VIRY.CZ

Dobrý den,
rád bych vás požádal o kontrolu logu. PC se v poslední době velmi zpomalilo. Asi tam běží spousta věcí co běžet nemusí. Děkuji
Logfile of random's system information tool 1.08 (written by random/random)
Run by Kryštof at 2010-11-27 10:44:02
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 17 GB (29%) free of 60 GB
Total RAM: 1023 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:44:15, on 27.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\ASWL2K.exe
C:\WINDOWS\system32\lxducoms.exe
C:\Program Files\Norton 360\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Norton 360\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
C:\Program Files\Lexmark 5600-6600 Series\lxduMsdMon.exe
D:\Hry\QuickTime\qttask.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Kryštof\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Kryštof.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Norton 360\Engine\4.3.0.5\IPSBHO.DLL
O2 - BHO: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Lexmark Panel nástrojů - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Norton 360\Engine\4.3.0.5\coIEPlg.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [lxdumon.exe] "C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe"
O4 - HKLM\..\Run: [lxduamon] "C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Hry\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NokiaMusic FastStart] "D:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] D:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 5383642859
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxduCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe
O23 - Service: lxdu_device - - C:\WINDOWS\system32\lxducoms.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Armed Assault Drivers Auto Removal (pr2agmlb) (pr2agmlb) - Bohemia Interactive - C:\WINDOWS\system32\pr2agmlb.exe
O23 - Service: Helldorado Drivers Auto Removal (pr2anfab) (pr2anfab) - seven m Kft - C:\WINDOWS\system32\pr2anfab.exe
O23 - Service: CD Guard Drivers Auto Removal (v2) (psrem02) - Protection Technology - C:\WINDOWS\system32\psrem02.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9475 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}]
Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Norton 360\Engine\4.3.0.5\coIEPlg.dll [2010-09-04 396144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Norton 360\Engine\4.3.0.5\IPSBHO.DLL [2009-11-17 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2C5E510-BE6D-42CC-9F61-E4F939078474}]
Lexmark - C:\Program Files\Lexmark Printable Web\bho.dll [2008-11-03 180224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-19 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-19 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} - Lexmark Panel nástrojů - C:\Program Files\Lexmark Toolbar\toolband.dll [2009-05-06 372736]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Norton 360\Engine\4.3.0.5\coIEPlg.dll [2010-09-04 396144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"=C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [2004-10-07 131072]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"lxdumon.exe"=C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe [2008-05-29 676520]
"lxduamon"=C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe [2008-05-29 16040]
"NPSStartup"= []
"QuickTime Task"=D:\Hry\QuickTime\qttask.exe [2008-09-04 98304]
"nwiz"=nwiz.exe /installquiet []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-01-11 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"NokiaMusic FastStart"=D:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2010-03-04 2192672]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AutoStartNPSAgent"=D:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]
"DWQueuedReporting"=C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2008-11-04 435096]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2006-09-10 218032]
"DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - D:\Program Files\Microsoft Office\Office10\OSA.EXE
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\Kryštof\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0xFF000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\Hry\Team17 Software Ltd\WormsForts\wf.exe"="D:\Hry\Team17 Software Ltd\WormsForts\wf.exe:*:Enabled:wf"
"D:\Hry\UBISOFT\Heroes of Might and Magic V\bin\H5_Game.exe"="D:\Hry\UBISOFT\Heroes of Might and Magic V\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V"
"D:\Hry\Pyro\Commandos 3 - Destination Berlin\Commandos3.exe"="D:\Hry\Pyro\Commandos 3 - Destination Berlin\Commandos3.exe:*:Enabled:Commandos3"
"D:\Hry\OpenArena\ioquake3.x86.exe"="D:\Hry\OpenArena\ioquake3.x86.exe:*:Enabled:ioquake3.x86"
"D:\Hry\5star Gomoku\Gomoku.exe"="D:\Hry\5star Gomoku\Gomoku.exe:*:Enabled:Gomoku"
"D:\Hry\FlatOut2\FlatOut2.exe"="D:\Hry\FlatOut2\FlatOut2.exe:*:Enabled:FlatOut2"
"D:\Hry\Cenega Czech\Sid Meier's Civilization III Gold\CIV3PTW\Civilization3X.exe"="D:\Hry\Cenega Czech\Sid Meier's Civilization III Gold\CIV3PTW\Civilization3X.exe:*:Enabled:Civilization3Xd"
"D:\Hry\Eidos\Pyro Studios\Commandos Strike Force\CommXPC.exe"="D:\Hry\Eidos\Pyro Studios\Commandos Strike Force\CommXPC.exe:*:Disabled:CommXPC"
"D:\Hry\TrackMania Sunrise\TmSunrise.exe"="D:\Hry\TrackMania Sunrise\TmSunrise.exe:*:Enabled:TmSunrise"
"D:\Hry\EA SPORTS\UEFA EURO 2008\EURO08.exe"="D:\Hry\EA SPORTS\UEFA EURO 2008\EURO08.exe:*:Enabled:EURO08"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"D:\Hry\Activision\Mat Hoffman's Pro BMX\BMX.exe"="D:\Hry\Activision\Mat Hoffman's Pro BMX\BMX.exe:*:Enabled:BMX"
"D:\Hry\THQ\Pandemic Studios\Full Spectrum Warrior\Launcher.exe"="D:\Hry\THQ\Pandemic Studios\Full Spectrum Warrior\Launcher.exe:*:Enabled:Launcher"
"D:\Hry\Call of Duty\CoDUOMP.exe"="D:\Hry\Call of Duty\CoDUOMP.exe:*:Enabled:CoDUOMP"
"D:\Hry\Call of Duty\CoDMP.exe"="D:\Hry\Call of Duty\CoDMP.exe:*:Disabled:CoDMP"
"D:\Hry\UBISOFT\Gearbox Software\BrothersInArms\System\bia.exe"="D:\Hry\UBISOFT\Gearbox Software\BrothersInArms\System\bia.exe:*:Enabled:Brothers In Arms: Road to Hill 30"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Hry\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Hry\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"D:\Hry\UBISOFT\Shaun White Snowboarding\ShaunWhiteSnowboardingGame.exe"="D:\Hry\UBISOFT\Shaun White Snowboarding\ShaunWhiteSnowboardingGame.exe:*:Enabled:Shaun White Snowboarding Game"
"D:\Hry\UBISOFT\Shaun White Snowboarding\ShaunWhiteSnowboarding.exe"="D:\Hry\UBISOFT\Shaun White Snowboarding\ShaunWhiteSnowboarding.exe:*:Enabled:Shaun White Snowboarding Update"
"D:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="D:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"D:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="D:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"D:\Hry\Counter-Strike Source\hl2.exe"="D:\Hry\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\WINDOWS\system32\lxducoms.exe"="C:\WINDOWS\system32\lxducoms.exe:*:Enabled:5600-6600 Series Server"
"D:\Hry\Tony Hawk's Underground 2\Game\THUG2.exe"="D:\Hry\Tony Hawk's Underground 2\Game\THUG2.exe:*:Disabled:THUG2"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Steam\steamapps\common\audiosurf\engine\QuestViewer.exe"="D:\Program Files\Steam\steamapps\common\audiosurf\engine\QuestViewer.exe:*:Enabled:Audiosurf"
"D:\Hry\UBISOFT\Assassin's Creed\AssassinsCreed_Dx9.exe"="D:\Hry\UBISOFT\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"D:\Hry\UBISOFT\Assassin's Creed\AssassinsCreed_Dx10.exe"="D:\Hry\UBISOFT\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"D:\Hry\UBISOFT\Assassin's Creed\AssassinsCreed_Launcher.exe"="D:\Hry\UBISOFT\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"D:\Hry\TmNationsForever\TmForever.exe"="D:\Hry\TmNationsForever\TmForever.exe:*:Disabled:TmForever"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-11-27 10:44:03 ----D---- C:\Program Files\trend micro
2010-11-27 10:44:02 ----D---- C:\rsit
2010-11-24 11:04:57 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2010-11-24 11:02:40 ----D---- C:\Program Files\Nokia
2010-11-21 17:58:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\TmForever
2010-11-20 11:21:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2010-11-20 10:16:17 ----D---- C:\Program Files\Google
2010-11-20 09:58:42 ----D---- C:\Program Files\Zrychleni Pocitace
2010-11-19 19:42:07 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2010-11-19 19:41:43 ----D---- C:\Documents and Settings\Kryštof\Data aplikací\Telefónica Móviles
2010-11-19 19:40:54 ----A---- C:\WINDOWS\system32\drivers\ewusbnet.sys
2010-11-19 19:40:54 ----A---- C:\WINDOWS\system32\drivers\ewusbmdm.sys
2010-11-19 19:40:54 ----A---- C:\WINDOWS\system32\drivers\ewusbdev.sys
2010-11-19 19:40:54 ----A---- C:\WINDOWS\system32\drivers\ewdcsc.sys
2010-11-19 19:39:05 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2010-11-17 15:04:22 ----D---- C:\Documents and Settings\Kryštof\Data aplikací\Ashampoo
2010-11-17 15:04:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\ashampoo
2010-11-10 19:33:24 ----D---- C:\Documents and Settings\Kryštof\Data aplikací\DAEMON Tools Lite
2010-11-10 19:33:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2010-11-03 16:33:06 ----D---- C:\Documents and Settings\Kryštof\Data aplikací\Ubisoft

======List of files/folders modified in the last 1 months======

2010-11-27 10:44:15 ----D---- C:\WINDOWS\Prefetch
2010-11-27 10:44:03 ----RD---- C:\Program Files
2010-11-27 10:44:00 ----D---- C:\WINDOWS\temp
2010-11-27 10:39:28 ----AD---- C:\WINDOWS
2010-11-27 10:38:28 ----SHD---- C:\System Volume Information
2010-11-27 10:37:51 ----D---- C:\WINDOWS\system32\ias
2010-11-27 10:37:49 ----A---- C:\WINDOWS\ModemLog_Sériový kabel mezi dvěma počítači.txt
2010-11-26 21:20:16 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-11-25 12:55:21 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-25 12:42:54 ----D---- C:\Program Files\Mozilla Thunderbird
2010-11-24 18:15:36 ----D---- C:\Program Files\Mozilla Firefox
2010-11-24 11:05:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2010-11-24 11:05:07 ----SHD---- C:\WINDOWS\Installer
2010-11-24 11:04:58 ----D---- C:\WINDOWS\system32\drivers
2010-11-24 11:04:57 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-11-24 11:04:56 ----HD---- C:\WINDOWS\inf
2010-11-24 11:04:39 ----D---- C:\Program Files\PC Connectivity Solution
2010-11-24 11:02:41 ----D---- C:\Program Files\Common Files\Nokia
2010-11-24 11:00:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nokia
2010-11-21 19:55:46 ----D---- C:\Documents and Settings
2010-11-21 17:57:50 ----D---- C:\WINDOWS\system32\DirectX
2010-11-21 17:57:48 ----RSD---- C:\WINDOWS\assembly
2010-11-20 11:23:25 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-20 11:23:11 ----D---- C:\Garmin
2010-11-20 11:21:47 ----RSD---- C:\WINDOWS\Fonts
2010-11-20 11:21:47 ----A---- C:\WINDOWS\win.ini
2010-11-20 11:21:16 ----SD---- C:\WINDOWS\Tasks
2010-11-20 10:44:19 ----A---- C:\ASWL2K.ini
2010-11-20 10:10:56 ----D---- C:\WINDOWS\Debug
2010-11-20 10:10:54 ----D---- C:\WINDOWS\Minidump
2010-11-19 19:42:52 ----D---- C:\WINDOWS\system32
2010-11-19 19:42:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-11-19 19:39:14 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-11-17 12:25:48 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-11-12 20:39:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-11-12 20:28:06 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-03 16:32:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2010-11-01 16:55:10 ----D---- C:\Program Files\ICQ7.1

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 pe3agmlb;Armed Assault Environment Driver (pe3agmlb); C:\WINDOWS\system32\drivers\pe3agmlb.sys [2007-06-04 65408]
R0 pe3anfab;Helldorado Environment Driver (pe3anfab); C:\WINDOWS\system32\drivers\pe3anfab.sys [2007-10-04 64632]
R0 pf2anfab;Helldorado File System Driver (pf2anfab); C:\WINDOWS\system32\drivers\pf2anfab.sys [2007-10-04 83576]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 ps6agmlb;Armed Assault Synchronization Driver (ps6agmlb); C:\WINDOWS\system32\drivers\ps6agmlb.sys [2007-06-04 55688]
R0 ps7anfab;Helldorado Synchronization Driver (ps7anfab); C:\WINDOWS\system32\drivers\ps7anfab.sys [2007-10-04 68224]
R0 psdrv02;CD Guard Environment Driver (v2); C:\WINDOWS\system32\drivers\psdrv02.sys [2006-09-11 67960]
R0 pssync05;CD Guard Synchronization Driver (v5); C:\WINDOWS\system32\drivers\pssync05.sys [2006-11-03 61312]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-10 691696]
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\N360\0403000.005\SYMDS.SYS [2009-10-15 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\N360\0403000.005\SYMEFA.SYS [2010-04-22 173104]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2004-07-20 20096]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101104.001\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\N360\0403000.005\ccHPx86.sys [2010-02-26 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\N360\0403000.005\SRTSPX.SYS [2010-04-22 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\N360\0403000.005\Ironx86.SYS [2010-04-29 116784]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\N360\0403000.005\SYMTDI.SYS [2010-05-06 361904]
R1 tidnet;TID NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\tidnet.sys [2009-09-15 19200]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-11-16 20747]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-12-25 278728]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-12-21 18048]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
R3 BCM43XX;Ovladač síťového adaptéru ASUS 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101124.002\IDSxpx86.sys []
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101125.037\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20101125.037\NAVEX15.SYS []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-12 10276768]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2004-09-10 52224]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-10-05 33280]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-10-05 12928]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2004-09-10 412032]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\N360\0403000.005\SRTSP.SYS [2010-04-22 325680]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D.sys [2004-07-06 44544]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-05-13 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-05-13 44384]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 ae9t5wu4;ae9t5wu4; C:\WINDOWS\system32\drivers\ae9t5wu4.sys []
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\J:\INSTAL~E\Core\BVRPMPR5.SYS []
S3 FXDRV;FXDRV; \??\J:\Fxdrv.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2009-12-15 24448]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102528]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-12-15 100736]
S3 jgameenp;jgameenp; \??\C:\DOCUME~1\KRYTOF~1\LOCALS~1\Temp\jgameenp.sys []
S3 kvpndev;Kerio VPN adapter; C:\WINDOWS\system32\DRIVERS\kvpndrv.sys [2008-06-24 65024]
S3 kwflower;Kerio WinRoute Firewall Driver - Lower Layer; C:\WINDOWS\system32\DRIVERS\kwflower.sys []
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\1BC.tmp []
S3 mirrorv3;mirrorv3; C:\WINDOWS\system32\DRIVERS\rminiv3.sys [2006-11-01 3328]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PRODIGY;PRODIGY; C:\WINDOWS\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 rkhdrv40;Rootkit Unhooker Driver; C:\WINDOWS\system32\drivers\rkhdrv40.sys []
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-05-13 21440]
S3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2004-05-13 14720]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-05-13 5600]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASWLSVC;ASWLSVC; C:\WINDOWS\system32\ASWLSVC.exe [2004-05-06 496640]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2004-07-20 90112]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-19 153376]
R2 lxdu_device;lxdu_device; C:\WINDOWS\system32\lxducoms.exe [2008-05-23 594600]
R2 N360;Norton 360; C:\Program Files\Norton 360\Norton 360\Engine\4.3.0.5\ccSvcHst.exe [2010-02-26 126392]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-01-11 154216]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-09-14 66872]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 lxduCATSCustConnectService;lxduCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxduserv.exe [2008-05-23 98984]
S2 pr2agmlb;Armed Assault Drivers Auto Removal (pr2agmlb); C:\WINDOWS\system32\pr2agmlb.exe [2007-06-04 407168]
S2 pr2anfab;Helldorado Drivers Auto Removal (pr2anfab); C:\WINDOWS\system32\pr2anfab.exe [2007-10-04 411000]
S2 psrem02;CD Guard Drivers Auto Removal (v2); C:\WINDOWS\system32\psrem02.exe [2006-05-11 358008]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-10-20 630272]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 BKU;BKU; C:\DOCUME~1\BORUSK~1\LOCALS~1\Temp\BKU.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NFZEXS;NFZEXS; C:\DOCUME~1\BORUSK~1\LOCALS~1\Temp\NFZEXS.exe []

-----------------EOF-----------------

Dobrý večer

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.




Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

tak tady to je:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 5204

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

28.11.2010 19:05:47
mbam-log-2010-11-28 (19-05-47).txt

Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 467372
Uplynulý čas: 7 hodina(y), 44 minuta(y), 37 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Documents and Settings\Ondra\Plocha\Hry\potrestanie.exe (Joke.Stressreducer) -> No action taken.

Otestujte na www.virustotal.com
C:\Documents and Settings\Ondra\Plocha\Hry\potrestanie.exe


Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

omlouvám se za zpoždění, byl jsem mimo.
Ten soubor potrestanie jsem vymazal. byla to nějaká blbost dětí.

Spustil jsem combofix, ale 2x proběhl celý testa apak se počítač restartoval. tak jsem to zkusil v nouzovém režimu. To již proběhlo a vyvořil se log. jen v průběhu mi počítač oznámil, že musel ukončit program pov.exe

ComboFix 10-12-01.01 - Kryštof 02.12.2010 16:47:20.14.1 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.795 [GMT 1:00]
Spuštěný z: c:\documents and settings\Kryštof\Plocha\ComboFix.exe
AV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
c:\program files\Internet Explorer\plugins\npqtplugin3.dll
c:\program files\Internet Explorer\plugins\npqtplugin4.dll
c:\program files\Internet Explorer\plugins\npqtplugin5.dll
c:\program files\Internet Explorer\plugins\npqtplugin6.dll
c:\program files\Internet Explorer\plugins\npqtplugin7.dll
c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll
c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll
c:\program files\Mozilla Firefox\Plugins\npqtplugin4.dll
c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll
c:\program files\Mozilla Firefox\plugins\npqtplugin7.dll
c:\program files\Mozilla Thunderbird\plugins\npqtplugin2.dll
c:\program files\Mozilla Thunderbird\plugins\npqtplugin3.dll
c:\program files\Mozilla Thunderbird\plugins\npqtplugin4.dll
c:\program files\Mozilla Thunderbird\plugins\npqtplugin5.dll
c:\program files\Mozilla Thunderbird\plugins\npqtplugin6.dll
c:\program files\Mozilla Thunderbird\plugins\npqtplugin7.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-02 do 2010-12-02 )))))))))))))))))))))))))))))))
.

2010-11-30 08:03 . 2010-11-30 08:03 1409 ----a-w- c:\windows\QTFont.for
2010-11-28 10:13 . 2010-11-28 10:13 -------- d-----w- c:\documents and settings\Ondra\Data aplikací\Malwarebytes
2010-11-28 10:13 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-28 10:13 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-28 10:13 . 2010-11-28 10:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-27 15:16 . 2010-11-27 15:16 -------- d-----w- c:\program files\CPUID
2010-11-27 11:05 . 2010-11-27 11:05 -------- d-----w- c:\windows\system32\N360_BACKUP
2010-11-27 09:44 . 2010-11-27 09:44 -------- d-----w- c:\program files\trend micro
2010-11-27 09:44 . 2010-11-27 09:44 -------- d-----w- C:\rsit
2010-11-24 10:04 . 2008-08-26 09:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-11-24 10:02 . 2010-11-24 10:02 -------- d-----w- c:\program files\Nokia
2010-11-22 15:13 . 2010-11-22 15:13 -------- d-----w- c:\documents and settings\Ondra\Data aplikací\Telefónica Móviles
2010-11-21 16:58 . 2010-11-21 17:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TmForever
2010-11-20 09:41 . 2010-11-20 09:41 -------- d-----w- c:\documents and settings\Kryštof\Local Settings\Data aplikací\Google
2010-11-20 09:21 . 2010-11-20 09:21 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2010-11-20 09:16 . 2010-11-20 09:18 -------- d-----w- c:\documents and settings\Borusík\Local Settings\Data aplikací\Temp
2010-11-20 09:16 . 2010-11-20 09:16 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2010-11-20 09:16 . 2010-11-20 10:21 -------- d-----w- c:\program files\Google
2010-11-20 09:16 . 2010-11-20 09:16 -------- d-----w- c:\documents and settings\Borusík\Local Settings\Data aplikací\Google
2010-11-20 08:58 . 2010-11-20 09:40 -------- d-----w- c:\program files\Zrychleni Pocitace
2010-11-20 08:55 . 2010-11-20 08:55 -------- d-----w- c:\documents and settings\Borusík\Data aplikací\Telefónica Móviles
2010-11-19 18:41 . 2010-11-19 18:41 -------- d-----w- c:\documents and settings\Kryštof\Data aplikací\Telefónica Móviles
2010-11-19 18:39 . 2008-04-13 19:45 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-11-19 18:39 . 2008-04-13 19:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-11-17 14:04 . 2010-11-17 14:04 -------- d-----w- c:\documents and settings\Kryštof\Data aplikací\Ashampoo
2010-11-17 14:04 . 2010-11-17 14:04 -------- d-----w- c:\documents and settings\Kryštof\Local Settings\Data aplikací\ashampoo
2010-11-17 14:04 . 2010-11-17 14:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ashampoo
2010-11-10 18:33 . 2010-11-10 18:40 -------- d-----w- c:\documents and settings\Kryštof\Data aplikací\DAEMON Tools Lite
2010-11-10 18:33 . 2010-11-10 18:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2010-11-09 13:37 . 2010-11-09 13:37 9932 ----a-w- c:\documents and settings\All Users\SPL55.tmp
2010-11-07 13:16 . 2010-11-07 13:16 -------- d-----w- c:\documents and settings\Ondra\Data aplikací\Ubisoft
2010-11-03 15:33 . 2010-11-03 15:33 -------- d-----w- c:\documents and settings\Kryštof\Data aplikací\Ubisoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-17 11:26 . 2007-12-14 07:57 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-11-17 11:25 . 2007-12-14 07:57 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-11-10 18:33 . 2009-09-11 15:00 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-26 11:24 . 2010-09-26 11:24 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-09-19 15:05 . 2010-09-19 15:06 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-19 15:05 . 2010-09-19 14:53 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-18 10:23 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2006-03-02 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2006-03-02 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2006-03-02 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-10 05:52 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:52 . 2006-03-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AutoStartNPSAgent"="d:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe" [2009-04-02 102400]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-09-10 218032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-10-07 131072]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"lxdumon.exe"="c:\program files\Lexmark 5600-6600 Series\lxdumon.exe" [2008-05-29 676520]
"lxduamon"="c:\program files\Lexmark 5600-6600 Series\lxduamon.exe" [2008-05-29 16040]
"NPSStartup"="" [BU]
"QuickTime Task"="d:\hry\QuickTime\qttask.exe" [2008-09-04 98304]
"nwiz"="nwiz.exe" [BU]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]
"NokiaMusic FastStart"="d:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096]

c:\documents and settings\Kryçtof\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Microsoft Office.lnk - d:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"d:\\Hry\\Team17 Software Ltd\\WormsForts\\wf.exe"=
"d:\\Hry\\UBISOFT\\Heroes of Might and Magic V\\bin\\H5_Game.exe"=
"d:\\Hry\\Pyro\\Commandos 3 - Destination Berlin\\Commandos3.exe"=
"d:\\Hry\\OpenArena\\ioquake3.x86.exe"=
"d:\\Hry\\5star Gomoku\\Gomoku.exe"=
"d:\\Hry\\FlatOut2\\FlatOut2.exe"=
"d:\\Hry\\Cenega Czech\\Sid Meier's Civilization III Gold\\CIV3PTW\\Civilization3X.exe"=
"d:\\Hry\\Eidos\\Pyro Studios\\Commandos Strike Force\\CommXPC.exe"=
"d:\\Hry\\TrackMania Sunrise\\TmSunrise.exe"=
"d:\\Hry\\EA SPORTS\\UEFA EURO 2008\\EURO08.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"d:\\Hry\\Activision\\Mat Hoffman's Pro BMX\\BMX.exe"=
"d:\\Hry\\THQ\\Pandemic Studios\\Full Spectrum Warrior\\Launcher.exe"=
"d:\\Hry\\Call of Duty\\CoDUOMP.exe"=
"d:\\Hry\\Call of Duty\\CoDMP.exe"=
"d:\\Hry\\UBISOFT\\Gearbox Software\\BrothersInArms\\System\\bia.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Hry\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"d:\\Hry\\UBISOFT\\Shaun White Snowboarding\\ShaunWhiteSnowboardingGame.exe"=
"d:\\Hry\\UBISOFT\\Shaun White Snowboarding\\ShaunWhiteSnowboarding.exe"=
"d:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"d:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"d:\\Hry\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\WINDOWS\\system32\\lxducoms.exe"=
"d:\\Hry\\Tony Hawk's Underground 2\\Game\\THUG2.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"d:\\Hry\\UBISOFT\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"d:\\Hry\\UBISOFT\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"d:\\Hry\\UBISOFT\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"d:\\Hry\\TmNationsForever\\TmForever.exe"=

R0 pe3agmlb;Armed Assault Environment Driver (pe3agmlb);c:\windows\system32\drivers\pe3agmlb.sys [4.6.2007 20:01 65408]
R0 pe3anfab;Helldorado Environment Driver (pe3anfab);c:\windows\system32\drivers\pe3anfab.sys [4.10.2007 17:26 64632]
R0 pf2anfab;Helldorado File System Driver (pf2anfab);c:\windows\system32\drivers\pf2anfab.sys [4.10.2007 17:25 83576]
R0 ps6agmlb;Armed Assault Synchronization Driver (ps6agmlb);c:\windows\system32\drivers\ps6agmlb.sys [4.6.2007 20:01 55688]
R0 ps7anfab;Helldorado Synchronization Driver (ps7anfab);c:\windows\system32\drivers\ps7anfab.sys [4.10.2007 17:25 68224]
R0 psdrv02;CD Guard Environment Driver (v2);c:\windows\system32\drivers\psdrv02.sys [11.9.2006 13:01 67960]
R0 pssync05;CD Guard Synchronization Driver (v5);c:\windows\system32\drivers\pssync05.sys [3.11.2006 9:24 61312]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0403000.005\symds.sys [24.9.2010 15:48 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0403000.005\symefa.sys [24.9.2010 15:48 173104]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [11.9.2009 16:00 691696]
S1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101123.003\BHDrvx86.sys [23.11.2010 3:20 691248]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0403000.005\cchpx86.sys [24.9.2010 15:48 501888]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0403000.005\ironx86.sys [24.9.2010 15:48 116784]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [26.12.2009 16:04 233472]
S2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe -service --> c:\windows\system32\lxducoms.exe -service [?]
S2 lxduCATSCustConnectService;lxduCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxduserv.exe [17.2.2010 20:10 98984]
S2 N360;Norton 360;c:\program files\Norton 360\Norton 360\Engine\4.3.0.5\ccsvchst.exe [24.9.2010 15:47 126392]
S2 pr2agmlb;Armed Assault Drivers Auto Removal (pr2agmlb);c:\windows\system32\pr2agmlb.exe svc --> c:\windows\system32\pr2agmlb.exe svc [?]
S2 pr2anfab;Helldorado Drivers Auto Removal (pr2anfab);c:\windows\system32\pr2anfab.exe svc --> c:\windows\system32\pr2anfab.exe svc [?]
S2 psrem02;CD Guard Drivers Auto Removal (v2);c:\windows\system32\psrem02.exe svc --> c:\windows\system32\psrem02.exe svc [?]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12.7.2010 18:23 102448]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [26.12.2009 16:04 36608]
S3 FXDRV;FXDRV;\??\j:\fxdrv.sys --> j:\Fxdrv.sys [?]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys --> c:\windows\system32\DRIVERS\ewdcsc.sys [?]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?]
S3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101130.001\IDSXpx86.sys [19.10.2010 21:36 341880]
S3 jgameenp;jgameenp;\??\c:\docume~1\KRYTOF~1\LOCALS~1\Temp\jgameenp.sys --> c:\docume~1\KRYTOF~1\LOCALS~1\Temp\jgameenp.sys [?]
S3 kvpndev;Kerio VPN adapter;c:\windows\system32\drivers\kvpndrv.sys [24.6.2008 9:36 65024]
S3 kwflower;Kerio WinRoute Firewall Driver - Lower Layer;c:\windows\system32\DRIVERS\kwflower.sys --> c:\windows\system32\DRIVERS\kwflower.sys [?]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\1BC.tmp --> c:\windows\system32\1BC.tmp [?]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [11.2.2010 17:34 32377]
S3 rkhdrv40;Rootkit Unhooker Driver; [x]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [26.12.2009 16:04 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [26.12.2009 16:04 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [26.12.2009 16:04 121856]
S4 BKU;BKU;c:\docume~1\BORUSK~1\LOCALS~1\Temp\BKU.exe --> c:\docume~1\BORUSK~1\LOCALS~1\Temp\BKU.exe [?]
S4 NFZEXS;NFZEXS;c:\docume~1\BORUSK~1\LOCALS~1\Temp\NFZEXS.exe --> c:\docume~1\BORUSK~1\LOCALS~1\Temp\NFZEXS.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~1\Office10\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
FF - ProfilePath - c:\documents and settings\Kryštof\Data aplikací\Mozilla\Firefox\Profiles\6z5cakxn.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - Extension: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\documents and settings\Kryštof\Data aplikací\Mozilla\Firefox\Profiles\6z5cakxn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Extension: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-02 16:52
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Norton 360\Engine\4.3.0.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Norton 360\Engine\4.3.0.5\diMaster.dll\" /prefetch:1"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\1BC.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1614895754-179605362-839522115-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:bb,76,2a,74,2f,15,5c,df,a0,c3,8f,cc,38,07,04,08,72,27,1e,cd,37,a6,26,
f9,1a,54,6c,f4,ba,fa,fb,2a,f0,15,b7,6d,6c,7e,9f,33,08,45,f6,76,9f,66,fe,b2,\
"??"=hex:7b,24,86,bd,b6,e4,3e,f0,46,f0,1c,8c,14,e8,56,bb

[HKEY_USERS\S-1-5-21-1614895754-179605362-839522115-1006\Software\SecuROM\License information*]
"datasecu"=hex:20,ac,09,7b,b3,49,68,fe,19,8c,5b,6d,0b,2c,f1,0e,79,14,60,ed,75,
e6,fd,94,8e,1b,5d,44,d4,56,0b,ea,22,99,46,f7,b4,48,bf,6d,12,66,54,fa,c0,88,\
"rkeysecu"=hex:e8,65,86,89,be,11,31,b6,e4,d4,88,0f,00,49,0b,23

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2010-12-02 16:54:00
ComboFix-quarantined-files.txt 2010-12-02 15:53

Před spuštěním: Volných bajtů: 34 697 146 368
Po spuštění: Volných bajtů: 34 677 268 480

Current=2 Default=2 Failed=4 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 430298C52BAEA9ED28B25F4C77843744

Ještě něco domažeme, ale poprosím Vás, najděte složku c:\qoobox a upněte mi ji sem jako přílohu. Zdá se že combofix mazal co neměl. Otestuji to a uvidím

zkusil jsem ji zapakovat a přiložil, ale do jednoho adresáře mě nepustil (Backenv)

Takže ty pluginy jsou v pořádku, nevím proč Vám je combofix smazal . Vrátíme je.

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci


Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

S combofixem jsem vše udělal podle návodu. Bohužel pro proběhniutí všech 50fází mi nevytvořil log, ale opět mi restartoval PC. nenechával jsem ho tedy znovu proběhnout v nouzovém režimu, aby případně opět nesmazal stejné soubory. Níže je log z MBAMu a doufám, že už ho nebudu muset opakovat (trvalo to asi 12hodin)

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5204

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

4.12.2010 22:02:20
mbam-log-2010-12-04 (22-02-20).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 430060
Time elapsed: 6 hour(s), 33 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Time elapsed: 6 hour(s), 33 minute(s), 50 second(s)

ale i to je dost, asi toho máte na disku hodně . to bylo jen pro jistotu, zda není něco skryto v registrech, mbam je na tohle dobrý

tak 6 hodin ani náhodou. Měří blbě, nebo jen běžící čas. Tím chci říct, že možná tím jak se seká, je to celé delší. Je nějaká šance jak ho zrychlit?

Ještě mrkneme na ty breberky

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

tak tady to je

ComboFix 10-12-11.04 - Ondra 12.12.2010 14:45:48.16.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.430 [GMT 1:00]
Spuštěný z: C:\Documents and Settings\Ondra\Plocha\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-11-12 do 2010-12-12 )))))))))))))))))))))))))))))))
.

2010-12-07 17:42:01 . 2010-12-07 17:42:01 232968 ----a-w- C:\WINDOWS\system32\nvdrsdb0.bin
2010-12-07 17:41:45 . 2010-12-07 17:42:01 1 ----a-w- C:\WINDOWS\system32\nvdrssel.bin
2010-12-07 17:41:45 . 2010-12-07 17:41:45 232968 ----a-w- C:\WINDOWS\system32\nvdrsdb1.bin
2010-12-06 16:41:40 . 2010-12-06 16:41:40 1409 ----a-w- C:\WINDOWS\QTFont.for
2010-11-28 10:13:25 . 2010-11-28 10:13:25 -------- d-----w- C:\Documents and Settings\Ondra\Data aplikací\Malwarebytes
2010-11-28 10:13:12 . 2010-04-29 14:39:38 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-11-28 10:13:10 . 2010-04-29 14:39:26 20952 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2010-11-28 10:13:09 . 2010-11-28 10:13:16 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2010-11-27 15:16:38 . 2010-11-27 15:16:38 -------- d-----w- C:\Program Files\CPUID
2010-11-27 11:05:32 . 2010-11-27 11:05:32 -------- d-----w- C:\WINDOWS\system32\N360_BACKUP
2010-11-27 09:44:03 . 2010-11-27 09:44:15 -------- d-----w- C:\Program Files\trend micro
2010-11-27 09:44:02 . 2010-11-27 09:44:19 -------- d-----w- C:\rsit
2010-11-24 10:04:57 . 2008-08-26 09:26:12 18816 ----a-w- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2010-11-24 10:02:40 . 2010-11-24 10:02:40 -------- d-----w- C:\Program Files\Nokia
2010-11-22 15:13:35 . 2010-11-22 15:13:35 -------- d-----w- C:\Documents and Settings\Ondra\Data aplikací\Telefónica Móviles
2010-11-21 16:58:34 . 2010-11-21 17:01:54 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\TmForever
2010-11-20 09:41:33 . 2010-11-20 09:41:33 -------- d-----w- C:\Documents and Settings\Kryštof\Local Settings\Data aplikací\Google
2010-11-20 09:21:00 . 2010-11-20 09:21:00 -------- d-----w- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
2010-11-20 09:16:38 . 2010-11-20 09:18:46 -------- d-----w- C:\Documents and Settings\Borusík\Local Settings\Data aplikací\Temp
2010-11-20 09:16:36 . 2010-11-20 09:16:36 -------- d-----w- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
2010-11-20 09:16:17 . 2010-11-20 10:21:16 -------- d-----w- C:\Program Files\Google
2010-11-20 09:16:17 . 2010-11-20 09:16:17 -------- d-----w- C:\Documents and Settings\Borusík\Local Settings\Data aplikací\Google
2010-11-20 08:55:43 . 2010-11-20 08:55:43 -------- d-----w- C:\Documents and Settings\Borusík\Data aplikací\Telefónica Móviles
2010-11-19 18:41:43 . 2010-11-19 18:41:43 -------- d-----w- C:\Documents and Settings\Kryštof\Data aplikací\Telefónica Móviles
2010-11-19 18:39:05 . 2008-04-13 19:45:40 32128 -c--a-w- C:\WINDOWS\system32\dllcache\usbccgp.sys
2010-11-19 18:39:05 . 2008-04-13 19:45:40 32128 ----a-w- C:\WINDOWS\system32\drivers\usbccgp.sys
2010-11-17 14:04:22 . 2010-11-17 14:04:22 -------- d-----w- C:\Documents and Settings\Kryštof\Data aplikací\Ashampoo
2010-11-17 14:04:04 . 2010-11-17 14:04:04 -------- d-----w- C:\Documents and Settings\Kryštof\Local Settings\Data aplikací\ashampoo
2010-11-17 14:04:04 . 2010-11-17 14:04:04 -------- d-----w- C:\Documents and Settings\All Users\Data aplikací\ashampoo

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-17 11:26:05 . 2007-12-14 07:57:23 22328 ----a-w- C:\WINDOWS\system32\drivers\PnkBstrK.sys
2010-11-17 11:25:48 . 2007-12-14 07:57:16 103736 ----a-w- C:\WINDOWS\system32\PnkBstrB.exe
2010-11-10 18:33:59 . 2009-09-11 15:00:55 691696 ----a-w- C:\WINDOWS\system32\drivers\sptd.sys
2010-11-09 13:37:06 . 2010-11-09 13:37:06 9932 ----a-w- C:\Documents and Settings\All Users\SPL55.tmp
2010-09-26 11:24:10 . 2010-09-26 11:24:10 43520 ----a-w- C:\WINDOWS\system32\CmdLineExt03.dll
2010-09-19 15:05:36 . 2010-09-19 15:06:09 73728 ----a-w- C:\WINDOWS\system32\javacpl.cpl
2010-09-19 15:05:36 . 2010-09-19 14:53:26 423656 ----a-w- C:\WINDOWS\system32\deployJava1.dll
2010-09-18 10:23:38 . 2006-03-02 12:00:00 974848 ----a-w- C:\WINDOWS\system32\mfc42u.dll
2010-09-18 06:53:37 . 2006-03-02 12:00:00 974848 ----a-w- C:\WINDOWS\system32\mfc42.dll
2010-09-18 06:53:37 . 2006-03-02 12:00:00 954368 ----a-w- C:\WINDOWS\system32\mfc40.dll
2010-09-18 06:53:37 . 2006-03-02 12:00:00 953856 ----a-w- C:\WINDOWS\system32\mfc40u.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-12-02_15.06.52 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-12-12 13:31:37 . 2010-12-12 13:31:37 16384 C:\WINDOWS\temp\Perflib_Perfdata_504.dat
+ 2010-12-12 13:29:39 . 2010-12-12 13:29:39 16384 C:\WINDOWS\temp\Perflib_Perfdata_298.dat
+ 2010-12-07 17:40:02 . 2010-01-12 10:03:34 61440 C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\OpenCL.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 44544 C:\WINDOWS\system32\pngfilt.dll
+ 2006-03-02 12:00:00 . 2010-12-07 16:55:56 71060 C:\WINDOWS\system32\perfc009.dat
+ 2006-03-02 12:00:00 . 2010-12-07 16:55:56 82372 C:\WINDOWS\system32\perfc005.dat
- 2010-01-12 10:03:34 . 2010-01-12 10:03:34 61440 C:\WINDOWS\system32\OpenCL.dll
+ 2010-01-12 10:03:34 . 2010-07-10 04:38:00 61440 C:\WINDOWS\system32\OpenCL.dll
- 2010-01-11 20:17:40 . 2010-01-11 20:17:40 81920 C:\WINDOWS\system32\nvwddi.dll
+ 2010-07-09 15:24:26 . 2010-07-09 15:24:26 81920 C:\WINDOWS\system32\nvwddi.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:01:12 48128 C:\WINDOWS\system32\mshtmler.dll
- 2006-03-02 12:00:00 . 2009-03-08 02:31:18 48128 C:\WINDOWS\system32\mshtmler.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:32:30 45568 C:\WINDOWS\system32\mshta.exe
- 2006-03-02 12:00:00 . 2009-03-08 02:31:02 45568 C:\WINDOWS\system32\mshta.exe
+ 2007-08-13 17:36:40 . 2007-08-13 17:36:40 12288 C:\WINDOWS\system32\msfeedssync.exe
+ 2007-08-13 17:54:10 . 2010-09-09 13:34:28 52224 C:\WINDOWS\system32\msfeedsbs.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:44:18 40960 C:\WINDOWS\system32\licmgr10.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 27648 C:\WINDOWS\system32\jsproxy.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:39:02 92672 C:\WINDOWS\system32\inseng.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:36:06 36352 C:\WINDOWS\system32\imgutil.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:39:12 55296 C:\WINDOWS\system32\iesetup.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:27 44544 C:\WINDOWS\system32\iernonce.dll
+ 2009-05-17 13:39:47 . 2010-09-09 13:34:27 78336 C:\WINDOWS\system32\ieencode.dll
+ 2006-03-02 12:00:00 . 2010-09-08 15:57:10 70656 C:\WINDOWS\system32\ie4uinit.exe
+ 2007-08-13 17:36:26 . 2010-09-09 13:34:26 63488 C:\WINDOWS\system32\icardie.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 44544 C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:01:12 48128 C:\WINDOWS\system32\dllcache\mshtmler.dll
- 2006-03-02 12:00:00 . 2009-03-08 02:31:18 48128 C:\WINDOWS\system32\dllcache\mshtmler.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:32:30 45568 C:\WINDOWS\system32\dllcache\mshta.exe
- 2006-03-02 12:00:00 . 2009-03-08 02:31:02 45568 C:\WINDOWS\system32\dllcache\mshta.exe
+ 2007-11-18 15:31:45 . 2010-09-09 13:34:28 52224 C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:44:18 40960 C:\WINDOWS\system32\dllcache\licmgr10.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 27648 C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:39:02 92672 C:\WINDOWS\system32\dllcache\inseng.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:36:06 36352 C:\WINDOWS\system32\dllcache\imgutil.dll
- 2007-11-18 15:31:45 . 2009-02-20 10:20:49 13824 C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2007-11-18 15:31:45 . 2010-09-08 15:57:10 13824 C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2006-03-02 12:00:00 . 2007-08-13 17:39:12 55296 C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:27 44544 C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2009-05-17 13:39:47 . 2010-09-09 13:34:27 78336 C:\WINDOWS\system32\dllcache\ieencode.dll
+ 2006-03-02 12:00:00 . 2010-09-08 15:57:10 70656 C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-11-18 15:31:45 . 2010-09-09 13:34:26 63488 C:\WINDOWS\system32\dllcache\icardie.dll
+ 2007-10-22 14:24:05 . 2007-08-13 17:18:02 60416 C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2010-09-09 13:34:26 . 2010-09-09 13:34:26 17408 C:\WINDOWS\system32\dllcache\corpol.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:39:20 71680 C:\WINDOWS\system32\dllcache\admparse.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:26 17408 C:\WINDOWS\system32\corpol.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:39:20 71680 C:\WINDOWS\system32\admparse.dll
+ 2010-12-07 17:16:15 . 2009-02-20 17:13:48 44544 C:\WINDOWS\ie7updates\KB2360131-IE7\pngfilt.dll
+ 2010-12-07 17:16:15 . 2009-02-20 17:13:45 52224 C:\WINDOWS\ie7updates\KB2360131-IE7\msfeedsbs.dll
+ 2010-12-07 17:16:15 . 2009-02-20 17:13:45 27648 C:\WINDOWS\ie7updates\KB2360131-IE7\jsproxy.dll
+ 2010-12-07 17:16:19 . 2009-02-20 10:20:49 13824 C:\WINDOWS\ie7updates\KB2360131-IE7\ieudinit.exe
+ 2010-12-07 17:16:17 . 2009-02-20 17:13:44 44544 C:\WINDOWS\ie7updates\KB2360131-IE7\iernonce.dll
+ 2010-12-07 17:16:19 . 2009-02-20 17:13:49 78336 C:\WINDOWS\ie7updates\KB2360131-IE7\ieencode.dll
+ 2010-12-07 17:16:19 . 2009-02-20 10:20:49 70656 C:\WINDOWS\ie7updates\KB2360131-IE7\ie4uinit.exe
+ 2010-12-07 17:16:19 . 2009-02-20 17:13:42 63488 C:\WINDOWS\ie7updates\KB2360131-IE7\icardie.dll
+ 2010-12-07 17:16:19 . 2008-04-14 03:21:38 35328 C:\WINDOWS\ie7updates\KB2360131-IE7\corpol.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:29 832512 C:\WINDOWS\system32\wininet.dll
+ 2007-08-13 17:45:16 . 2007-08-13 17:45:16 206336 C:\WINDOWS\system32\winfxdocobj.exe
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:29 233472 C:\WINDOWS\system32\webcheck.dll
+ 2006-03-02 12:00:00 . 2010-03-09 11:11:23 430080 C:\WINDOWS\system32\vbscript.dll
- 2006-03-02 12:00:00 . 2009-03-08 02:34:28 105984 C:\WINDOWS\system32\url.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 105984 C:\WINDOWS\system32\url.dll
+ 2010-12-07 17:40:24 . 2010-01-12 10:03:34 592488 C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\nvudisp.exe
+ 2010-12-07 17:40:24 . 2010-01-12 10:03:34 182888 C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\nvcod.dll
+ 2006-03-02 12:00:00 . 2010-12-07 16:55:56 441124 C:\WINDOWS\system32\perfh009.dat
+ 2006-03-02 12:00:00 . 2010-12-07 16:55:56 437558 C:\WINDOWS\system32\perfh005.dat
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 102912 C:\WINDOWS\system32\occache.dll
+ 2007-11-17 08:41:44 . 2010-07-10 04:38:00 604776 C:\WINDOWS\system32\NVUNINST.EXE
+ 2007-11-17 09:13:43 . 2010-07-10 04:38:00 604776 C:\WINDOWS\system32\nvudisp.exe
+ 2010-07-09 15:24:16 . 2010-07-09 15:24:16 155752 C:\WINDOWS\system32\nvsvc32.exe
+ 2010-07-09 15:24:18 . 2010-07-09 15:24:18 110696 C:\WINDOWS\system32\nvmctray.dll
- 2010-01-11 20:17:44 . 2010-01-11 20:17:44 110696 C:\WINDOWS\system32\nvmctray.dll
+ 2010-07-09 15:24:18 . 2010-07-09 15:24:18 277608 C:\WINDOWS\system32\nvmccs.dll
+ 2010-07-09 15:24:16 . 2010-07-09 15:24:16 145000 C:\WINDOWS\system32\nvcolor.exe
- 2010-01-11 20:17:44 . 2010-01-11 20:17:44 145000 C:\WINDOWS\system32\nvcolor.exe
+ 2005-02-23 23:32:00 . 2010-07-10 04:38:00 236136 C:\WINDOWS\system32\nvcodins.dll
+ 2005-02-23 23:32:00 . 2010-07-10 04:38:00 236136 C:\WINDOWS\system32\nvcod.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 671232 C:\WINDOWS\system32\mstime.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 193024 C:\WINDOWS\system32\msrating.dll
- 2006-03-02 12:00:00 . 2009-03-08 02:22:38 156160 C:\WINDOWS\system32\msls31.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:54:10 156160 C:\WINDOWS\system32\msls31.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 478208 C:\WINDOWS\system32\mshtmled.dll
+ 2007-08-13 17:54:10 . 2010-09-09 13:34:28 468480 C:\WINDOWS\system32\msfeeds.dll
+ 2006-03-02 12:00:00 . 2009-08-13 15:24:20 512000 C:\WINDOWS\system32\jscript.dll
+ 2007-08-13 17:54:10 . 2007-08-13 17:54:10 180736 C:\WINDOWS\system32\ieui.dll
+ 2007-08-13 17:34:04 . 2010-09-09 13:34:27 268288 C:\WINDOWS\system32\iertutil.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:27 192512 C:\WINDOWS\system32\iepeers.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:27 384512 C:\WINDOWS\system32\iedkcs32.dll
+ 2007-07-11 11:27:48 . 2010-09-09 13:34:27 380928 C:\WINDOWS\system32\ieapfltr.dll
+ 2006-03-02 12:00:00 . 2010-08-25 11:29:05 161792 C:\WINDOWS\system32\ieakui.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:27 230400 C:\WINDOWS\system32\ieaksie.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:27 153088 C:\WINDOWS\system32\ieakeng.dll
+ 2007-10-22 16:11:20 . 2010-12-07 17:20:12 170688 C:\WINDOWS\system32\FNTCACHE.DAT
- 2006-03-02 12:00:00 . 2009-02-20 17:13:42 133120 C:\WINDOWS\system32\extmgr.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:26 133120 C:\WINDOWS\system32\extmgr.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:26 214528 C:\WINDOWS\system32\dxtrans.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:26 347136 C:\WINDOWS\system32\dxtmsft.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:29 832512 C:\WINDOWS\system32\dllcache\wininet.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:29 233472 C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-10-22 14:24:44 . 2008-05-27 17:26:33 765952 C:\WINDOWS\system32\dllcache\vgx.dll
+ 2008-05-09 10:56:13 . 2010-03-09 11:11:23 430080 C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 105984 C:\WINDOWS\system32\dllcache\url.dll
- 2006-03-02 12:00:00 . 2009-03-08 02:34:28 105984 C:\WINDOWS\system32\dllcache\url.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 102912 C:\WINDOWS\system32\dllcache\occache.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 671232 C:\WINDOWS\system32\dllcache\mstime.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 193024 C:\WINDOWS\system32\dllcache\msrating.dll
+ 2006-03-02 12:00:00 . 2007-08-13 17:54:10 156160 C:\WINDOWS\system32\dllcache\msls31.dll
- 2006-03-02 12:00:00 . 2009-03-08 02:22:38 156160 C:\WINDOWS\system32\dllcache\msls31.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 478208 C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-11-18 15:31:45 . 2010-09-09 13:34:28 468480 C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-05-09 10:56:13 . 2009-08-13 15:24:20 512000 C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-10-22 14:24:05 . 2010-08-25 11:30:33 634648 C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-11-18 15:31:45 . 2010-09-09 13:34:27 268288 C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:27 192512 C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:27 384512 C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-11-18 15:31:45 . 2010-09-09 13:34:27 380928 C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2006-03-02 12:00:00 . 2010-08-25 11:29:05 161792 C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:27 230400 C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:27 153088 C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2006-03-02 12:00:00 . 2009-02-20 17:13:42 133120 C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:26 133120 C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:26 214528 C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:26 347136 C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:26 124928 C:\WINDOWS\system32\dllcache\advpack.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:26 124928 C:\WINDOWS\system32\advpack.dll
+ 2010-12-07 17:16:15 . 2009-03-03 00:14:11 826368 C:\WINDOWS\ie7updates\KB2360131-IE7\wininet.dll
+ 2010-12-07 17:16:15 . 2009-02-20 17:13:49 233472 C:\WINDOWS\ie7updates\KB2360131-IE7\webcheck.dll
+ 2010-12-07 17:16:15 . 2009-02-20 17:13:48 105984 C:\WINDOWS\ie7updates\KB2360131-IE7\url.dll
+ 2010-12-07 17:16:20 . 2010-02-22 14:21:10 391032 C:\WINDOWS\ie7updates\KB2360131-IE7\spuninst\updspapi.dll
+ 2010-12-07 17:16:20 . 2010-02-22 14:20:59 233848 C:\WINDOWS\ie7updates\KB2360131-IE7\spuninst\spuninst.exe
+ 2010-12-07 17:16:15 . 2009-02-20 17:13:48 102912 C:\WINDOWS\ie7updates\KB2360131-IE7\occache.dll
+ 2010-12-07 17:16:15 . 2009-02-20 17:13:48 671232 C:\WINDOWS\ie7updates\KB2360131-IE7\mstime.dll
+ 2010-12-07 17:16:15 . 2009-02-20 17:13:48 193024 C:\WINDOWS\ie7updates\KB2360131-IE7\msrating.dll
+ 2010-12-07 17:16:15 . 2009-02-20 17:13:47 477696 C:\WINDOWS\ie7updates\KB2360131-IE7\mshtmled.dll
+ 2010-12-07 17:16:15 . 2009-02-20 17:13:45 459264 C:\WINDOWS\ie7updates\KB2360131-IE7\msfeeds.dll
+ 2010-12-07 17:16:19 . 2009-02-28 04:54:41 636072 C:\WINDOWS\ie7updates\KB2360131-IE7\iexplore.exe
+ 2010-12-07 17:16:17 . 2009-02-20 17:13:44 268288 C:\WINDOWS\ie7updates\KB2360131-IE7\iertutil.dll
+ 2010-12-07 17:16:17 . 2007-08-13 17:54:10 191488 C:\WINDOWS\ie7updates\KB2360131-IE7\iepeers.dll
+ 2010-12-07 17:16:17 . 2009-02-20 17:13:42 385024 C:\WINDOWS\ie7updates\KB2360131-IE7\iedkcs32.dll
+ 2010-12-07 17:16:17 . 2009-02-20 17:13:42 383488 C:\WINDOWS\ie7updates\KB2360131-IE7\ieapfltr.dll
+ 2010-12-07 17:16:18 . 2009-02-20 05:14:12 161792 C:\WINDOWS\ie7updates\KB2360131-IE7\ieakui.dll
+ 2010-12-07 17:16:18 . 2009-02-20 17:13:42 230400 C:\WINDOWS\ie7updates\KB2360131-IE7\ieaksie.dll
+ 2010-12-07 17:16:18 . 2009-02-20 17:13:42 153088 C:\WINDOWS\ie7updates\KB2360131-IE7\ieakeng.dll
+ 2010-12-07 17:16:19 . 2009-02-20 17:13:42 133120 C:\WINDOWS\ie7updates\KB2360131-IE7\extmgr.dll
+ 2010-12-07 17:16:19 . 2009-02-20 17:13:42 214528 C:\WINDOWS\ie7updates\KB2360131-IE7\dxtrans.dll
+ 2010-12-07 17:16:19 . 2009-02-20 17:13:42 347136 C:\WINDOWS\ie7updates\KB2360131-IE7\dxtmsft.dll
+ 2010-12-07 17:16:19 . 2009-02-20 17:13:41 124928 C:\WINDOWS\ie7updates\KB2360131-IE7\advpack.dll
+ 2009-05-17 13:39:47 . 2006-09-06 16:42:22 215776 C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 1168384 C:\WINDOWS\system32\urlmon.dll
+ 2010-12-07 17:40:19 . 2010-01-12 10:03:34 2283526 C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\nvdata.bin
+ 2010-12-07 17:40:17 . 2010-01-12 10:03:34 2259560 C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\nvcuvid.dll
+ 2010-12-07 17:40:12 . 2010-01-12 10:03:34 4077672 C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\nvcuvenc.dll
+ 2010-12-07 17:40:08 . 2010-01-12 10:03:34 4104192 C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\nvcuda.dll
+ 2010-12-07 17:40:03 . 2010-01-12 10:03:34 1081344 C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\nvapi.dll
+ 2010-12-07 17:40:02 . 2010-01-12 10:03:34 6359168 C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\nv4_disp.dll
+ 2010-01-12 10:03:34 . 2010-07-10 04:38:00 2195030 C:\WINDOWS\system32\nvdata.bin
+ 2010-01-12 10:03:34 . 2010-07-10 04:38:00 2914408 C:\WINDOWS\system32\nvcuvid.dll
+ 2010-01-12 10:03:34 . 2010-07-10 04:38:00 2506344 C:\WINDOWS\system32\nvcuvenc.dll
+ 2008-09-17 21:55:00 . 2010-07-10 04:38:00 4595712 C:\WINDOWS\system32\nvcuda.dll
+ 2008-09-17 21:55:00 . 2010-07-10 04:38:00 1388544 C:\WINDOWS\system32\nvapi.dll
+ 2005-02-23 23:32:00 . 2010-07-10 04:38:00 6343040 C:\WINDOWS\system32\nv4_disp.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 3601920 C:\WINDOWS\system32\mshtml.dll
+ 2007-08-13 17:54:10 . 2010-09-09 13:34:27 6075904 C:\WINDOWS\system32\ieframe.dll
+ 2007-02-12 15:10:12 . 2010-07-05 20:32:05 2452872 C:\WINDOWS\system32\ieapfltr.dat
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 1168384 C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2006-03-02 12:00:00 . 2010-09-09 13:34:28 3601920 C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-11-18 15:31:45 . 2010-09-09 13:34:27 6075904 C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2007-11-18 15:31:45 . 2010-07-05 20:32:05 2452872 C:\WINDOWS\system32\dllcache\ieapfltr.dat
+ 2010-12-07 17:16:15 . 2009-02-20 17:13:49 1160192 C:\WINDOWS\ie7updates\KB2360131-IE7\urlmon.dll
+ 2010-12-07 17:16:15 . 2009-02-20 17:13:47 3595264 C:\WINDOWS\ie7updates\KB2360131-IE7\mshtml.dll
+ 2010-12-07 17:16:17 . 2009-02-20 17:13:44 6066176 C:\WINDOWS\ie7updates\KB2360131-IE7\ieframe.dll
+ 2010-12-07 17:16:17 . 2008-07-09 14:25:57 2455488 C:\WINDOWS\ie7updates\KB2360131-IE7\ieapfltr.dat
+ 2010-12-07 17:40:20 . 2010-01-12 10:03:34 14458880 C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\nvoglnt.dll
+ 2010-12-07 17:40:04 . 2010-01-12 10:03:34 11632640 C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\nvcompiler.dll
+ 2010-12-07 17:40:00 . 2010-01-12 10:03:34 10276768 C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\nv4_mini.sys
+ 2005-02-23 23:32:00 . 2010-07-10 04:38:00 13549568 C:\WINDOWS\system32\nvoglnt.dll
+ 2010-07-09 15:24:16 . 2010-07-09 15:24:16 13923432 C:\WINDOWS\system32\nvcpl.dll
+ 2010-01-12 10:03:34 . 2010-07-10 04:38:00 10260480 C:\WINDOWS\system32\nvcompiler.dll
+ 2005-02-23 23:32:00 . 2010-07-10 04:38:00 10604128 C:\WINDOWS\system32\drivers\nv4_mini.sys
+ 2005-02-23 23:32:00 . 2010-07-10 04:38:00 10604128 C:\WINDOWS\system32\dllcache\nv4_mini.sys
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="C:\Program Files\ICQ7.1\ICQ.exe" [2010-10-27 12:20:45 133432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-10-07 16:53:06 131072]
"lxdumon.exe"="C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe" [2008-05-29 13:04:45 676520]
"lxduamon"="C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe" [2008-05-29 13:04:43 16040]
"nwiz"="C:\Program Files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 22:52:40 1753192]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2010-07-09 15:24:18 110696]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2010-07-09 15:24:16 13923432]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 03:22:17 15360]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 23:44:24 435096]

C:\Documents and Settings\Ondra\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Microsoft Office.lnk - D:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^Kryštof^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=C:\Documents and Settings\Kryštof\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=C:\WINDOWS\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16:00 39792 ----a-w- D:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22:36 1695232 ------w- C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-09-04 13:22:57 98304 ----a-w- D:\Hry\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 09:44:46 248552 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"D:\\Hry\\Team17 Software Ltd\\WormsForts\\wf.exe"=
"D:\\Hry\\UBISOFT\\Heroes of Might and Magic V\\bin\\H5_Game.exe"=
"D:\\Hry\\Pyro\\Commandos 3 - Destination Berlin\\Commandos3.exe"=
"D:\\Hry\\OpenArena\\ioquake3.x86.exe"=
"D:\\Hry\\5star Gomoku\\Gomoku.exe"=
"D:\\Hry\\FlatOut2\\FlatOut2.exe"=
"D:\\Hry\\Cenega Czech\\Sid Meier's Civilization III Gold\\CIV3PTW\\Civilization3X.exe"=
"D:\\Hry\\Eidos\\Pyro Studios\\Commandos Strike Force\\CommXPC.exe"=
"D:\\Hry\\EA SPORTS\\UEFA EURO 2008\\EURO08.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"D:\\Hry\\Activision\\Mat Hoffman's Pro BMX\\BMX.exe"=
"D:\\Hry\\THQ\\Pandemic Studios\\Full Spectrum Warrior\\Launcher.exe"=
"D:\\Hry\\Call of Duty\\CoDUOMP.exe"=
"D:\\Hry\\Call of Duty\\CoDMP.exe"=
"D:\\Hry\\UBISOFT\\Gearbox Software\\BrothersInArms\\System\\bia.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"D:\\Hry\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"D:\\Hry\\UBISOFT\\Shaun White Snowboarding\\ShaunWhiteSnowboardingGame.exe"=
"D:\\Hry\\UBISOFT\\Shaun White Snowboarding\\ShaunWhiteSnowboarding.exe"=
"D:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"D:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"D:\\Hry\\Counter-Strike Source\\hl2.exe"=
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\WINDOWS\\system32\\lxducoms.exe"=
"D:\\Hry\\Tony Hawk's Underground 2\\Game\\THUG2.exe"=
"C:\\Program Files\\ICQ7.1\\ICQ.exe"=
"C:\\Program Files\\ICQ7.1\\aolload.exe"=
"D:\\Hry\\UBISOFT\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"D:\\Hry\\UBISOFT\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"D:\\Hry\\UBISOFT\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=

R0 pe3agmlb;Armed Assault Environment Driver (pe3agmlb);C:\WINDOWS\system32\drivers\pe3agmlb.sys [4.6.2007 20:01:45 65408]
R0 pe3anfab;Helldorado Environment Driver (pe3anfab);C:\WINDOWS\system32\drivers\pe3anfab.sys [4.10.2007 17:26:30 64632]
R0 pf2anfab;Helldorado File System Driver (pf2anfab);C:\WINDOWS\system32\drivers\pf2anfab.sys [4.10.2007 17:25:51 83576]
R0 ps6agmlb;Armed Assault Synchronization Driver (ps6agmlb);C:\WINDOWS\system32\drivers\ps6agmlb.sys [4.6.2007 20:01:20 55688]
R0 ps7anfab;Helldorado Synchronization Driver (ps7anfab);C:\WINDOWS\system32\drivers\ps7anfab.sys [4.10.2007 17:25:03 68224]
R0 psdrv02;CD Guard Environment Driver (v2);C:\WINDOWS\system32\drivers\psdrv02.sys [11.9.2006 13:01:44 67960]
R0 pssync05;CD Guard Synchronization Driver (v5);C:\WINDOWS\system32\drivers\pssync05.sys [3.11.2006 9:24:01 61312]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [5.7.2006 13:46:06 63352]
R0 sptd;sptd;C:\WINDOWS\system32\drivers\sptd.sys [11.9.2009 16:00:55 691696]
R0 SymDS;Symantec Data Store;C:\WINDOWS\system32\drivers\N360\0403000.005\symds.sys [24.9.2010 15:48:07 328752]
R0 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\system32\drivers\N360\0403000.005\symefa.sys [24.9.2010 15:48:07 173104]
R1 BHDrvx86;BHDrvx86;C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20101123.003\BHDrvx86.sys [23.11.2010 3:20:07 691248]
R1 ccHP;Symantec Hash Provider;C:\WINDOWS\system32\drivers\N360\0403000.005\cchpx86.sys [24.9.2010 15:48:07 501888]
R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\system32\drivers\N360\0403000.005\ironx86.sys [24.9.2010 15:48:07 116784]
R2 FsUsbExService;FsUsbExService;C:\WINDOWS\system32\FsUsbExService.Exe [26.12.2009 16:04:12 233472]
R2 lxdu_device;lxdu_device;C:\WINDOWS\system32\lxducoms.exe -service --> C:\WINDOWS\system32\lxducoms.exe -service [?]
R2 N360;Norton 360;C:\Program Files\Norton 360\Norton 360\Engine\4.3.0.5\ccsvchst.exe [24.9.2010 15:47:13 126392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12.7.2010 18:23:46 102448]
R3 FsUsbExDisk;FsUsbExDisk;C:\WINDOWS\system32\FsUsbExDisk.Sys [26.12.2009 16:04:12 36608]
R3 IDSxpx86;IDSxpx86;C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20101208.001\IDSXpx86.sys [8.12.2010 18:26:16 341944]
S0 Lbd;Lbd;C:\WINDOWS\system32\DRIVERS\Lbd.sys --> C:\WINDOWS\system32\DRIVERS\Lbd.sys [?]
S2 lxduCATSCustConnectService;lxduCATSCustConnectService;C:\WINDOWS\system32\spool\drivers\w32x86\3\lxduserv.exe [17.2.2010 20:10:33 98984]
S2 pr2agmlb;Armed Assault Drivers Auto Removal (pr2agmlb);C:\WINDOWS\system32\pr2agmlb.exe svc --> C:\WINDOWS\system32\pr2agmlb.exe svc [?]
S2 pr2anfab;Helldorado Drivers Auto Removal (pr2anfab);C:\WINDOWS\system32\pr2anfab.exe svc --> C:\WINDOWS\system32\pr2anfab.exe svc [?]
S2 psrem02;CD Guard Drivers Auto Removal (v2);C:\WINDOWS\system32\psrem02.exe svc --> C:\WINDOWS\system32\psrem02.exe svc [?]
S3 FXDRV;FXDRV;\??\J:\Fxdrv.sys --> J:\Fxdrv.sys [?]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;C:\WINDOWS\system32\DRIVERS\ewdcsc.sys --> C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [?]
S3 hwusbdev;Huawei DataCard USB PNP Device;C:\WINDOWS\system32\DRIVERS\ewusbdev.sys --> C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [?]
S3 jgameenp;jgameenp;\??\C:\DOCUME~1\KRYTOF~1\LOCALS~1\Temp\jgameenp.sys --> C:\DOCUME~1\KRYTOF~1\LOCALS~1\Temp\jgameenp.sys [?]
S3 kvpndev;Kerio VPN adapter;C:\WINDOWS\system32\drivers\kvpndrv.sys [24.6.2008 9:36:14 65024]
S3 kwflower;Kerio WinRoute Firewall Driver - Lower Layer;C:\WINDOWS\system32\DRIVERS\kwflower.sys --> C:\WINDOWS\system32\DRIVERS\kwflower.sys [?]
S3 PRODIGY;PRODIGY;C:\WINDOWS\system32\drivers\prodigy.sys [11.2.2010 17:34:46 32377]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:\WINDOWS\system32\drivers\ss_bbus.sys [26.12.2009 16:04:29 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:\WINDOWS\system32\drivers\ss_bmdfl.sys [26.12.2009 16:04:29 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:\WINDOWS\system32\drivers\ss_bmdm.sys [26.12.2009 16:04:29 121856]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - FSUSBEXDISK

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/skinit/icq/
uInternet Connection Wizard,ShellNext = "C:\Program Files\Outlook Express\msimn.exe"
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
FF - ProfilePath - C:\Documents and Settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\eq57nob5.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.6&q=
FF - component: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: D:\Hry\QuickTime\Plugins\npqtplugin.dll
FF - plugin: D:\Hry\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: D:\Hry\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: D:\Hry\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: D:\Hry\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: D:\Hry\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: D:\Hry\QuickTime\Plugins\npqtplugin7.dll
FF - plugin: D:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll
FF - HiddenExt: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Documents and Settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\eq57nob5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - C:\Documents and Settings\Ondra\Data aplikací\Mozilla\Firefox\Profiles\eq57nob5.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - C:\Program Files\Java\jre6\lib\deploy\jqs\ff

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci