VIRY.CZ

Dobrý deň, prosím o kontrolu logu Pc je bez problémov , ale keď chcem spustiť program Fl studio 9, ktorý pred pár mesiacmi išiel tak mi napíše " Cannot find kctaskpr.mfx ! " a následne sa v pravo dole na monitore ukáže výstraha ESS4 že
" pravdepodobne varianta infiltrácie Win 32 / Agent Trójsky kôň
Info : Vyliečený - Uložený do karanténý "
Robí to vždy po kliknutí na ikonku programu.

Log z RSIT :

Logfile of random's system information tool 1.06 (written by random/random)
Run by MaTiSkOoO at 2010-04-29 13:17:23
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (10%) free of 57 GB
Total RAM: 2047 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:17:31, on 29.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE
C:\Program Files\Razer\Lycosa\razerhid.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Razer\Lycosa\razertra.exe
C:\Program Files\ROCCAT\Kone Mouse\osd.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\MaTiSkOoO\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\MaTiSkOoO\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\MaTiSkOoO\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\MaTiSkOoO\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\MaTiSkOoO.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Auto Del Temp] C:\WINDOWS\system32\TEMP.cmd
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Kone] "C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE"
O4 - HKLM\..\Run: [Lycosa] "C:\Program Files\Razer\Lycosa\razerhid.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\MaTiSkOoO\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll/206 (file missing)
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 8785 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1004336348-1177238915-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1004336348-1177238915-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2008-05-20 736360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.6.26.dll [2008-06-26 656696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Auto Del Temp"=C:\WINDOWS\system32\TEMP.cmd [2008-07-31 73]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-09-16 69632]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-04-21 335872]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Kone"=C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE [2009-09-15 180224]
"Lycosa"=C:\Program Files\Razer\Lycosa\razerhid.exe [2008-10-16 147456]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\MaTiSkOoO\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-12-25 135664]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-07-30 40960]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-03-28 133368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-12-17 116056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kone]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
E:\Program Files\Valve\Steam\Steam.exe [2010-04-27 1238352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-05-21 275768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-04-21 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-04-27 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\ICQ7.0\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"E:\Program Files\Valve\Steam\SteamApps\m_4th15k0\counter-strike\hl.exe"="E:\Program Files\Valve\Steam\SteamApps\m_4th15k0\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2010-04-23 22:50:12 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-04-23 22:49:42 ----A---- C:\WINDOWS\system32\P1001Vfw.dll
2010-04-23 22:49:42 ----A---- C:\WINDOWS\system32\P1001Twn.ini
2010-04-23 22:49:42 ----A---- C:\WINDOWS\system32\P1001Sti.dll
2010-04-23 22:49:42 ----A---- C:\WINDOWS\system32\P1001Pin.dll
2010-04-23 22:49:35 ----A---- C:\WINDOWS\P1001Cfg.exe
2010-04-23 22:49:25 ----A---- C:\WINDOWS\CtDrvIns.exe
2010-04-23 22:49:13 ----D---- C:\CWebCam
2010-04-23 22:49:13 ----A---- C:\WINDOWS\VfwUpd.exe
2010-04-22 21:03:02 ----A---- C:\WINDOWS\system32\devil.dll
2010-04-22 21:02:51 ----A---- C:\WINDOWS\system32\avisynth.dll
2010-04-22 21:02:42 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2010-04-22 21:02:41 ----D---- C:\Program Files\AviSynth 2.5
2010-04-21 17:43:19 ----D---- C:\Program Files\Image-Line
2010-04-20 20:29:55 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-04-20 20:29:54 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-20 20:29:53 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-20 20:29:52 ----A---- C:\WINDOWS\system32\java.exe
2010-04-18 02:35:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ableton
2010-04-18 02:35:41 ----D---- C:\Documents and Settings\MaTiSkOoO\Data aplikací\Ableton
2010-04-18 02:34:25 ----A---- C:\WINDOWS\system32\REX Shared Library.dll
2010-04-18 02:30:39 ----D---- C:\Program Files\Ableton
2010-04-15 18:13:06 ----A---- C:\plug_in.ini
2010-04-15 18:02:06 ----D---- C:\Program Files\VirtualDJ
2010-04-14 16:50:48 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-14 16:50:10 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-14 16:42:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-14 16:41:23 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 16:40:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 16:39:28 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-13 18:15:59 ----D---- C:\Program Files\ASIO4ALL v2
2010-04-13 18:14:16 ----D---- C:\Program Files\VstPlugins
2010-04-13 18:14:04 ----D---- C:\Program Files\Outsim
2010-04-04 21:02:21 ----D---- C:\Program Files\Microsoft Silverlight
2010-04-02 23:44:43 ----D---- C:\Program Files\LogMeIn Hamachi
2010-04-01 19:14:50 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-31 14:02:36 ----D---- C:\Documents and Settings\MaTiSkOoO\Data aplikací\Razer
2010-03-31 13:43:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Razer
2010-03-31 13:43:02 ----D---- C:\Program Files\Razer
2010-03-31 13:42:41 ----D---- C:\Documents and Settings\MaTiSkOoO\Data aplikací\InstallShield
2010-03-31 13:32:15 ----D---- C:\Program Files\ROCCAT
2010-03-31 12:40:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun

======List of files/folders modified in the last 1 months======

2010-04-29 13:17:29 ----D---- C:\WINDOWS\Prefetch
2010-04-29 13:17:27 ----D---- C:\Program Files\trend micro
2010-04-29 13:17:20 ----D---- C:\WINDOWS\temp
2010-04-29 13:07:12 ----D---- C:\Documents and Settings\MaTiSkOoO\Data aplikací\ICQ
2010-04-29 00:20:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-28 11:44:46 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-26 21:08:59 ----D---- C:\Documents and Settings\MaTiSkOoO\Data aplikací\Skype
2010-04-26 19:28:10 ----D---- C:\Documents and Settings\MaTiSkOoO\Data aplikací\skypePM
2010-04-25 21:57:06 ----D---- C:\Program Files\Mozilla Firefox
2010-04-24 11:05:01 ----D---- C:\WINDOWS
2010-04-23 22:53:19 ----D---- C:\WINDOWS\system32\drivers
2010-04-23 22:52:32 ----D---- C:\WINDOWS\system32
2010-04-23 22:50:52 ----HD---- C:\WINDOWS\inf
2010-04-22 21:02:41 ----RD---- C:\Program Files
2010-04-21 17:41:59 ----D---- C:\WINDOWS\Debug
2010-04-20 20:30:45 ----SHD---- C:\WINDOWS\Installer
2010-04-20 20:30:45 ----D---- C:\Config.Msi
2010-04-20 20:29:49 ----D---- C:\Program Files\Java
2010-04-18 21:25:29 ----D---- C:\DVDVideoSoft
2010-04-18 10:16:39 ----D---- C:\WINDOWS\WinSxS
2010-04-18 02:31:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-17 15:57:42 ----D---- C:\Downloads
2010-04-14 20:52:46 ----D---- C:\WINDOWS\Microsoft.NET
2010-04-14 16:54:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-04-14 16:51:05 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-14 16:50:41 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-14 16:42:49 ----A---- C:\WINDOWS\vbaddin.ini
2010-04-13 21:20:31 ----SD---- C:\Documents and Settings\MaTiSkOoO\Data aplikací\Microsoft
2010-04-12 18:00:33 ----RSD---- C:\WINDOWS\Fonts
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-06 18:16:46 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-06 18:15:05 ----D---- C:\Program Files\Common Files\InstallShield
2010-04-06 17:35:03 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-04-06 17:31:49 ----RSD---- C:\WINDOWS\assembly
2010-04-05 22:59:16 ----D---- C:\WINDOWS\system32\Side 9 Screensaver dir
2010-04-04 19:33:17 ----D---- C:\Documents and Settings\MaTiSkOoO\Data aplikací\HPAppData
2010-04-01 00:57:49 ----D---- C:\Program Files\Internet Explorer
2010-03-31 15:37:51 ----D---- C:\Documents and Settings\MaTiSkOoO\Data aplikací\gtk-2.0
2010-03-31 13:43:14 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-31 13:43:11 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-31 12:49:49 ----D---- C:\Program Files\ICQ7.0
2010-03-31 12:40:05 ----D---- C:\Program Files\Common Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-09-21 2278784]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-04-21 729088]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 hidusb;Lycosa HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 KoneFltr;ROCCAT Kone; C:\WINDOWS\system32\drivers\Kone.sys [2008-12-11 13056]
R3 LycoFltr;Lycosa Keyboard; C:\WINDOWS\System32\Drivers\Lycosa.sys [2008-05-22 16896]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-28 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-28 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 P1001VID;Creative WebCam (WDM); C:\WINDOWS\system32\DRIVERS\P1001Vid.sys [2002-06-03 311684]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys []
S3 Razerlow;Diamondback 3G USB Filter Driver; C:\WINDOWS\System32\Drivers\DB3G.sys [2005-04-24 13225]
S3 rtl8029;Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8029.SYS [2001-08-17 19017]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [2009-11-26 34384]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2009-09-08 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2009-09-08 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2009-09-08 106792]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-04-27 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-04-27 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-04-21 397312]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-12-17 238952]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-04-21 516096]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-14 136120]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Dobré ráno, tak log z combofixu sa neche vytvoriť. Spustil som ho v normálnom režime a po dokončení sa pc reštartoval a log sa nevytvoril. Potom som dal núdzový režim ale tam ni combofix nešiel spustiť, na ploche síce bola ikonka "Zástupce Combofix", ktorá odkazovala na C:\Dokumenty\Downloads ale pritom v bol Combofix stiahnutý na ploche. Skúsil som ho stiahnuť ešte raz ale stále to isté, potom som ešte skúsil kontrolu opäť v normálnom režime ale zase sa pc iba reštartoval a nevytvoril sa log

Zkuste ho přejmenovat třeba na Cokoli.com a zkuste spustit.

No takže nakoniec sa podarilo spraviť ten log v safe mode.

ComboFix 10-04-29.05 - MaTiSkOoO 01.05.2010 2:17.11.1 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.2047.1770 [GMT 2:00]
Running from: c:\documents and settings\MaTiSkOoO\Plocha\cokoli.com.exe
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\regedit.com
c:\windows\system32\AVSredirect.dll
c:\windows\system32\taskmgr.com

.
((((((((((((((((((((((((( Files Created from 2010-04-01 to 2010-05-01 )))))))))))))))))))))))))))))))
.

2010-04-23 20:53 . 2008-04-13 20:09 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2010-04-23 20:52 . 2008-04-13 20:16 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2010-04-23 20:52 . 2008-04-13 20:16 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2010-04-23 20:52 . 2008-04-13 20:16 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2010-04-23 20:52 . 2008-04-13 20:16 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2010-04-23 20:51 . 2008-04-13 20:16 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2010-04-23 20:50 . 2008-04-14 04:52 57856 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-04-23 20:49 . 2002-06-11 23:02 32768 ----a-w- c:\windows\system32\P1001Pin.dll
2010-04-23 20:49 . 2002-06-03 19:38 311684 ----a-w- c:\windows\system32\drivers\P1001Vid.sys
2010-04-23 20:49 . 2002-05-15 20:02 37876 ----a-w- c:\windows\system32\P1001Sti.dll
2010-04-23 20:49 . 2002-05-02 23:00 49152 ----a-w- c:\windows\system32\P1001Vfw.dll
2010-04-23 20:49 . 2002-04-21 23:02 24576 ----a-w- c:\windows\P1001Cfg.exe
2010-04-23 20:49 . 2002-04-08 23:07 41720 ----a-w- c:\windows\system32\drivers\P1001Cam.sys
2010-04-23 20:49 . 2002-03-19 23:24 61440 ----a-w- c:\windows\CtDrvIns.exe
2010-04-23 20:49 . 2010-04-23 20:49 -------- d-----w- C:\CWebCam
2010-04-23 20:49 . 2001-10-04 08:26 200968 ----a-w- c:\windows\VfwUpd.exe
2010-04-22 19:03 . 2004-02-22 08:11 719872 ----a-w- c:\windows\system32\devil.dll
2010-04-22 19:02 . 2009-09-27 07:39 369152 ----a-w- c:\windows\system32\avisynth.dll
2010-04-22 19:02 . 2010-04-22 19:02 -------- d-----w- c:\program files\AviSynth 2.5
2010-04-21 15:43 . 2010-04-21 15:49 -------- d-----w- c:\program files\Image-Line
2010-04-20 18:29 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-18 00:34 . 2009-06-12 17:53 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2010-04-18 00:30 . 2010-04-18 00:30 -------- d-----w- c:\program files\Ableton
2010-04-15 16:02 . 2010-04-15 17:53 -------- d-----w- c:\program files\VirtualDJ
2010-04-13 16:15 . 2010-04-18 12:22 -------- d-----w- c:\program files\ASIO4ALL v2
2010-04-13 16:14 . 2010-04-21 15:50 -------- d-----w- c:\program files\VstPlugins
2010-04-13 16:14 . 2010-04-13 16:14 -------- d-----w- c:\program files\Outsim
2010-04-04 19:02 . 2010-04-04 19:02 -------- d-----w- c:\program files\Microsoft Silverlight
2010-04-02 21:44 . 2010-04-02 21:44 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-04-01 17:14 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-29 11:17 . 2010-03-20 12:13 -------- d-----w- c:\program files\trend micro
2010-04-20 18:29 . 2009-12-24 20:58 -------- d-----w- c:\program files\Java
2010-04-06 16:16 . 2009-12-25 14:40 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-06 16:15 . 2009-12-25 14:40 -------- d-----w- c:\program files\Common Files\InstallShield
2010-04-06 15:35 . 2009-12-27 23:27 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-03-31 11:43 . 2010-03-31 11:43 -------- d-----w- c:\program files\Razer
2010-03-31 11:32 . 2010-03-31 11:32 -------- d-----w- c:\program files\ROCCAT
2010-03-31 10:49 . 2010-03-10 15:09 -------- d-----w- c:\program files\ICQ7.0
2010-03-31 10:40 . 2009-12-24 20:58 -------- d-----w- c:\program files\Common Files\Java
2010-03-28 08:53 . 2001-10-25 16:00 431978 ----a-w- c:\windows\system32\perfh005.dat
2010-03-28 08:53 . 2001-10-25 16:00 79044 ----a-w- c:\windows\system32\perfc005.dat
2010-03-25 16:30 . 2010-03-25 16:30 -------- d-----w- c:\program files\Common Files\Steinberg
2010-03-25 16:30 . 2010-03-25 16:29 -------- d-----w- c:\program files\Steinberg
2010-03-25 14:15 . 2010-03-25 14:15 -------- d-----w- c:\program files\Common Files\VST3
2010-03-19 23:50 . 2010-03-19 23:50 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-03-19 23:50 . 2010-03-19 23:50 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-03-19 23:50 . 2010-03-19 23:50 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-03-19 23:50 . 2010-03-19 23:50 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-03-10 15:10 . 2009-12-25 20:19 -------- d-----w- c:\program files\ICQ6Toolbar
2010-03-10 06:17 . 2008-04-27 10:10 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:18 . 2008-03-01 14:02 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 15:52 . 2010-02-24 15:52 520192 ----a-w- c:\windows\system32\Side 9 Screensaver.scr
2010-02-24 13:11 . 2008-04-14 00:47 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr
2010-02-17 12:09 . 2008-07-30 08:13 2192128 ------w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:09 . 2008-04-14 06:06 2068992 ------w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:35 . 2008-04-14 08:51 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2008-04-14 00:30 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-03 13:56 . 2010-02-03 13:56 26176 ---ha-w- c:\windows\system32\drivers\hamachi.sys
2006-05-03 10:06 . 2010-01-08 01:09 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 . 2010-01-08 01:09 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 . 2010-01-08 01:09 216064 --sh--r- c:\windows\system32\nbDX.dll
.

------- Sigcheck -------

[-] 2008-07-30 . 12A799AD9415AE9C8ABCC5F75E9CF034 . 557056 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

[-] 2008-07-30 . 97BF1C54DAF9FF61E897846DC7329CEF . 647680 . . [5.82] . . c:\windows\system32\comctl32.dll

[-] 2008-07-30 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll

[-] 2008-07-30 . DD7E25E20AEBD672DAE7E1D911C2D824 . 1589760 . . [6.00.2900.5512] . . c:\windows\explorer.exe

[-] 2008-08-01 . 4904E891E6C814DE9225400C8DAD494D . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

[-] 2008-07-30 . 94927BB89A6825C4A5952A2BF78F027B . 40960 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\MaTiSkOoO\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2009-12-25 135664]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" [2010-03-28 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Auto Del Temp"="c:\windows\system32\TEMP.cmd" [2008-07-31 73]
"SoundMan"="SOUNDMAN.EXE" [2004-09-16 69632]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-04-21 335872]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Kone"="c:\program files\ROCCAT\Kone Mouse\KoneHID.EXE" [2009-09-15 180224]
"Lycosa"="c:\program files\Razer\Lycosa\razerhid.exe" [2008-10-16 147456]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-07-30 40960]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2009-03-08 128512]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kone

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2009-12-17 17:43 116056 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 15:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2010-03-30 09:16 1820040 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-04-29 14:44 1238352 ----a-w- e:\program files\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IEPro\\MiniDM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"e:\\Program Files\\Steam\\Steam.exe"=
"e:\\Program Files\\Steam\\steamapps\\m_4th15k0\\counter-strike\\hl.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"14477:TCP"= 14477:TCP:BitComet 14477 TCP
"14477:UDP"= 14477:UDP:BitComet 14477 UDP

R3 KoneFltr;ROCCAT Kone;c:\windows\system32\drivers\Kone.sys [31.3.2010 13:32 13056]
R3 LycoFltr;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys [25.12.2009 17:23 16896]
S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 9:21 468224]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [25.12.2009 17:46 238952]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [30.3.2010 11:16 1107336]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [25.12.2009 22:19 246520]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [25.12.2009 17:46 36608]
S3 P1001VID;Creative WebCam (WDM);c:\windows\system32\drivers\P1001Vid.sys [23.4.2010 22:49 311684]
S3 Razerlow;Diamondback 3G USB Filter Driver;c:\windows\system32\drivers\DB3G.sys [13.3.2010 18:40 13225]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [26.11.2009 1:06 34384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 03:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.ask.com?o=15187&l=dis
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
FF - ProfilePath - c:\documents and settings\MaTiSkOoO\Data aplikací\Mozilla\Firefox\Profiles\86ae5ywb.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com?o=15187&l=dis
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q=
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Creative WebCam - c:\windows\CtDrvIns.exe -uninstall USB\VID_041E&PID_400D -plugin P1001Pin.dll



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-01 02:24
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(228)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'lsass.exe'(284)
c:\windows\system32\SETUPAPI.dll
.
Completion time: 2010-05-01 02:26:31
ComboFix-quarantined-files.txt 2010-05-01 00:26

Pre-Run: 5 446 684 672
Post-Run: 5 464 973 312

- - End Of File - - F5B914D43DF33D83635D853377A3F6AE

3 položky smazány, zbytek logu vypadá čistý.

Oukej, Ďakujem Prajem príjemný zbytok víkendu

Totéž přeji i vám a nemáte zač!