VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu hlučné PC

https://forum.viry.cz:443/viewtopic.php?t=100690

Stránka 1 z 1

Prosím o kontrolu hlučné PC

Napsal: 02 kvě 2010 19:26
od Vnislav
Dnes dopoledne antivir našel v mém PC vir Bubnix.gen!A vir byl antivirem odstraněn, přesto ve stroji není vše v pořádku.

Logfile of random's system information tool 1.06 (written by random/random)
Run by uživatel at 2010-05-02 20:18:45
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 123 GB (43%) free of 286 GB
Total RAM: 990 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:18:53, on 2.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ConMet\ConMet.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\Seznam.cz\postak.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uživatel\Dokumenty\Staženo\Google Chrome\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1003251836\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - 0A94B116-4504-4e26-AB05-E61E474AA38B} - (no file)
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Ask Search Assistant BHO - {0A94B111-4504-4e26-AB05-E61E474AA38B} - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL
O2 - BHO: Video Download Toolbar Helper - {83BD144C-5E53-4E12-8E99-5A7F1BBF3EA0} - C:\Program Files\Video Download Toolbar\v3.3.0.1\Video_Download_Toolbar.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Video Download Toolbar IE Browser Helper Object - {B29002A0-87A1-4DC4-AC55-5982034EB61E} - C:\PROGRA~1\VIDEOD~1\V330~1.1\RESOUR~1\VIDEOD~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\1003251836\ICQToolBar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Video Download Toolbar - {E52BE12D-A44A-4F51-9DC1-34F37A488CC7} - C:\Program Files\Video Download Toolbar\v3.3.0.1\Video_Download_Toolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1029
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ConMet] C:\Program Files\ConMet\ConMet.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [USIUDF_Eject_Monitor] C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKCU\..\Run: [Namedate] C:\Program Files\Nezmeskej\nezmeskej.exe s s
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: srvaju32.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {50E43D86-A74D-11D0-98CE-004005249458} (AnimatedGif Control) - https://www.mojebanka.cz/jars/confwiz/MVSGif.cab
O16 - DPF: {5F509E42-537E-482B-B66C-145BC170054C} (PhotoUploader Control) - http://sberna.foto.cz/snadno-vlozit-fot ... loader.dll
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/i ... ction2.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://213.155.225.179:6666/activex/AMC.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{85A98C0A-B4CF-4075-B35D-9030675451C2}: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 ,207.68.160.190 194.25.2.129 208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 207.68.160.190 194.25.2.129 208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: winmm.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 12176 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-839522115-1801674531-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1482476501-839522115-1801674531-1004UA.job
C:\WINDOWS\tasks\HP DArC Task #Hewlett-Packard#7600#MY375211YXD4.job
C:\WINDOWS\tasks\HP Usg Daily.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1482476501-839522115-1801674531-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1482476501-839522115-1801674531-1004.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{83FEF0D4-15AE-492D-BD04-699DBC89DEB2}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{B8DEC9F5-7D16-4D4B-9944-748C3866206F}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0A94B111-4504-4e26-AB05-E61E474AA38B}]
Ask Search Assistant BHO - C:\Program Files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL [2008-03-13 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83BD144C-5E53-4E12-8E99-5A7F1BBF3EA0}]
Video Download Toolbar Helper - C:\Program Files\Video Download Toolbar\v3.3.0.1\Video_Download_Toolbar.dll [2010-02-21 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2006-10-02 2018368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B29002A0-87A1-4DC4-AC55-5982034EB61E}]
Video Download Toolbar IE Browser Helper Object - C:\PROGRA~1\VIDEOD~1\V330~1.1\RESOUR~1\VIDEOD~1.DLL [2008-11-25 783360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.2.dll [2010-03-01 1107608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4D76F01-7896-458a-890F-E1F05C46069F}]
Ask Toolbar BHO - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL [2008-03-13 241664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2006-10-02 2018368]
{F4D76F09-7896-458a-890F-E1F05C46069F} - Ask Toolbar - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL [2008-03-13 241664]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\1003251836\ICQToolBar.dll [2010-01-03 1019128]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{E52BE12D-A44A-4F51-9DC1-34F37A488CC7} - Video Download Toolbar - C:\Program Files\Video Download Toolbar\v3.3.0.1\Video_Download_Toolbar.dll [2010-02-21 806912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2004-03-10 406016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-10-15 14864384]
"WinFast Schedule"=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2006-03-20 327680]
"REGSHAVE"=C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-09-30 155648]
"USB2Check"=C:\WINDOWS\system32\PCLECoInst.dll [2004-04-06 61440]
"USBToolTip"=C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [2004-04-23 192512]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2006-09-14 157592]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-21 98304]
"ConMet"=C:\Program Files\ConMet\ConMet.exe [2010-04-14 4095488]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"USIUDF_Eject_Monitor"=C:\Program Files\Common Files\Ulead Systems\DVD\USISrv.exe [2004-12-23 81920]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2010-02-21 1093208]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe [2003-05-07 188416]
"HPHUPD05"=C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe [2003-05-23 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-04-08 212992]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2002-12-17 49152]
"HPHmon05"=C:\WINDOWS\system32\hphmon05.exe [2003-05-23 483328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Namedate"=C:\Program Files\Nezmeskej\nezmeskej.exe [2003-12-24 888832]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-04-08 1953792]
"Google Update"=C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-07-24 133104]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2010-03-01 451224]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ISUSPM"=C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-07-12 226904]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Documents and Settings\uživatel\Nabídka Start\Programy\Po spuštění
srvaju32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="winmm.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-06-07 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"
"C:\Program Files\ConMet\ConMet.exe"="C:\Program Files\ConMet\ConMet.exe:*:Enabled:Connection Meter"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Enabled:Program pro přenos souborů"
"C:\Program Files\Radek Chalupa\Kamera 3\Kamera.exe"="C:\Program Files\Radek Chalupa\Kamera 3\Kamera.exe:*:Enabled:Kamera 3"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Alwil Software\Avast4\ashAvast.exe"="C:\Program Files\Alwil Software\Avast4\ashAvast.exe:*:Enabled:avast! Antivirus"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23929d6f-6267-11db-bb27-00167692497a}]
shell\AutoRun\command - H:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e504272e-f5c2-11de-9c78-0015830595cc}]
shell\AutoRun\command - K:\Launcher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e5042732-f5c2-11de-9c78-0015830595cc}]
shell\AutoRun\command - K:\Launcher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fa9ad901-f1db-11de-9c6c-0015830595cc}]
shell\AutoRun\command - K:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fa9ad902-f1db-11de-9c6c-0015830595cc}]
shell\AutoRun\command - K:\StartVMCLite.exe


======List of files/folders created in the last 1 months======

2010-04-22 05:24:32 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-19 15:42:59 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-19 15:42:59 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-19 15:42:59 ----A---- C:\WINDOWS\system32\java.exe
2010-04-19 15:42:59 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-04-14 20:56:22 ----RA---- C:\WINDOWS\system32\hphmon05.exe
2010-04-14 20:56:16 ----A---- C:\WINDOWS\system32\hpzlnt09.dll
2010-04-14 20:56:14 ----A---- C:\WINDOWS\system32\hpzcon09.dll
2010-04-14 19:05:55 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-14 19:05:43 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-14 19:02:05 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-14 19:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 19:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 19:01:25 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-10 10:32:45 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2010-04-10 10:31:12 ----D---- C:\Program Files\Microsoft Security Essentials
2010-04-10 09:19:14 ----D---- C:\Program Files\Microsoft Silverlight
2010-04-05 13:08:28 ----D---- C:\Program Files\Common Files\PCSuite
2010-04-04 08:56:36 ----D---- C:\WINDOWS\Downloaded Installations

======List of files/folders modified in the last 1 months======

2010-05-02 20:18:48 ----D---- C:\Program Files\trend micro
2010-05-02 19:56:14 ----D---- C:\WINDOWS\Temp
2010-05-02 19:55:33 ----D---- C:\Program Files\ConMet
2010-05-02 19:55:09 ----D---- C:\WINDOWS\system32\Lang
2010-05-02 19:55:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-02 19:52:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-02 18:12:40 ----D---- C:\Documents and Settings\uživatel\Data aplikací\ICQ
2010-05-02 13:22:54 ----D---- C:\Program Files\fotoview32
2010-05-02 10:07:45 ----D---- C:\WINDOWS\Prefetch
2010-05-02 10:03:44 ----D---- C:\WINDOWS
2010-05-02 09:58:45 ----D---- C:\WINDOWS\system32\drivers
2010-05-02 09:54:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-02 09:51:33 ----D---- C:\WINDOWS\system32
2010-04-28 22:25:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Zoom Player
2010-04-28 22:01:27 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-25 07:50:06 ----SHD---- C:\WINDOWS\Installer
2010-04-22 22:25:59 ----D---- C:\ekonom.win
2010-04-22 05:27:29 ----HD---- C:\WINDOWS\inf
2010-04-19 15:42:51 ----D---- C:\Program Files\Java
2010-04-17 17:27:10 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-14 21:00:37 ----SD---- C:\WINDOWS\Tasks
2010-04-14 20:59:31 ----D---- C:\Program Files\Hewlett-Packard
2010-04-14 20:59:25 ----D---- C:\Program Files\HP
2010-04-14 20:48:29 ----D---- C:\WINDOWS\system32\NtmsData
2010-04-14 19:06:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-04-14 19:05:51 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-14 19:05:48 ----A---- C:\WINDOWS\imsins.BAK
2010-04-14 15:57:08 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-10 20:20:08 ----D---- C:\Documents and Settings\uživatel\Data aplikací\Skype
2010-04-10 17:43:59 ----D---- C:\Documents and Settings\uživatel\Data aplikací\skypePM
2010-04-10 11:00:29 ----D---- C:\Program Files
2010-04-10 10:59:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-04-10 10:31:18 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-06 21:44:48 ----D---- C:\Documents and Settings
2010-04-06 21:13:02 ----D---- C:\Program Files\Mozilla Firefox
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-05 13:08:28 ----AD---- C:\Program Files\Common Files
2010-04-05 13:08:22 ----D---- C:\Program Files\Common Files\Nokia
2010-04-05 13:04:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2010-04-04 11:12:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-04 09:00:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-04-04 08:56:39 ----SD---- C:\Documents and Settings\uživatel\Data aplikací\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2006-10-05 82380]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2009-12-02 149040]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 USIUDF;USIUDF; C:\WINDOWS\System32\Drivers\USIUDF.sys [2004-07-07 292896]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R2 CX23880;WinFast CX2388x WDM Video Capture.; C:\WINDOWS\system32\drivers\cx88vid.sys [2005-06-28 163584]
R2 CXTUNE;WinFast CX2388x WDM TVTuner.; C:\WINDOWS\system32\drivers\CX88TUNE.sys [2005-06-28 30976]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-06-07 1580544]
R3 CXAVXBAR;WinFast CX2388x WDM Crossbar.; C:\WINDOWS\system32\drivers\cxavxbar.sys [2005-06-28 9728]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2003-09-08 9760]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-07-08 51088]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-07-08 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-07-08 21744]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-10-18 4034048]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 ovt519;TRUST 320 SPACEC@M; C:\WINDOWS\System32\Drivers\ov519vid.sys [2003-05-06 163072]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2005-08-24 74752]
R3 ULCDRHlp;ULCDRHlp; C:\WINDOWS\System32\Drivers\ULCDRHlp.sys [2004-12-23 27392]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\Rar$EX02.562\HWiNFO32.SYS []
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys []
S3 auaay4ib;auaay4ib; C:\WINDOWS\system32\drivers\auaay4ib.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DCamUSBEMPIA;Dazzle DVC90 Video Device; C:\WINDOWS\system32\DRIVERS\emDevice.sys [2004-04-06 100957]
S3 emAudio;Dazzle DVC90 Audio Device; C:\WINDOWS\system32\drivers\emAudio.sys [2004-05-05 19584]
S3 FiltUSBEMPIA;USB Device Lower Filter; C:\WINDOWS\system32\DRIVERS\emFilter.sys [2004-04-06 5245]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2007-04-24 8320]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-28 101120]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 mstrgen;MCCI(r) Firmware Update Driver for MTK; C:\WINDOWS\system32\DRIVERS\mstrgen.sys []
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-12-30 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-12-30 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 ScanUSBEMPIA;USB Still Image Capture Device; C:\WINDOWS\system32\DRIVERS\emScan.sys [2004-04-06 4493]
S3 Ser2pl;MAT Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884]
S3 STIrUsb;STIrUsb.sys USB-IrDA Adapter; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-09-24 30088]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys []
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-12-30 7936]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-06-07 409600]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2006-12-28 122512]
R2 GEARSecurity;GEARSecurity; C:\WINDOWS\SYSTEM32\GEARSEC.EXE [2003-10-20 53248]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-12-09 17904]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-06-07 520192]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Prosím o kontrolu hlučné PC

Napsal: 02 kvě 2010 19:35
od Rudy
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Re: Prosím o kontrolu hlučné PC

Napsal: 02 kvě 2010 20:31
od Vnislav
Děkuji, nyní opět vše v normě
Log z ComboFix obsahuje více jak povolených 60000 znaků, celkem má 220404 znaků, co s tím jako přílohu to také nechce vzit .txt není povoleno.

Re: Prosím o kontrolu hlučné PC

Napsal: 02 kvě 2010 21:13
od Rudy
Vynechte Snapshot a zbytek sem nakopírujte.

Re: Prosím o kontrolu hlučné PC

Napsal: 02 kvě 2010 21:20
od Vnislav
Tak snad jsem to pochopil a udělal správně :)

ComboFix 10-05-02.01 - uživatel 02.05.2010 20:48:45.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.990.448 [GMT 2:00]
Spuštěný z: c:\documents and settings\uživatel\Dokumenty\Staženo\Google Chrome\ComboFix.exe
AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\WindowsUpdate
c:\windows\eSellerateEngine.dll
c:\windows\system32\csftxctl.ocx
L:\install.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-04-02 do 2010-05-02 )))))))))))))))))))))))))))))))
.

2010-04-22 03:24 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-19 13:42 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-14 18:56 . 2003-05-23 02:54 483328 ----a-r- c:\windows\system32\hphmon05.exe
2010-04-14 18:56 . 2003-05-07 20:16 155704 ----a-w- c:\windows\system32\hpzlnt09.dll
2010-04-14 18:56 . 2003-05-07 18:59 270336 ----a-w- c:\windows\system32\hpzcon09.dll
2010-04-14 18:55 . 2003-05-23 02:44 6371 ----a-r- c:\windows\system32\hphmon05.dat
2010-04-10 08:32 . 2010-02-24 08:16 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-04-10 08:31 . 2010-04-10 08:31 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-04-10 07:19 . 2010-04-10 07:19 -------- d-----w- c:\program files\Microsoft Silverlight
2010-04-06 19:44 . 2010-04-06 19:44 -------- d-----w- c:\documents and settings\uĹľivatel
2010-04-05 11:08 . 2010-04-05 11:08 -------- d-----w- c:\program files\Common Files\PCSuite
2010-04-04 08:00 . 2010-04-14 18:59 18478 ----a-w- c:\windows\HPHins01.dat
2010-04-04 08:00 . 2003-05-23 02:44 4308 ------w- c:\windows\hphmdl01.dat
2010-04-04 06:56 . 2010-04-04 06:56 -------- d-----w- c:\windows\Downloaded Installations

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-02 18:45 . 2006-10-02 03:52 -------- d-----w- c:\program files\ConMet
2010-05-02 18:18 . 2009-05-20 18:58 -------- d-----w- c:\program files\trend micro
2010-05-02 11:22 . 2007-06-05 16:28 -------- d-----w- c:\program files\fotoview32
2010-05-02 07:51 . 2006-10-02 16:34 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-19 13:42 . 2006-09-28 19:58 -------- d-----w- c:\program files\Java
2010-04-14 18:59 . 2006-10-05 03:40 -------- d-----w- c:\program files\Hewlett-Packard
2010-04-14 18:59 . 2006-10-05 03:43 -------- d-----w- c:\program files\HP
2010-04-05 11:08 . 2009-06-30 14:32 -------- d-----w- c:\program files\Common Files\Nokia
2010-04-04 09:12 . 2004-08-18 14:00 77782 ----a-w- c:\windows\system32\perfc005.dat
2010-04-04 09:12 . 2004-08-18 14:00 429246 ----a-w- c:\windows\system32\perfh005.dat
2010-03-30 19:06 . 2006-09-28 19:58 -------- d-----w- c:\program files\Common Files\Java
2010-03-26 15:32 . 2009-03-10 15:31 -------- d-----w- c:\program files\ICQ6Toolbar
2010-03-25 17:37 . 2010-03-25 17:35 -------- d-----w- c:\program files\ICQ7.1
2010-03-25 17:36 . 2006-09-21 13:53 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-20 08:30 . 2010-03-20 08:30 -------- d-----w- c:\program files\PC Connectivity Solution
2010-03-20 08:29 . 2009-06-30 14:31 -------- d-----w- c:\program files\Nokia
2010-03-19 04:03 . 2008-11-05 15:22 -------- d-----w- c:\program files\SuperAVConverter
2010-03-10 06:17 . 2004-08-18 14:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:18 . 2004-08-18 14:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2004-08-18 14:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-21 10:56 . 2010-02-21 10:56 292115 ----a-w- c:\windows\Video_Download_Toolbar_Uninstaller_4593.exe
2010-02-16 19:08 . 2004-08-18 14:00 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:08 . 2004-08-17 15:45 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:35 . 2004-08-18 14:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-08-18 14:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2002-07-26 16:02 . 2007-01-28 13:28 153088 ----a-w- c:\program files\UNWISE.EXE
.


(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0A94B116-4504-4e26-AB05-E61E474AA38B}"= "c:\program files\AskPBar\SrchAstt\1.bin\A9SRCHAS.DLL" [2008-03-13 61440]

[HKEY_CLASSES_ROOT\clsid\{0a94b116-4504-4e26-ab05-e61e474aa38b}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83BD144C-5E53-4E12-8E99-5A7F1BBF3EA0}]
2010-02-21 10:56 806912 ----a-w- c:\program files\Video Download Toolbar\v3.3.0.1\Video_Download_Toolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B29002A0-87A1-4DC4-AC55-5982034EB61E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{E52BE12D-A44A-4F51-9DC1-34F37A488CC7}"= "c:\program files\Video Download Toolbar\v3.3.0.1\Video_Download_Toolbar.dll" [2010-02-21 806912]

[HKEY_CLASSES_ROOT\clsid\{e52be12d-a44a-4f51-9dc1-34f37a488cc7}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E52BE12D-A44A-4F51-9DC1-34F37A488CC7}"= "c:\program files\Video Download Toolbar\v3.3.0.1\Video_Download_Toolbar.dll" [2010-02-21 806912]

[HKEY_CLASSES_ROOT\clsid\{e52be12d-a44a-4f51-9dc1-34f37a488cc7}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Namedate"="c:\program files\Nezmeskej\nezmeskej.exe" [2003-12-24 888832]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-04-08 1953792]
"Google Update"="c:\documents and settings\uživatel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2009-07-24 133104]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-03-01 451224]
"ISUSPM"="c:\documents and settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"RTHDCPL"="RTHDCPL.EXE" [2005-10-15 14864384]
"WinFast Schedule"="c:\program files\WinFast\WFTVFM\WFWIZ.exe" [2006-03-20 327680]
"REGSHAVE"="c:\program files\REGSHAVE\REGSHAVE.EXE" [2002-02-04 53248]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
"USB2Check"="c:\windows\system32\PCLECoInst.dll" [2004-04-06 61440]
"USBToolTip"="c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [2004-04-23 192512]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-09-14 157592]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-21 98304]
"ConMet"="c:\program files\ConMet\ConMet.exe" [2010-04-14 4095488]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"USIUDF_Eject_Monitor"="c:\program files\Common Files\Ulead Systems\DVD\USISrv.exe" [2004-12-23 81920]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-02-21 1093208]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-05-07 188416]
"HPHUPD05"="c:\program files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [2003-05-23 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-04-08 212992]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 49152]
"HPHmon05"="c:\windows\system32\hphmon05.exe" [2003-05-23 483328]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]

c:\documents and settings\KNOB\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-6-28 393216]
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-10-4 393216]

c:\documents and settings\NaÔka\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-6-28 393216]
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-10-4 393216]

c:\documents and settings\u§ivatel\Nabˇdka Start\Programy\Po spuçtŘnˇ\
srvaju32.exe [2008-4-14 30208]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\ConMet\\ConMet.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\ftp.exe"=
"c:\\Program Files\\Radek Chalupa\\Kamera 3\\Kamera.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31.7.2008 21:45 20616]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [10.3.2009 17:31 246520]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.10.2006 17:00 611064]
S2 HWiNFO32;HWiNFO32 Kernel Driver;\??\c:\docume~1\UIVATE~1\LOCALS~1\Temp\Rar$EX02.562\HWiNFO32.SYS --> c:\docume~1\UIVATE~1\LOCALS~1\Temp\Rar$EX02.562\HWiNFO32.SYS [?]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys --> c:\windows\system32\DRIVERS\adusbser.sys [?]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 15:58 26248]
S3 mstrgen;MCCI(r) Firmware Update Driver for MTK;c:\windows\system32\DRIVERS\mstrgen.sys --> c:\windows\system32\DRIVERS\mstrgen.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [20.3.2010 10:29 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [20.3.2010 10:30 8320]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [21.9.2006 16:53 9446]
.
Obsah adresáře 'Naplánované úlohy'

2010-04-14 c:\windows\Tasks\HP DArC Task 2003-04-08 07:12ewlett-Packard76002003-04-08 10:45Y375211YXD4.job
- c:\program files\HP\hpcoretech\comp\hpdarc.exe [2003-04-08 10:45]

2010-05-02 c:\windows\Tasks\HP Usg Daily.job
- c:\program files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\pexpress\hphped05.exe [2010-04-14 03:03]

2010-05-02 c:\windows\Tasks\User_Feed_Synchronization-{83FEF0D4-15AE-492D-BD04-699DBC89DEB2}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]

2010-05-02 c:\windows\Tasks\User_Feed_Synchronization-{B8DEC9F5-7D16-4D4B-9944-748C3866206F}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
Trusted Zone: mojebanka.cz\www
TCP: {85A98C0A-B4CF-4075-B35D-9030675451C2} = 207.68.160.190 194.25.2.129 208.67.222.222 ,207.68.160.190 194.25.2.129 208.67.222.222
DPF: {50E43D86-A74D-11D0-98CE-004005249458} - hxxps://www.mojebanka.cz/jars/confwiz/MVSGif.cab
DPF: {5F509E42-537E-482B-B66C-145BC170054C} - hxxp://sberna.foto.cz/snadno-vlozit-fotografie/fs/FotoStarPhotoUploader.dll
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://213.155.225.179:6666/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\4r3afqes.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.2&q=
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-0A94B116-4504-4e26-AB05-E61E474AA38B} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E} - c:\program files\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\setup\hpzscr01.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-02 21:05
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(764)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-05-02 21:09:05
ComboFix-quarantined-files.txt 2010-05-02 19:09
ComboFix2.txt 2009-05-21 19:41

Před spuštěním: Volných bajtů: 132 542 435 328
Po spuštění: Volných bajtů: 134 584 213 504

- - End Of File - - 77F438F579CF44F9F374B44095B6A762

Re: Prosím o kontrolu hlučné PC

Napsal: 02 kvě 2010 21:23
od Rudy
Je to OK. 4 položky CF smazal, zbytek logu vypadá čistý.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz