"Google Update"="c:\documents and settings\Lukáš\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-02-08 135664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Luk ç\Nabˇdka Start\Programy\Po spuçtŘnˇ\
netuza32.exe [2008-4-14 23040]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" silent
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" -autorun
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"OODefragTray"=c:\program files\OO Software\Defrag\oodtray.exe
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
"Ad-Watch"=c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Documents and Settings\\Lukáš\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [29.1.2010 20:24 64160]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [7.2.2010 10:24 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.2.2010 10:24 20560]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18.1.2009 22:34 1028432]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16.1.2010 0:05 691696]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [18.12.2009 0:12 1044808]
S3 AXSDCE;AXSDCE;c:\docume~1\LUK~1\LOCALS~1\Temp\AXSDCE.exe --> c:\docume~1\LUK~1\LOCALS~1\Temp\AXSDCE.exe [?]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [10.1.2010 10:59 410976]
S3 TZ;TZ;c:\docume~1\LUK~1\LOCALS~1\Temp\TZ.exe --> c:\docume~1\LUK~1\LOCALS~1\Temp\TZ.exe [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-02-15 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 19:23]

2010-02-18 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 23:18]

2010-02-18 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-09-02 13:56]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Lukáš\Data aplikací\Mozilla\Firefox\Profiles\3xjtvnaf.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL -
FF - component: c:\documents and settings\Lukáš\Data aplikací\Mozilla\Firefox\Profiles\3xjtvnaf.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-18 21:11
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="2393EDEB511EA7437DCF9F432A25F7EB62915FE5CB9548B316362153AA458772A7C2301275E5664B177EE80A814413F088D57B3547580EB60299C5956AA383FDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3D5D575E7D6A3B9808FEBC9E127BECC74C75227F98638672422BFB6C201944D6251995E9DC183F4016143D36093EAF181E36744E38B102FC31ABA2C353EB37A3167C2522E0D612C315739D6626F21D98818F27049196F36D0D88C4FB7736EB3B6ADDAC869EBB7C5C437A63C51C7907C47A69A10A019BE2D247140CB156B63DAF10993F04EAE2CD3D28AEA431ECE6D30FCD8F1E52566D67030183F9842FD59A56A8EE418B138BE85A05F6CB8B11F17A2F77332ACED7DB2F94136E6119B29B84C685FDE9935417C5EEC79D153D757686A02468AB773EDDFA640955E81987B714DF324FC794E28D6EFA985313AFF8F59921372756C8378B219322970F3148FA70426ACB3B8D659903BC4FAB2CD07113E635474CB64261228984D179211181DB58D11DC177FE778936BE791C9994A416B7231F19AA66D581325F4027C5ED367320B8F0E407EFA5D1D0C7D9016971506AE6F6BC30E43D99AEAB9248AC71805C80AC643DCAC668F587ACE6E41A7CE0A32067FE529AEDD32C531D4BF87BF185DD64F7068FEDE6775FE5B86FC58B8A62C36B3ACE48461EB87DBCBD809668E5BD1925111227ACEB2FCACDF976D65B1BF94624793E3701A5FE725ADC68192EC2ECDF6C1A42F8C9AE23983F0656ACF50DAB39C5D1E6ED81873F654259FE2BE84E5C788949932DEADC6E1B63092D0C2911841DF18128EF5E1994222CA906AD9AA5D81C6CE7C6A11B762E190341DCECAAAF91E4E95FA6F295071F69F6D701B2A83833F8AB5562E548CE054F8F048CFE90BF657896D148E1864E03F1210037815C4A3FB182842E3F4591186C9AB6A422567097B385D5B85BF4436663D1D4369664F1D65C4C7AB6A4C9BA0F91D956556DDA4343E7E3FBE6318B8B76DA5099CCA14F9DD5028DD0CEC36D999A57AAEF1029628E85D7086807E9D4A261698A299085940B1D2269B80BFDB0D3EAC88AA70AD294FB82BBE8D28EC042D75C94116FD7590E4E10ACACF044E674E236649CB5BE1CFB875F3F2187B82427CB9E5598EF406A7850998AC35318450192359DA7646BEB0805480472688536BCF6E298F93D29B673CA2513C047E7987E83A6DA969492D90E996A9DC0E7B8CE9FA3E83F328238F187CF2316D94BD78F7D2C4B777837F935423F7992920ED7F64F71F41EE1FC53059CC109D4E773518F6F5369C201D42CFDC1C32C6094F82F6D30514F7ECEFCA7897E58CE06E96502B0AA17CA7F0508F66A0C48BCF517574E248B8C429D62E826CF6120715201D95B40"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(968)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2176)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-02-18 21:28:35
ComboFix-quarantined-files.txt 2010-02-18 20:28

Před spuštěním: Volných bajtů: 24 166 952 960
Po spuštění: Volných bajtů: 24 161 366 016

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - B7D5E6642A3002037708BF9F7A7CAC6D

Výborně.

Další krok - nejdříve čtěte pokyny, pak konejte!
Opět nechte celý ComboFix proběhnout a nic jiného při tom nedělejte, nikam neklikejte!

1) Skript do ComboFix-u

Otevřete si Poznámkový blok [Start → Spustit → notepad → Enter].

Do něj vkopírujte následující text:

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"KernelFaultCheck"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=-
"Google Update"=-
[-HKEY_CLASSES_ROOT\clsid\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[-HKEY_CLASSES_ROOT\qipbar.QIPBHO.1]
[-HKEY_CLASSES_ROOT\qipbar.QIPBHO]
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=- 
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

Folder::
C:\Program Files\Ask.com
C:\Program Files\DAEMON Tools Toolbar

Collect:
C:\DOCUME~1\LUK~1\LOCALS~1\Temp\TZ.exe
C:\DOCUME~1\LUK~1\LOCALS~1\Temp\AXSDCE.exe
C:\WINDOWS\system32\fjhdyfhsn.bat
C:\Documents and Settings\Lukáš\Nabídka Start\Programy\Po spuštění\netuza32.exe

File::
C:\Program Files\Internet Explorer\qipsearchbar.dll
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-507921405-839522115-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-507921405-839522115-1004UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

Driver::
TZ
AXSDCE

Extra::

FireFox::
FF - prefs.js: keyword.URL - 

Reboot::

Uložte tento soubor na Plochu pod jménem CFScript (koncovka .txt).
Přetáhněte tento soubor nad ComboFix (ve Vašem případě mrcha.com.exe) a pusťte ho.
I tento soubor, i ComboFix musí být na Ploše!
ComboFix se spustí a vykoná příkazy ze skriptu.
Počítač bude pravděpodobně restartován.
Po restartu na Vás vyskočí okno s logem, který mi vkopírujete sem ve formě textu.

A je tam v tom logu už něco vidět teda? Doufám že to pujde odstranit. A chtel bych pár rad na bezpečnost pc před viry..nějaké pořádné
Jinak díky za tvojí trpělivost... je vidět že jsi borec

Tenhle skript právě odstraní veškerou havěť, takže ho proveďte pečlivě.

A díky.

Tak hotovo.. smazaly se nějaké toolbary..daemons, QIP a Ask.com... pc jede v poho...ještě ti napíšu log... smazalo se plno věcí... jsem rád, že se
to vyřešilo.. ještě jednou díky moc a zjistil jsi z čeho to mohlo být? já tam ty toolbary měl už dlouho.. myslíš že se mi přes ně chtěl někdo štourat v pc? (že v nich našel díru?)

Tady je log:

ComboFix 10-02-18.03 - Lukáš 18.02.2010 21:59:55.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1279.769 [GMT 1:00]
Spuštěný z: c:\documents and settings\Lukáš\Plocha\mrcha.com.exe
Použité ovládací přepínače :: c:\documents and settings\Lukáš\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100216-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\program files\Internet Explorer\qipsearchbar.dll"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-507921405-839522115-1004Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-789336058-507921405-839522115-1004UA.job"
"c:\windows\tasks\Scheduled Update for Ask Toolbar.job"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\program files\DAEMON Tools Toolbar\DTToolbar.dll
c:\program files\DAEMON Tools Toolbar\Resources\about.ico
c:\program files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
c:\program files\DAEMON Tools Toolbar\Resources\accept.ico
c:\program files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.ico
c:\program files\DAEMON Tools Toolbar\Resources\as.png
c:\program files\DAEMON Tools Toolbar\Resources\astro.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_download.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_home.ico
c:\program files\DAEMON Tools Toolbar\Resources\astro_lite.ico
c:\program files\DAEMON Tools Toolbar\Resources\astroburn_site.ico
c:\program files\DAEMON Tools Toolbar\Resources\astroLite_16.ico
c:\program files\DAEMON Tools Toolbar\Resources\az.ico
c:\program files\DAEMON Tools Toolbar\Resources\b1.png
c:\program files\DAEMON Tools Toolbar\Resources\burn_files.ico
c:\program files\DAEMON Tools Toolbar\Resources\burn_image.ico
c:\program files\DAEMON Tools Toolbar\Resources\burn_imgs.ico
c:\program files\DAEMON Tools Toolbar\Resources\BurnImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\Config.ico
c:\program files\DAEMON Tools Toolbar\Resources\d.ico
c:\program files\DAEMON Tools Toolbar\Resources\d2.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\daemon_search_site.ico
c:\program files\DAEMON Tools Toolbar\Resources\dot_disabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_enabled.bmp
c:\program files\DAEMON Tools Toolbar\Resources\dot_on_over.bmp
c:\program files\DAEMON Tools Toolbar\Resources\download.ico
c:\program files\DAEMON Tools Toolbar\Resources\ds.ico
c:\program files\DAEMON Tools Toolbar\Resources\dsearch.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt-home.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_about.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_buy.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_download.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_faq.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_line.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_lite.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_manual.ico
c:\program files\DAEMON Tools Toolbar\Resources\dt_pro.ico
c:\program files\DAEMON Tools Toolbar\Resources\DTPro.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt16.ico
c:\program files\DAEMON Tools Toolbar\Resources\dtt32.ico
c:\program files\DAEMON Tools Toolbar\Resources\Dwnl.ico
c:\program files\DAEMON Tools Toolbar\Resources\emulation.ico
c:\program files\DAEMON Tools Toolbar\Resources\favicon.ico
c:\program files\DAEMON Tools Toolbar\Resources\features.ico
c:\program files\DAEMON Tools Toolbar\Resources\feedback.ico
c:\program files\DAEMON Tools Toolbar\Resources\forum.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixCristals.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixDownload.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixPlayOnline.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameCentrixTop.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameS.ico
c:\program files\DAEMON Tools Toolbar\Resources\games_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\games_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\GameSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\gct16.ico
c:\program files\DAEMON Tools Toolbar\Resources\gd.ico
c:\program files\DAEMON Tools Toolbar\Resources\genre.xml
c:\program files\DAEMON Tools Toolbar\Resources\globe.ico
c:\program files\DAEMON Tools Toolbar\Resources\GrabImage.ico
c:\program files\DAEMON Tools Toolbar\Resources\hb.bmp
c:\program files\DAEMON Tools Toolbar\Resources\hb.ico
c:\program files\DAEMON Tools Toolbar\Resources\help.ico
c:\program files\DAEMON Tools Toolbar\Resources\hide.ico
c:\program files\DAEMON Tools Toolbar\Resources\home.ico
c:\program files\DAEMON Tools Toolbar\Resources\image_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\image_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageS.ico
c:\program files\DAEMON Tools Toolbar\Resources\ImageSA.ico
c:\program files\DAEMON Tools Toolbar\Resources\ip.ico
c:\program files\DAEMON Tools Toolbar\Resources\lang.xml
c:\program files\DAEMON Tools Toolbar\Resources\lingvo.ico
c:\program files\DAEMON Tools Toolbar\Resources\m.ico
c:\program files\DAEMON Tools Toolbar\Resources\mail.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mail_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
c:\program files\DAEMON Tools Toolbar\Resources\MenuTr.ico
c:\program files\DAEMON Tools Toolbar\Resources\mount.ico
c:\program files\DAEMON Tools Toolbar\Resources\mount_n_drive.ico
c:\program files\DAEMON Tools Toolbar\Resources\next.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\next_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none.bmp
c:\program files\DAEMON Tools Toolbar\Resources\none_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\op.ico
c:\program files\DAEMON Tools Toolbar\Resources\play.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play.ico
c:\program files\DAEMON Tools Toolbar\Resources\play_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\play_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\pragma.ico
c:\program files\DAEMON Tools Toolbar\Resources\prev.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prev_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\prod.ico
c:\program files\DAEMON Tools Toolbar\Resources\Radio.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioBg.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioE.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioG.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioN.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioR.ico
c:\program files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\RadioW.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rbcheck.ico
c:\program files\DAEMON Tools Toolbar\Resources\rbtxt.ico
c:\program files\DAEMON Tools Toolbar\Resources\refresh.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Rss.ico
c:\program files\DAEMON Tools Toolbar\Resources\Rss1.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssA1.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssClose.ico
c:\program files\DAEMON Tools Toolbar\Resources\rssL.bmp
c:\program files\DAEMON Tools Toolbar\Resources\rssOpen.ico
c:\program files\DAEMON Tools Toolbar\Resources\RssRefresh.ico
c:\program files\DAEMON Tools Toolbar\Resources\s2.ico
c:\program files\DAEMON Tools Toolbar\Resources\show.ico
c:\program files\DAEMON Tools Toolbar\Resources\size.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_lr.ico
c:\program files\DAEMON Tools Toolbar\Resources\size_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\size_rl.ico
c:\program files\DAEMON Tools Toolbar\Resources\skins.ico
c:\program files\DAEMON Tools Toolbar\Resources\spt.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop.ico
c:\program files\DAEMON Tools Toolbar\Resources\stop_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\stop_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\style.ico
c:\program files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
c:\program files\DAEMON Tools Toolbar\Resources\timer.ico
c:\program files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
c:\program files\DAEMON Tools Toolbar\Resources\toolbar.xml
c:\program files\DAEMON Tools Toolbar\Resources\trans.ico
c:\program files\DAEMON Tools Toolbar\Resources\Trash.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\u.ico
c:\program files\DAEMON Tools Toolbar\Resources\unmount-all.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol.ico
c:\program files\DAEMON Tools Toolbar\Resources\vol_back.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_mute_check.bmp
c:\program files\DAEMON Tools Toolbar\Resources\vol_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
c:\program files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
c:\program files\DAEMON Tools Toolbar\Resources\web_resources.ico
c:\program files\DAEMON Tools Toolbar\Resources\web_search.ico
c:\program files\DAEMON Tools Toolbar\Resources\web_search_SA.ico
c:\program files\DAEMON Tools Toolbar\Resources\WebS.ico
c:\program files\DAEMON Tools Toolbar\Resources\WebSa.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi0.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi1.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi10.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi11.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi12.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi13.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi14.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi2.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi3.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi4.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi5.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi6.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi7.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi8.ico
c:\program files\DAEMON Tools Toolbar\Resources\wi9.ico
c:\program files\DAEMON Tools Toolbar\uninst.exe
c:\program files\Internet Explorer\qipsearchbar.dll
c:\windows\tasks\Scheduled Update for Ask Toolbar.job

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AXSDCE
-------\Legacy_TZ
-------\Service_AXSDCE
-------\Service_TZ

((((((((((((((((((((((((( Soubory vytvořené od 2010-01-18 do 2010-02-18 )))))))))))))))))))))))))))))))
.

2010-02-18 17:12 . 2010-02-18 17:12 -------- d-----w- C:\_OTM
2010-02-17 10:25 . 2008-04-13 18:41 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-02-17 10:25 . 2008-04-13 18:41 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-02-17 10:22 . 2001-08-17 19:13 27165 -c--a-w- c:\windows\system32\dllcache\fetnd5.sys
2010-02-17 10:22 . 2001-08-17 19:13 27165 ----a-w- c:\windows\system32\drivers\fetnd5.sys
2010-02-17 10:20 . 2008-04-13 18:45 52864 -c--a-w- c:\windows\system32\dllcache\dmusic.sys
2010-02-17 10:20 . 2008-04-13 18:45 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2010-02-17 10:20 . 2008-04-13 18:40 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-02-17 10:20 . 2008-04-13 18:40 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2010-02-17 10:15 . 2010-02-17 10:15 148 ----a-w- c:\windows\system32\fjhdyfhsn.bat
2010-02-17 10:14 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-02-17 10:14 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-02-16 21:34 . 2010-02-16 21:34 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-09 12:04 . 2010-02-09 12:04 -------- d-----w- c:\windows\nview
2010-02-09 12:04 . 2008-05-16 13:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2010-02-09 11:25 . 2010-02-09 11:25 -------- d-----w- c:\program files\Ubisoft
2010-02-08 19:24 . 2010-02-08 19:24 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-02-07 20:05 . 2010-02-07 20:05 -------- d-----w- c:\program files\NeroInstall.bak
2010-02-07 19:59 . 2010-02-07 20:02 -------- d-----w- c:\program files\Common Files\Nero
2010-02-07 19:22 . 2010-02-07 19:22 -------- d-----w- c:\program files\uTorrent
2010-02-07 18:39 . 2010-02-07 18:39 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-02-07 12:21 . 2010-02-15 18:16 -------- d-----w- c:\program files\The Hell in Vietnam
2010-02-07 12:19 . 2010-02-07 12:20 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-02-07 09:24 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-07 09:24 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-06 20:14 . 2010-02-06 20:15 -------- d-----w- c:\program files\trend micro
2010-02-06 20:14 . 2010-02-06 20:15 -------- d-----w- C:\rsit
2010-02-06 12:54 . 2010-02-06 12:54 -------- d-----w- c:\windows\system32\oodag
2010-02-06 12:41 . 2010-02-06 12:41 -------- d-----w- c:\program files\OO Software
2010-02-05 14:46 . 2010-02-05 16:10 -------- d-----w- c:\windows\Globalization
2010-02-05 14:40 . 2008-04-13 18:45 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2010-02-05 14:40 . 2008-04-13 18:45 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2010-02-05 14:34 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-02-05 14:32 . 2010-02-05 14:32 -------- d-----w- c:\program files\Common Files\PCSuite
2010-02-05 14:31 . 2010-02-05 16:10 -------- d-----w- c:\program files\Common Files\Nokia
2010-02-05 14:31 . 2010-02-05 14:31 -------- d-----w- c:\program files\DIFX
2010-02-05 14:31 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-02-05 14:31 . 2010-02-05 14:31 -------- d-----w- c:\program files\PC Connectivity Solution
2010-02-05 14:31 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-02-05 14:30 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-02-05 14:30 . 2009-10-06 10:52 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-02-05 14:30 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2010-02-05 14:30 . 2009-10-06 10:52 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-02-05 14:30 . 2009-10-06 10:52 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-02-05 14:30 . 2009-10-06 10:52 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-02-05 14:30 . 2010-02-05 16:10 -------- d-----w- c:\program files\Nokia
2010-01-30 10:50 . 2010-01-30 10:50 -------- d-sh--w- c:\windows\ftpcache
2010-01-29 20:29 . 2010-01-29 19:24 15688 ----a-w- c:\windows\system32\lsdelete.exe
2010-01-29 19:24 . 2010-01-29 19:23 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-01-29 13:59 . 1998-11-13 11:58 307200 ----a-w- c:\windows\IsUn0405.exe
2010-01-27 21:15 . 2010-01-27 21:15 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-01-26 18:36 . 2010-01-26 18:36 -------- d--h--w- c:\windows\msdownld.tmp
2010-01-26 18:35 . 2010-01-26 18:36 -------- d-----w- c:\program files\QIP
2010-01-25 17:21 . 2010-01-25 17:21 -------- d-----w- c:\program files\Archiving
2010-01-24 15:17 . 2005-06-24 15:24 438272 ----a-r- c:\windows\system32\vp6vfw.dll
2010-01-24 12:04 . 2010-01-24 12:05 -------- d-----w- c:\program files\VDOWNLOADER
2010-01-24 12:04 . 2010-01-24 12:04 -------- d-----w- c:\program files\Common Files\eBay
2010-01-23 21:23 . 2010-02-05 19:07 -------- d-----w- c:\program files\DivX
2010-01-22 16:14 . 2010-01-22 16:14 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-01-21 23:04 . 2006-12-08 11:02 251672 ----a-w- c:\windows\system32\xactengine2_5.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-07 19:59 . 2010-01-05 19:43 -------- d-----w- c:\program files\Nero
2010-02-07 09:35 . 2010-01-17 19:56 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-07 09:02 . 2010-01-02 11:52 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-06 19:54 . 2004-08-18 12:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2010-02-06 19:54 . 2004-08-18 12:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2010-02-06 19:43 . 2010-01-15 20:57 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-02-06 17:49 . 2010-01-17 14:37 -------- d-----w- c:\program files\Skype
2010-02-05 19:09 . 2010-01-17 14:33 -------- d-----w- c:\program files\IrfanView
2010-02-05 14:42 . 2010-02-05 14:42 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-05 14:42 . 2010-02-05 14:42 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-02-05 14:34 . 2010-02-05 14:34 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-02-05 14:34 . 2010-02-05 14:34 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-01-25 18:37 . 2010-01-17 18:55 -------- d-----w- c:\program files\Lavasoft
2010-01-24 12:52 . 2010-01-10 09:59 -------- d-----w- c:\program files\Ashampoo
2010-01-23 21:24 . 2010-01-23 21:23 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-01-23 19:25 . 2010-01-02 11:43 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-18 19:39 . 2010-01-18 19:39 -------- d-----w- c:\program files\Common Files\ACTIV Software
2010-01-18 19:39 . 2010-01-18 19:39 -------- d-----w- c:\program files\ACTIV Software
2010-01-17 20:59 . 2010-01-17 20:59 -------- d-----w- c:\program files\Opera
2010-01-17 14:38 . 2010-01-17 14:38 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-17 14:37 . 2010-01-17 14:37 -------- d-----w- c:\program files\Common Files\Skype
2010-01-15 23:05 . 2010-01-15 23:05 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-15 20:11 . 2010-01-05 19:43 -------- d-----w- c:\program files\Common Files\Ahead
2010-01-14 19:00 . 2010-01-14 19:00 -------- d-----w- c:\program files\Webteh
2010-01-14 18:28 . 2010-01-14 18:28 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-01-14 18:27 . 2010-01-14 18:28 737280 ----a-w- c:\windows\iun6002.exe
2010-01-12 15:46 . 2010-01-12 15:46 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-01-11 22:46 . 2010-01-11 21:19 126984 ----a-w- c:\windows\hpoins11.dat
2010-01-11 22:45 . 2010-01-11 21:00 -------- d-----w- c:\program files\HP
2010-01-11 22:44 . 2010-01-11 22:43 -------- d-----w- c:\program files\Common Files\HP
2010-01-11 22:42 . 2010-01-11 22:41 -------- d-----w- c:\program files\Hewlett-Packard
2010-01-11 22:41 . 2010-01-11 22:41 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2010-01-11 18:54 . 2010-01-11 18:54 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2010-01-11 18:54 . 2010-01-11 18:54 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2010-01-11 18:51 . 2010-01-11 18:51 -------- d-----w- c:\program files\Common Files\LogiShared
2010-01-11 18:51 . 2010-01-11 18:51 127034 ------r- c:\windows\bwUnin-8.1.1.50-8876480SL.exe
2010-01-11 18:51 . 2010-01-11 18:49 -------- d-----w- c:\program files\Logitech
2010-01-11 18:49 . 2010-01-11 18:49 -------- d-----w- c:\program files\Common Files\Logitech
2010-01-10 11:21 . 2010-01-02 11:14 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-10 11:21 . 2010-01-02 11:14 2684 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-10 11:15 . 2010-01-02 11:14 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-10 10:06 . 2010-01-10 10:06 -------- d-----w- c:\program files\MSBuild
2010-01-10 10:06 . 2010-01-10 10:06 -------- d-----w- c:\program files\Reference Assemblies
2010-01-10 09:59 . 2010-01-10 09:59 -------- d-----w- c:\program files\MSXML 6.0
2010-01-05 19:24 . 2010-01-05 19:24 0 ----a-w- c:\windows\nsreg.dat
2010-01-05 19:18 . 2010-01-05 19:18 -------- d-----w- c:\program files\Windows Media Connect 2
2010-01-05 18:55 . 2010-01-05 18:55 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-05 18:53 . 2010-01-02 12:43 -------- d-----w- c:\program files\ATI Technologies
2010-01-05 17:42 . 2010-01-05 17:42 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-02 12:44 . 2010-01-02 12:44 -------- d-----w- c:\program files\Microsoft.NET
2010-01-02 12:33 . 2010-01-02 12:33 -------- d-----w- c:\program files\Alwil Software
2010-01-02 11:52 . 2010-01-02 11:52 -------- d-----w- c:\program files\C-Media 3D Audio
2010-01-02 11:15 . 2010-01-02 11:15 -------- d-----w- c:\program files\microsoft frontpage
2010-01-02 11:11 . 2010-01-02 11:11 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2004-08-18 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2004-08-18 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 23:14 . 2010-01-15 20:58 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2009-12-17 23:08 . 2010-01-15 20:58 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2009-12-17 07:42 . 2010-01-02 11:10 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-18 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-04 18:22 . 2004-08-18 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2004-08-18 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2004-08-17 15:49 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2004-08-18 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2004-08-18 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2004-08-18 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2004-08-17 15:49 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-24 23:54 . 2010-01-02 12:33 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2010-01-02 12:33 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2010-01-02 12:33 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:49 . 2010-01-02 12:33 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2010-01-02 12:33 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2010-01-02 12:33 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2010-01-02 12:33 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2004-08-18 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Luk ç\Nabˇdka Start\Programy\Po spuçtŘnˇ\
netuza32.exe [2008-4-14 23040]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" silent
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" -autorun
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"OODefragTray"=c:\program files\OO Software\Defrag\oodtray.exe
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
"Ad-Watch"=c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Documents and Settings\\Lukáš\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [29.1.2010 20:24 64160]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16.1.2010 0:05 691696]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [7.2.2010 10:24 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.2.2010 10:24 20560]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18.1.2009 22:34 1028432]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [18.12.2009 0:12 1044808]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [10.1.2010 10:59 410976]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-02-15 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 19:23]

2010-02-18 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 23:18]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Lukáš\Data aplikací\Mozilla\Firefox\Profiles\3xjtvnaf.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL -
FF - component: c:\documents and settings\Lukáš\Data aplikací\Mozilla\Firefox\Profiles\3xjtvnaf.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-18 22:33
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sppv.sys >>UNKNOWN [0x8974D938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf764bf28
\Driver\ACPI -> ACPI.sys @ 0xf74a3cb8
\Driver\atapi -> atapi.sys @ 0xf7849b40
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: VIA Rhine II Fast Ethernet Adapter -> SendCompleteHandler -> NDIS.sys @ 0xba731bb0
PacketIndicateHandler -> NDIS.sys @ 0xba73ea21
SendHandler -> NDIS.sys @ 0xba71c87b
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="2393EDEB511EA7437DCF9F432A25F7EB62915FE5CB9548B316362153AA458772A7C2301275E5664B177EE80A814413F088D57B3547580EB60299C5956AA383FDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3D5D575E7D6A3B9808FEBC9E127BECC74C75227F98638672422BFB6C201944D6251995E9DC183F4016143D36093EAF181E36744E38B102FC31ABA2C353EB37A3167C2522E0D612C315739D6626F21D98818F27049196F36D0D88C4FB7736EB3B6ADDAC869EBB7C5C437A63C51C7907C47A69A10A019BE2D247140CB156B63DAF10993F04EAE2CD3D28AEA431ECE6D30FCD8F1E52566D67030183F9842FD59A56A8EE418B138BE85A05F6CB8B11F17A2F77332ACED7DB2F94136E6119B29B84C685FDE9935417C5EEC79D153D757686A02468AB773EDDFA640955E81987B714DF324FC794E28D6EFA985313AFF8F59921372756C8378B219322970F3148FA70426ACB3B8D659903BC4FAB2CD07113E635474CB64261228984D179211181DB58D11DC177FE778936BE791C9994A416B7231F19AA66D581325F4027C5ED367320B8F0E407EFA5D1D0C7D9016971506AE6F6BC30E43D99AEAB9248AC71805C80AC643DCAC668F587ACE6E41A7CE0A32067FE529AEDD32C531D4BF87BF185DD64F7068FEDE6775FE5B86FC58B8A62C36B3ACE48461EB87DBCBD809668E5BD1925111227ACEB2FCACDF976D65B1BF94624793E3701A5FE725ADC68192EC2ECDF6C1A42F8C9AE23983F0656ACF50DAB39C5D1E6ED81873F654259FE2BE84E5C788949932DEADC6E1B63092D0C2911841DF18128EF5E1994222CA906AD9AA5D81C6CE7C6A11B762E190341DCECAAAF91E4E95FA6F295071F69F6D701B2A83833F8AB5562E548CE054F8F048CFE90BF657896D148E1864E03F1210037815C4A3FB182842E3F4591186C9AB6A422567097B385D5B85BF4436663D1D4369664F1D65C4C7AB6A4C9BA0F91D956556DDA4343E7E3FBE6318B8B76DA5099CCA14F9DD5028DD0CEC36D999A57AAEF1029628E85D7086807E9D4A261698A299085940B1D2269B80BFDB0D3EAC88AA70AD294FB82BBE8D28EC042D75C94116FD7590E4E10ACACF044E674E236649CB5BE1CFB875F3F2187B82427CB9E5598EF406A7850998AC35318450192359DA7646BEB0805480472688536BCF6E298F93D29B673CA2513C047E7987E83A6DA969492D90E996A9DC0E7B8CE9FA3E83F328238F187CF2316D94BD78F7D2C4B777837F935423F7992920ED7F64F71F41EE1FC53059CC109D4E773518F6F5369C201D42CFDC1C32C6094F82F6D30514F7ECEFCA7897E58CE06E96502B0AA17CA7F0508F66A0C48BCF517574E248B8C429D62E826CF6120715201D95B40"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(756)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3348)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Ashampoo\Ashampoo WinOptimizer 6\ContextHandler.dll
c:\program files\Nero\Nero8\Nero BackItUp\NBShell.dll
c:\program files\WinRAR\rarext.dll
c:\program files\WinRAR\rarlng.dll
c:\progra~1\OO Software\Defrag\oodsh.dll
c:\progra~1\OO Software\Defrag\OODSHRS.DLL
c:\program files\Lavasoft\Ad-Aware\ShellExt.dll
c:\program files\TuneUp Utilities 2010\SDShelEx-win32.dll
c:\program files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll
c:\program files\Common Files\Nero\Shared\NL3\ShellManager3.dll
c:\program files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
c:\progra~1\Spybot - Search & Destroy\SDHelper.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Alwil Software\Avast4\setup\avast.setup
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\nvsvc32.exe
c:\program files\OO Software\Defrag\oodag.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Opera\opera.exe
.
**************************************************************************
.
Celkový čas: 2010-02-18 22:59:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-18 21:59
ComboFix2.txt 2010-02-18 20:28

Před spuštěním: Volných bajtů: 24 172 236 800
Po spuštění: Volných bajtů: 24 042 233 856

- - End Of File - - EB57FA361F0F6E0CC7A005EA083BDD49

Sakra, tak už to zase dělá.... ted chvilku nic a už mám zase ve správcu úloh 100% u host

To je zlý sen...

Koukni se pls do logu, jestli tam ještě něco nezůstalo.

Něco tam zůstalo, protože se to nesmazalo, pokračujeme tedy.

1) Skript do ComboFix-u

Otevřete si Poznámkový blok [Start → Spustit → notepad → Enter].

Do něj vkopírujte následující text:

Kód: Vybrat vše

KillAll::

Collect::
c:\documents and settings\Luk ç\Nabídka Start\Programy\Po spuštění\netuza32.exe
c:\documents and settings\Luk ç\Nabˇdka Start\Programy\Po spuçtŘnˇ\netuza32.exe
C:\WINDOWS\system32\fjhdyfhsn.bat

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Software Update"=-
"KernelFaultCheck"=-

Reboot::

Uložte tento soubor na Plochu pod jménem CFScript (koncovka .txt).
Přetáhněte tento soubor nad ComboFix a pusťte ho.
I tento soubor, i ComboFix musí být na Ploše!
ComboFix se spustí a vykoná příkazy ze skriptu.
Počítač bude pravděpodobně restartován.
Po restartu na Vás vyskočí okno s logem, který mi vkopírujete sem ve formě textu.

a zjistil jsi z čeho to mohlo být? já tam ty toolbary měl už dlouho.. myslíš že se mi přes ně chtěl někdo štourat v pc? (že v nich našel díru?)

Přes ně to nebude, jsem jen zvyklý je odmazávat, pokud chcete, znovu si je nainstalujte.

Tak jak tedy poznáš, že tam je nějaká havěť?

Zde je log

Podívej se jestli tam
jeste neco nezustalo

ComboFix 10-02-18.03 - Lukáš 19.02.2010 0:04.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1279.876 [GMT 1:00]
Spuštěný z: c:\documents and settings\Lukáš\Plocha\mrcha.com.exe
Použité ovládací přepínače :: c:\documents and settings\Lukáš\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100216-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

file zipped: c:\windows\system32\fjhdyfhsn.bat
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\fjhdyfhsn.bat

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-18 do 2010-02-18 )))))))))))))))))))))))))))))))
.

2010-02-18 17:12 . 2010-02-18 17:12 -------- d-----w- C:\_OTM
2010-02-17 10:25 . 2008-04-13 18:41 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-02-17 10:25 . 2008-04-13 18:41 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-02-17 10:22 . 2001-08-17 19:13 27165 -c--a-w- c:\windows\system32\dllcache\fetnd5.sys
2010-02-17 10:22 . 2001-08-17 19:13 27165 ----a-w- c:\windows\system32\drivers\fetnd5.sys
2010-02-17 10:20 . 2008-04-13 18:45 52864 -c--a-w- c:\windows\system32\dllcache\dmusic.sys
2010-02-17 10:20 . 2008-04-13 18:45 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys
2010-02-17 10:20 . 2008-04-13 18:40 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-02-17 10:20 . 2008-04-13 18:40 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2010-02-17 10:14 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-02-17 10:14 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-02-16 21:34 . 2010-02-16 21:34 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-09 12:04 . 2010-02-09 12:04 -------- d-----w- c:\windows\nview
2010-02-09 12:04 . 2008-05-16 13:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2010-02-09 11:25 . 2010-02-09 11:25 -------- d-----w- c:\program files\Ubisoft
2010-02-08 19:24 . 2010-02-08 19:24 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-02-07 20:05 . 2010-02-07 20:05 -------- d-----w- c:\program files\NeroInstall.bak
2010-02-07 19:59 . 2010-02-07 20:02 -------- d-----w- c:\program files\Common Files\Nero
2010-02-07 18:39 . 2010-02-07 18:39 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-02-07 12:21 . 2010-02-15 18:16 -------- d-----w- c:\program files\The Hell in Vietnam
2010-02-07 12:19 . 2010-02-07 12:20 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-02-07 09:24 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-07 09:24 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-06 20:14 . 2010-02-06 20:15 -------- d-----w- c:\program files\trend micro
2010-02-06 20:14 . 2010-02-06 20:15 -------- d-----w- C:\rsit
2010-02-06 12:54 . 2010-02-06 12:54 -------- d-----w- c:\windows\system32\oodag
2010-02-06 12:41 . 2010-02-06 12:41 -------- d-----w- c:\program files\OO Software
2010-02-05 14:46 . 2010-02-05 16:10 -------- d-----w- c:\windows\Globalization
2010-02-05 14:40 . 2008-04-13 18:45 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2010-02-05 14:40 . 2008-04-13 18:45 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2010-02-05 14:34 . 2008-03-21 12:57 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-02-05 14:32 . 2010-02-05 14:32 -------- d-----w- c:\program files\Common Files\PCSuite
2010-02-05 14:31 . 2010-02-05 16:10 -------- d-----w- c:\program files\Common Files\Nokia
2010-02-05 14:31 . 2010-02-05 14:31 -------- d-----w- c:\program files\DIFX
2010-02-05 14:31 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-02-05 14:31 . 2010-02-05 14:31 -------- d-----w- c:\program files\PC Connectivity Solution
2010-02-05 14:31 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-02-05 14:30 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-02-05 14:30 . 2009-10-06 10:52 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-02-05 14:30 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2010-02-05 14:30 . 2009-10-06 10:52 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-02-05 14:30 . 2009-10-06 10:52 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-02-05 14:30 . 2009-10-06 10:52 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-02-05 14:30 . 2010-02-05 16:10 -------- d-----w- c:\program files\Nokia
2010-01-30 10:50 . 2010-01-30 10:50 -------- d-sh--w- c:\windows\ftpcache
2010-01-29 13:59 . 1998-11-13 11:58 307200 ----a-w- c:\windows\IsUn0405.exe
2010-01-27 21:15 . 2010-01-27 21:15 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-01-26 18:36 . 2010-01-26 18:36 -------- d--h--w- c:\windows\msdownld.tmp
2010-01-26 18:35 . 2010-01-26 18:36 -------- d-----w- c:\program files\QIP
2010-01-25 17:21 . 2010-01-25 17:21 -------- d-----w- c:\program files\Archiving
2010-01-24 15:17 . 2005-06-24 15:24 438272 ----a-r- c:\windows\system32\vp6vfw.dll
2010-01-24 12:04 . 2010-01-24 12:05 -------- d-----w- c:\program files\VDOWNLOADER
2010-01-24 12:04 . 2010-01-24 12:04 -------- d-----w- c:\program files\Common Files\eBay
2010-01-23 21:23 . 2010-02-05 19:07 -------- d-----w- c:\program files\DivX
2010-01-22 16:14 . 2010-01-22 16:14 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-01-21 23:04 . 2006-12-08 11:02 251672 ----a-w- c:\windows\system32\xactengine2_5.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-18 22:20 . 2010-01-17 18:55 -------- d-----w- c:\program files\Lavasoft
2010-02-07 19:59 . 2010-01-05 19:43 -------- d-----w- c:\program files\Nero
2010-02-07 09:35 . 2010-01-17 19:56 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-02-07 09:02 . 2010-01-02 11:52 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-06 19:54 . 2004-08-18 12:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2010-02-06 19:54 . 2004-08-18 12:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2010-02-06 19:43 . 2010-01-15 20:57 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-02-06 17:49 . 2010-01-17 14:37 -------- d-----w- c:\program files\Skype
2010-02-05 19:09 . 2010-01-17 14:33 -------- d-----w- c:\program files\IrfanView
2010-02-05 14:42 . 2010-02-05 14:42 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-05 14:42 . 2010-02-05 14:42 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-02-05 14:34 . 2010-02-05 14:34 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-02-05 14:34 . 2010-02-05 14:34 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-01-24 12:52 . 2010-01-10 09:59 -------- d-----w- c:\program files\Ashampoo
2010-01-23 21:24 . 2010-01-23 21:23 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-01-23 19:25 . 2010-01-02 11:43 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-18 19:39 . 2010-01-18 19:39 -------- d-----w- c:\program files\Common Files\ACTIV Software
2010-01-18 19:39 . 2010-01-18 19:39 -------- d-----w- c:\program files\ACTIV Software
2010-01-17 20:59 . 2010-01-17 20:59 -------- d-----w- c:\program files\Opera
2010-01-17 14:38 . 2010-01-17 14:38 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-17 14:37 . 2010-01-17 14:37 -------- d-----w- c:\program files\Common Files\Skype
2010-01-15 23:05 . 2010-01-15 23:05 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-15 20:11 . 2010-01-05 19:43 -------- d-----w- c:\program files\Common Files\Ahead
2010-01-14 19:00 . 2010-01-14 19:00 -------- d-----w- c:\program files\Webteh
2010-01-14 18:28 . 2010-01-14 18:28 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-01-14 18:27 . 2010-01-14 18:28 737280 ----a-w- c:\windows\iun6002.exe
2010-01-12 15:46 . 2010-01-12 15:46 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-01-11 22:46 . 2010-01-11 21:19 126984 ----a-w- c:\windows\hpoins11.dat
2010-01-11 22:45 . 2010-01-11 21:00 -------- d-----w- c:\program files\HP
2010-01-11 22:44 . 2010-01-11 22:43 -------- d-----w- c:\program files\Common Files\HP
2010-01-11 22:42 . 2010-01-11 22:41 -------- d-----w- c:\program files\Hewlett-Packard
2010-01-11 22:41 . 2010-01-11 22:41 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2010-01-11 18:54 . 2010-01-11 18:54 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2010-01-11 18:54 . 2010-01-11 18:54 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2010-01-11 18:51 . 2010-01-11 18:51 -------- d-----w- c:\program files\Common Files\LogiShared
2010-01-11 18:51 . 2010-01-11 18:51 127034 ------r- c:\windows\bwUnin-8.1.1.50-8876480SL.exe
2010-01-11 18:51 . 2010-01-11 18:49 -------- d-----w- c:\program files\Logitech
2010-01-11 18:49 . 2010-01-11 18:49 -------- d-----w- c:\program files\Common Files\Logitech
2010-01-10 11:21 . 2010-01-02 11:14 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-10 11:21 . 2010-01-02 11:14 2684 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-10 11:15 . 2010-01-02 11:14 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-10 10:06 . 2010-01-10 10:06 -------- d-----w- c:\program files\MSBuild
2010-01-10 10:06 . 2010-01-10 10:06 -------- d-----w- c:\program files\Reference Assemblies
2010-01-10 09:59 . 2010-01-10 09:59 -------- d-----w- c:\program files\MSXML 6.0
2010-01-05 19:24 . 2010-01-05 19:24 0 ----a-w- c:\windows\nsreg.dat
2010-01-05 19:18 . 2010-01-05 19:18 -------- d-----w- c:\program files\Windows Media Connect 2
2010-01-05 18:55 . 2010-01-05 18:55 0 ----a-w- c:\windows\ativpsrm.bin
2010-01-05 18:53 . 2010-01-02 12:43 -------- d-----w- c:\program files\ATI Technologies
2010-01-05 17:42 . 2010-01-05 17:42 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-02 12:44 . 2010-01-02 12:44 -------- d-----w- c:\program files\Microsoft.NET
2010-01-02 12:33 . 2010-01-02 12:33 -------- d-----w- c:\program files\Alwil Software
2010-01-02 11:52 . 2010-01-02 11:52 -------- d-----w- c:\program files\C-Media 3D Audio
2010-01-02 11:15 . 2010-01-02 11:15 -------- d-----w- c:\program files\microsoft frontpage
2010-01-02 11:11 . 2010-01-02 11:11 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2004-08-18 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2004-08-18 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 23:14 . 2010-01-15 20:58 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2009-12-17 23:08 . 2010-01-15 20:58 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2009-12-17 07:42 . 2010-01-02 11:10 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-18 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-04 18:22 . 2004-08-18 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2004-08-18 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2004-08-17 15:49 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2004-08-18 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2004-08-18 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2004-08-18 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2004-08-17 15:49 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-24 23:54 . 2010-01-02 12:33 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2010-01-02 12:33 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2010-01-02 12:33 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:49 . 2010-01-02 12:33 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2010-01-02 12:33 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2010-01-02 12:33 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2010-01-02 12:33 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2004-08-18 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Luk ç\Nabˇdka Start\Programy\Po spuçtŘnˇ\
netuza32.exe [2008-4-14 23040]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" silent
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" -autorun
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"OODefragTray"=c:\program files\OO Software\Defrag\oodtray.exe
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
"Ad-Watch"=c:\program files\Lavasoft\Ad-Aware\AAWTray.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\QIP\\qip.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16.1.2010 0:05 691696]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [7.2.2010 10:24 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.2.2010 10:24 20560]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [18.12.2009 0:12 1044808]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [10.1.2010 10:59 410976]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-02-18 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 23:18]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Lukáš\Data aplikací\Mozilla\Firefox\Profiles\3xjtvnaf.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL -
FF - component: c:\documents and settings\Lukáš\Data aplikací\Mozilla\Firefox\Profiles\3xjtvnaf.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-19 00:24
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spbk.sys >>UNKNOWN [0x8974D938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf764bf28
\Driver\ACPI -> ACPI.sys @ 0xf74a3cb8
\Driver\atapi -> atapi.sys @ 0xf7849b40
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: VIA Rhine II Fast Ethernet Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf7a24bb0
PacketIndicateHandler -> NDIS.sys @ 0xf7a31a21
SendHandler -> NDIS.sys @ 0xf7a0f87b
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="2393EDEB511EA7437DCF9F432A25F7EB62915FE5CB9548B316362153AA458772A7C2301275E5664B177EE80A814413F088D57B3547580EB60299C5956AA383FDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3D5D575E7D6A3B9808FEBC9E127BECC74C75227F98638672422BFB6C201944D6251995E9DC183F4016143D36093EAF181E36744E38B102FC31ABA2C353EB37A3167C2522E0D612C315739D6626F21D98818F27049196F36D0D88C4FB7736EB3B6ADDAC869EBB7C5C437A63C51C7907C47A69A10A019BE2D247140CB156B63DAF10993F04EAE2CD3D28AEA431ECE6D30FCD8F1E52566D67030183F9842FD59A56A8EE418B138BE85A05F6CB8B11F17A2F77332ACED7DB2F94136E6119B29B84C685FDE9935417C5EEC79D153D757686A02468AB773EDDFA640955E81987B714DF324FC794E28D6EFA985313AFF8F59921372756C8378B219322970F3148FA70426ACB3B8D659903BC4FAB2CD07113E635474CB64261228984D179211181DB58D11DC177FE778936BE791C9994A416B7231F19AA66D581325F4027C5ED367320B8F0E407EFA5D1D0C7D9016971506AE6F6BC30E43D99AEAB9248AC71805C80AC643DCAC668F587ACE6E41A7CE0A32067FE529AEDD32C531D4BF87BF185DD64F7068FEDE6775FE5B86FC58B8A62C36B3ACE48461EB87DBCBD809668E5BD1925111227ACEB2FCACDF976D65B1BF94624793E3701A5FE725ADC68192EC2ECDF6C1A42F8C9AE23983F0656ACF50DAB39C5D1E6ED81873F654259FE2BE84E5C788949932DEADC6E1B63092D0C2911841DF18128EF5E1994222CA906AD9AA5D81C6CE7C6A11B762E190341DCECAAAF91E4E95FA6F295071F69F6D701B2A83833F8AB5562E548CE054F8F048CFE90BF657896D148E1864E03F1210037815C4A3FB182842E3F4591186C9AB6A422567097B385D5B85BF4436663D1D4369664F1D65C4C7AB6A4C9BA0F91D956556DDA4343E7E3FBE6318B8B76DA5099CCA14F9DD5028DD0CEC36D999A57AAEF1029628E85D7086807E9D4A261698A299085940B1D2269B80BFDB0D3EAC88AA70AD294FB82BBE8D28EC042D75C94116FD7590E4E10ACACF044E674E236649CB5BE1CFB875F3F2187B82427CB9E5598EF406A7850998AC35318450192359DA7646BEB0805480472688536BCF6E298F93D29B673CA2513C047E7987E83A6DA969492D90E996A9DC0E7B8CE9FA3E83F328238F187CF2316D94BD78F7D2C4B777837F935423F7992920ED7F64F71F41EE1FC53059CC109D4E773518F6F5369C201D42CFDC1C32C6094F82F6D30514F7ECEFCA7897E58CE06E96502B0AA17CA7F0508F66A0C48BCF517574E248B8C429D62E826CF6120715201D95B40"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(740)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3864)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Alwil Software\Avast4\setup\avast.setup
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\OO Software\Defrag\oodag.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Opera\opera.exe
c:\windows\system32\rundll32.exe
c:\program files\Spybot - Search & Destroy\SpybotSD.exe
.
**************************************************************************
.
Celkový čas: 2010-02-19 00:56:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-18 23:56
ComboFix2.txt 2010-02-18 22:00
ComboFix3.txt 2010-02-18 20:28

Před spuštěním: Volných bajtů: 24 310 210 560
Po spuštění: Volných bajtů: 24 240 566 272

- - End Of File - - 178BD3A8EFF692A1494863C6885259C7

VIRY.CZ

Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc

Re: Zřejmě mám v pc rootkit, prosím o pomoc