VIRY.CZ

Dobrý den, nějkým způsobem se mi do notebooku dostal jakýsi parazit "antivir.cz" nebo tak nějak, který se hlásí jako součást windows (směruje k zakoupení licence). Nelze ho žádným způsobem zavřít a znemožnil mi jakékoliv instalace či jen spouštění programů. Zároveň mi blokuje internet. Přes nouzový režim jsem obnovil systém a vrátil ho o den zpět, abych se alespoň pohnul z místa.
Díky moc za kontrolu.

Zde zasílám log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Michal Brož at 2011-02-03 00:47:17
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 22 GB (28%) free of 80 GB
Total RAM: 2047 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:47:22, on 3.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\O2\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\O2 Assistant\bin\tgsrvc.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\O2\bin\sprtcmd.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\O2 Assistant\bin\sprtcmd.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Opera 10 Beta\Opera.exe
C:\Documents and Settings\Michal Brož\Plocha\RSIT.exe
C:\Program Files\trend micro\Michal Brož.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ati.amd.com/online/cccwelcome/re ... n.asp?id=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O2 - BHO: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: vShare Plugin - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTo1.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Startup Cleaner] C:\Program Files\CM Data Software\CM DiskCleaner\Startup Cleaner.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [O2] "C:\Program Files\O2\bin\sprtcmd.exe" /P O2
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [O2DA] "C:\Program Files\O2 Assistant\bin\sprtcmd.exe" /P O2DA
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.broadband.o2.co.uk
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3407494625
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (O2) (sprtsvc_O2) - SupportSoft, Inc. - C:\Program Files\O2\bin\sprtsvc.exe
O23 - Service: SupportSoft Sprocket Service (O2DA) (sprtsvc_O2DA) - SupportSoft, Inc. - C:\Program Files\O2 Assistant\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: SupportSoft Repair Service (O2DA) (tgsrvc_O2DA) - SupportSoft, Inc. - C:\Program Files\O2 Assistant\bin\tgsrvc.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe

--
End of file - 11022 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-MAJKL-Michal Brož.job
C:\WINDOWS\tasks\SmartDefrag.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF}]
vShare Plugin - C:\Program Files\vShare\vshare_toolbar.dll [2010-08-17 431720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin0.dll [2010-12-25 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTo1.dll [2010-12-25 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{043C5167-00BB-4324-AF7E-62013FAEDACF} - vShare Plugin - C:\Program Files\vShare\vshare_toolbar.dll [2010-08-17 431720]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTo1.dll [2010-12-25 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin0.dll [2010-12-25 3911776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-26 90112]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-08-23 110592]
"ATKHOTKEY"=C:\Program Files\ATK Hotkey\Hcontrol.exe [2010-08-26 225280]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2010-08-29 53248]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2010-08-29 90112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-10-25 16855552]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-10-11 1826816]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-11-22 630784]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2010-08-29 851968]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1024000]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2005-10-17 987136]
"ACU"=C:\Program Files\Atheros\ACU.exe [2006-11-17 348249]
"AtiPTA"=C:\WINDOWS\system32\atiptaxx.exe [2006-02-22 344064]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-02-06 2021400]
"Startup Cleaner"=C:\Program Files\CM Data Software\CM DiskCleaner\Startup Cleaner.exe [2006-07-14 118784]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"O2"=C:\Program Files\O2\bin\sprtcmd.exe [2009-03-04 202016]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-12-02 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"O2DA"=C:\Program Files\O2 Assistant\bin\sprtcmd.exe [2010-04-23 206120]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-08-27 247144]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2007-12-29 486856]
"AdobeBridge"= []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-12-05 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SupportSoft RemoteAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Program Files\Opera 10 Beta\opera.exe"="C:\Program Files\Opera 10 Beta\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2011\pes2011.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"C:\Program Files\O2\agent\bin\bcont.exe"="C:\Program Files\O2\agent\bin\bcont.exe:*:Enabled:bcont.exe"
"C:\Program Files\O2\bin\wificfg.exe"="C:\Program Files\O2\bin\wificfg.exe:*:Enabled:sprtcmd.exe"
"C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe"="C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe:*:Enabled:ssrc.exe"
"C:\Program Files\O2\agent\bin\bcont_nm.exe"="C:\Program Files\O2\agent\bin\bcont_nm.exe:*:Enabled:bcont_nm.exe"
"C:\Documents and Settings\Michal Brož\Plocha\utorrent-lite\utorrent.exe"="C:\Documents and Settings\Michal Brož\Plocha\utorrent-lite\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Michal Brož\Plocha\utorrent.exe"="C:\Documents and Settings\Michal Brož\Plocha\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-02-03 00:43:00 ----ASH---- C:\hiberfil.sys
2011-02-03 00:35:01 ----D---- C:\WINDOWS\CSC
2011-02-03 00:32:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-02 22:51:58 ----A---- C:\WINDOWS\ntbtlog.txt
2011-02-02 22:45:16 ----ASH---- C:\pagefile.sys
2011-02-02 21:59:14 ----D---- C:\Documents and Settings\Michal Brož\Data aplikací\Spyware Terminator
2011-02-02 21:56:36 ----D---- C:\Program Files\Spyware Terminator
2011-02-01 14:42:56 ----D---- C:\Program Files\O2 Assistant
2011-01-27 18:35:03 ----D---- C:\Ubisoft
2011-01-08 22:02:41 ----D---- C:\Program Files\Ubisoft
2011-01-07 15:22:27 ----A---- C:\WINDOWS\ModemLog_ZTE Proprietary USB Modem #2.txt
2011-01-07 15:20:12 ----D---- C:\Documents and Settings\Michal Brož\Data aplikací\Tatara Systems
2011-01-07 15:19:23 ----A---- C:\WINDOWS\system32\drivers\ZTEusbnet.sys
2011-01-07 15:19:23 ----A---- C:\WINDOWS\system32\drivers\ZTEusbccid.sys
2011-01-07 15:19:17 ----D---- C:\WINDOWS\massfilter
2011-01-07 15:18:59 ----D---- C:\Program Files\O2CM-CE
2011-01-07 15:18:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\O2CM-CE

======List of files/folders modified in the last 1 months======

2011-02-03 00:47:19 ----D---- C:\Program Files\Trend Micro
2011-02-03 00:46:31 ----D---- C:\WINDOWS\temp
2011-02-03 00:44:48 ----D---- C:\WINDOWS\Prefetch
2011-02-03 00:42:13 ----D---- C:\WINDOWS\system32\config
2011-02-03 00:41:51 ----D---- C:\WINDOWS\system32\wbem
2011-02-03 00:41:50 ----D---- C:\WINDOWS\Registration
2011-02-03 00:41:36 ----HD---- C:\WINDOWS\inf
2011-02-03 00:41:21 ----D---- C:\WINDOWS
2011-02-03 00:37:16 ----D---- C:\WINDOWS\network diagnostic
2011-02-03 00:32:20 ----D---- C:\Qoobox
2011-02-02 23:03:41 ----D---- C:\WINDOWS\system32\drivers
2011-02-02 22:22:34 ----D---- C:\Documents and Settings\Michal Brož\Data aplikací\PriceGong
2011-02-02 21:56:36 ----D---- C:\Program Files
2011-02-01 14:44:07 ----SHD---- C:\WINDOWS\Installer
2011-02-01 14:43:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\SupportSoft
2011-02-01 14:31:42 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-01 04:34:56 ----D---- C:\Program Files\Opera 10 Beta
2011-01-28 21:29:12 ----D---- C:\Documents and Settings\Michal Brož\Data aplikací\uTorrent
2011-01-28 16:52:32 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-27 23:35:19 ----SD---- C:\WINDOWS\Tasks
2011-01-27 20:50:24 ----D---- C:\WINDOWS\Minidump
2011-01-26 19:57:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Birdstep Technology
2011-01-25 22:42:45 ----A---- C:\WINDOWS\ModemLog_ZTE Proprietary USB Modem.txt
2011-01-23 18:03:07 ----D---- C:\Documents and Settings
2011-01-23 15:37:31 ----A---- C:\WINDOWS\ModemLog_Motorola SM56 Speakerphone Modem.txt
2011-01-18 20:49:39 ----A---- C:\WINDOWS\wincmd.ini
2011-01-08 22:11:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2011-01-08 22:09:17 ----D---- C:\WINDOWS\system32\DirectX
2011-01-08 22:08:45 ----RSD---- C:\WINDOWS\assembly
2011-01-08 22:02:40 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-07 15:38:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-01-07 15:37:25 ----D---- C:\Documents and Settings\Michal Brož\Data aplikací\Adobe
2011-01-04 21:19:43 ----D---- C:\Documents and Settings\Michal Brož\Data aplikací\Skype
2011-01-04 21:07:49 ----D---- C:\Documents and Settings\Michal Brož\Data aplikací\skypePM
2011-01-04 11:06:44 ----D---- C:\WINDOWS\system32
2011-01-04 11:06:41 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide;amdide; C:\WINDOWS\system32\DRIVERS\amdide.sys [2007-10-12 9096]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-07 43528]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-10-06 715248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 atitray;atitray; \??\C:\Program Files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys []
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-02-06 56280]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-01-21 281504]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-01-21 25888]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-12-05 529344]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\ATK0100\ASNDIS5.SYS []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-12-05 2782208]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-02-06 33096]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-01 4620288]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-07-27 83712]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-05-25 1743232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-12-06 220032]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-04-19 47488]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2006-07-20 54432]
S1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys []
S3 apw82x4v;apw82x4v; C:\WINDOWS\system32\drivers\apw82x4v.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\MICHAL~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2009-02-17 57672]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2009-02-17 72520]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [2009-04-27 9728]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-05-18 110976]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-05-09 62848]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2006-03-15 52864]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-05-09 40192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2009-07-21 105088]
S3 ZTEusbnet;ZTE USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ZTEusbnet.sys [2009-07-21 114688]
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2009-07-21 105088]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2009-07-21 105088]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2006-11-17 360533]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-12-05 495616]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-01-24 73728]
R2 sprtsvc_O2;SupportSoft Sprocket Service (O2); C:\Program Files\O2\bin\sprtsvc.exe [2009-03-04 202016]
R2 tgsrvc_O2DA;SupportSoft Repair Service (O2DA); C:\Program Files\O2 Assistant\bin\tgsrvc.exe [2010-04-23 185640]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-05-10 110592]
R2 WDFME;WD File Management Engine; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2010-05-10 1858048]
R2 WDSC;WD File Management Shadow Engine; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2010-05-10 482304]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-09-28 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-02-06 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2010-08-26 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-08-29 615936]
S3 sprtsvc_O2DA;SupportSoft Sprocket Service (O2DA); C:\Program Files\O2 Assistant\bin\sprtsvc.exe [2010-04-23 206120]
S3 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe [2010-04-23 383408]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravim a pekny den preji

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Co jste zkousel s ComboFixem Zabalte mi prosim slozku c:\qoobox a uploadnete ke me na upa http://vyosek.ic.cz/havet/uploader.php

já vim

tady posílám to info:
info.txt logfile of random's system information tool 1.08 2010-08-28 15:52:23

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent CZ 1.7.7 (build 8179)-->"C:\Program Files\uTorrent\unins000.exe"
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A81200000003}
Aktualizace systému Windows Internet Explorer 8 (KB975364)-->"C:\WINDOWS\ie8updates\KB975364-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB974455)-->"C:\WINDOWS\ie8updates\KB974455-IE8\spuninst\spuninst.exe"
Ashampoo Burning Studio 6 FREE-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
ASUS InstantFun-->MsiExec.exe /I{57B15AD4-8C9D-4164-82BB-E33D8644E757}
ASUS Splendid Video Enhancement Technology-->C:\Program Files\InstallShield Installation Information\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}\setup.exe -runfromtemp -l0x0009 -removeonly
Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0009 -removeonly
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver (Omega 3.8.442)-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x0005 -removeonly
ATK Media-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\Setup.exe" -l0x9
ATK0100 ACPI UTILITY-->C:\WINDOWS\ATK0100\XPunin.exe
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Balíček ovladače systému Windows - Ross-Tech USB Driver Package (05/21/2009 2.04.18)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\rt-usb_F845A6FBA6E7BAF10344406742353662EE7E9156\rt-usb.inf
Bluetooth Stack for Windows-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{42EDF895-158C-484E-A7F2-42B90759F281}\SETUP.EXE" -l0x9 UNINST
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CM DiskCleaner -->C:\WINDOWS\iun6002.exe "C:\Program Files\CM Data Software\CM DiskCleaner\irunin.ini"
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Dual-Core Optimizer-->MsiExec.exe /X{BCA02FAD-2C86-4C8C-A815-51C09F4E51FF}
Google Earth-->MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}
Grand Theft Auto Vice City-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\Setup.exe" -l0x9
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\RŮZNÉ\Software\Programy\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
J2SE Runtime Environment 5.0 Update 9-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
LightScribe System Software 1.12.29.2-->MsiExec.exe /X{CF8C077A-B467-4C43-8DB5-3A9B94FF9681}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.0-->C:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0\setup.exe
Microsoft .NET Framework 3.0-->MsiExec.exe /X{70EE1152-62EC-4618-8CEF-3CC0F82E16F6}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWudf01007$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co6a.dll,SM56UnInstaller
Mozilla Firefox (3.5.2)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 6.0 Parser (KB927977)-->MsiExec.exe /I{5A710547-B58E-488B-828D-CA9A25A0533C}
MultiRes (remove only)-->C:\Program Files\MultiRes\uninstal.exe
MV2Player (remove only)-->C:\Program Files\Mv2Player\uninst.exe
Nokia Connectivity Cable Driver-->MsiExec.exe /I{1B9B5B3B-28E7-4E59-A80D-D670AA984514}
NVIDIA GAME System Software 2.8.1-->MsiExec.exe /I{4F0C7CCF-5666-474B-B02E-AC514A95EC93}
Opera 10.61-->MsiExec.exe /X{70858C67-8761-4444-895A-0A8B2E9E144E}
PC Connectivity Solution-->MsiExec.exe /I{089DD780-DB3F-4CDB-A0C2-111360247298}
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Power4 Gear-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4462AD13-F2AA-4CBD-9F95-293C38EED870}\Setup.exe" -l0x9
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Pro Evolution Soccer 2010-->MsiExec.exe /X{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe" -l0x5 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x5 -removeonly
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x9 anything
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Smart Defrag 1.20-->"C:\Program Files\IObit\IObit SmartDefrag\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TomTom HOME 2.7.2.1825-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Total Commander (Remove or Repair)-->C:\Program Files\totalcmd\tcuninst.exe
Ubisoft Game Launcher-->"C:\Program Files\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
USB 2.0 1.3M UVC WebCam-->C:\WINDOWS\snuninst.exe /name='USB 2.0 1.3M UVC WebCam'
VLC media player 1.1.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
vShare Plugin-->C:\Program Files\vShare\UNINSTALL.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Communication Foundation-->MsiExec.exe /X{33246AD5-4405-46BE-9A4F-2CC4AE0E05B4}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Wireless Console 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\setup.exe" -l0x9 -removeonly
WPF v3.0.6605.0-->MsiExec.exe /X{B28C9B85-0407-4BB9-9CDA-C32E60D2BA65}
XML Paper Specification Shared Components Pack 1.0-->"C:\WINDOWS\$NtUninstallXpsEPSC$\spuninst\spuninst.exe"
Xvid CZ 1.01-->"C:\Program Files\Xvid CZ\unins000.exe"

======Security center information======

AV: ESET Smart Security 4.0
FW: ESET Personal firewall

======System event log======

Computer Name: MAJKL
Event Code: 7036
Message: Stav služby Adaptér výkonu služby WMI byl změněn na: Spuštěno

Record Number: 29253
Source Name: Service Control Manager
Time Written: 20100711152541.000000+060
Event Type: Informace
User:

Computer Name: MAJKL
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Adaptér výkonu služby WMI úspěšně odeslán.

Record Number: 29252
Source Name: Service Control Manager
Time Written: 20100711152541.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: MAJKL
Event Code: 7036
Message: Stav služby Služba modelu COM pro zápis na disk CD (IMAPI) byl změněn na: Zastaveno

Record Number: 29251
Source Name: Service Control Manager
Time Written: 20100711152537.000000+060
Event Type: Informace
User:

Computer Name: MAJKL
Event Code: 7036
Message: Stav služby Služba brány aplikačního rozhraní byl změněn na: Spuštěno

Record Number: 29250
Source Name: Service Control Manager
Time Written: 20100711152531.000000+060
Event Type: Informace
User:

Computer Name: MAJKL
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Služba brány aplikačního rozhraní úspěšně odeslán.

Record Number: 29249
Source Name: Service Control Manager
Time Written: 20100711152530.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: MAJKL
Event Code: 100
Message: wuauclt (2528) Databázový stroj 5.01.2600.5512 byl spuštěn.

Record Number: 887
Source Name: ESENT
Time Written: 20090829100944.000000+060
Event Type: Informace
User:

Computer Name: MAJKL
Event Code: 0
Message:
Record Number: 886
Source Name: ServiceLayer
Time Written: 20090829100908.000000+060
Event Type: Informace
User:

Computer Name: MAJKL
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 885
Source Name: SecurityCenter
Time Written: 20090829100859.000000+060
Event Type: Informace
User:

Computer Name: MAJKL
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 884
Source Name: LightScribeService
Time Written: 20090829100858.000000+060
Event Type: Informace
User:

Computer Name: MAJKL
Event Code: 105
Message: The service was started.

Record Number: 883
Source Name: ATI Smart
Time Written: 20090829100857.000000+060
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\PC Connectivity Solution\;%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4802
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Slozka Qoobox jaksi na uploader nedorazila, celou ji zabalte a uploadnete na LP http://leteckaposta.cz/

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Registry::
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "Adobe Reader Speed Launcher"=-
  "Malwarebytes Anti-Malware (reboot)"=-
  "SunJavaUpdateSched"=-
  "AdobeAAMUpdater-1.0"=-
  "SwitchBoard"=-
  "AdobeCS5ServiceManager"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "MSMSGS"=-
  "DAEMON Tools Lite"=-
  "AdobeBridge"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=-
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
  
  Folder::
  C:\Program Files\uTorrentBar
  
  File::
  C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-MAJKL-Michal Brož.job
  C:\WINDOWS\tasks\SmartDefrag.job
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Tak jsem udělal, co je v návodu, ale zahlásilo mi to chybu a že je combofix omezen datem a jeho funkčnost bude omezena. Žádnej log to nehodilo ani před ani po restartu. Mám stáhnout nejnovější verzi CF a zkusit znovu?

Ano, stary CF hodte do kose a stahnete si novy odsud http://download.bleepingcomputer.com/sUBs/ComboFix.exe

ComboFix 11-01-31.02 - Michal Brož 03.02.2011 20:21:38.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1383 [GMT 0:00]
Spuštěný z: c:\documents and settings\Michal Brož\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Michal Brož\Plocha\CFScript.txt
AV: ESET Smart Security 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

FILE ::
"c:\windows\tasks\AdobeAAMUpdater-1.0-MAJKL-Michal Brož.job"
"c:\windows\tasks\SmartDefrag.job"
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Data aplikací\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Data aplikací\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\Michal Brož\Data aplikací\PriceGong
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\1.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\a.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\b.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\c.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\d.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\e.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\f.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\g.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\h.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\i.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\J.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\k.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\l.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\m.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\mru.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\n.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\o.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\p.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\q.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\r.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\s.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\t.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\u.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\v.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\w.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\x.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\y.xml
c:\documents and settings\Michal Brož\Data aplikací\PriceGong\Data\z.xml
c:\program files\uTorrentBar
c:\program files\uTorrentBar\GottenAppsContextMenu.xml
c:\program files\uTorrentBar\INSTALL.LOG
c:\program files\uTorrentBar\OtherAppsContextMenu.xml
c:\program files\uTorrentBar\SharedAppsContextMenu.xml
c:\program files\uTorrentBar\tbuTo1.dll
c:\program files\uTorrentBar\tbuTor.dll
c:\program files\uTorrentBar\toolbar.cfg
c:\program files\uTorrentBar\ToolbarContextMenu.xml
c:\program files\uTorrentBar\UNWISE.EXE
c:\program files\uTorrentBar\uTorrentBarToolbarHelper.exe
c:\windows\tasks\SmartDefrag.job

----- BITS: Možné infikované stránky -----

hxxp://sync.mobilebroadband.o2.co.uk:8080
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-03 do 2011-02-03 )))))))))))))))))))))))))))))))
.

2011-02-03 00:41 . 2011-02-03 00:41 -------- d-----w- c:\windows\system32\wbem\Repository
2011-02-02 21:59 . 2011-02-03 00:41 -------- d-----w- c:\documents and settings\Michal Brož\Data aplikací\Spyware Terminator
2011-02-02 21:56 . 2011-02-03 00:41 -------- d-----w- c:\program files\Spyware Terminator
2011-02-01 14:42 . 2011-02-01 14:43 -------- d-----w- c:\program files\O2 Assistant
2011-01-27 18:35 . 2011-01-27 18:35 -------- d-----w- C:\Ubisoft
2011-01-08 22:02 . 2011-01-08 22:02 -------- d-----w- c:\program files\Ubisoft
2011-01-07 15:20 . 2011-01-07 15:20 -------- d-----w- c:\documents and settings\Michal Brož\Data aplikací\Tatara Systems
2011-01-07 15:19 . 2009-07-21 09:15 114688 ----a-w- c:\windows\system32\drivers\ZTEusbnet.sys
2011-01-07 15:19 . 2008-11-06 08:49 13824 ----a-w- c:\windows\system32\drivers\ZTEusbccid.sys
2011-01-07 15:19 . 2011-01-28 16:50 -------- d-----w- c:\windows\massfilter
2011-01-07 15:18 . 2011-01-07 15:18 -------- d-----w- c:\program files\O2CM-CE
2011-01-07 15:18 . 2011-01-07 15:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\O2CM-CE

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-23 20:52 . 2004-08-03 21:14 361344 ----a-w- c:\windows\system32\drivers\tcpip.sys
.

------- Sigcheck -------

[-] 2010-12-23 . 68F06FE0021B01E670AF37B8C5964FDF . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
((((((((((((((((((((((((((((( SnapShot@2010-08-29_01.17.34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-07 02:19 . 2007-11-07 02:19 54272 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 62976 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90rus.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 46080 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90kor.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 46592 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90jpn.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 64512 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90ita.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 39936 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90cht.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 38912 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90chs.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 66048 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90fra.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esp.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 65024 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90esn.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 56832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90enu.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 66560 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_b0db7d03\mfc90deu.dll
+ 2009-06-26 19:10 . 2009-06-26 19:10 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_a57b1f13\mfcm90u.dll
+ 2009-06-26 19:10 . 2009-06-26 19:10 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_a57b1f13\mfcm90.dll
+ 2008-07-29 06:07 . 2008-07-29 06:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90u.dll
+ 2008-07-29 06:07 . 2008-07-29 06:07 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfcm90.dll
- 2009-07-09 18:24 . 2009-01-07 18:20 26144 c:\windows\system32\spupdsvc.exe
+ 2009-07-09 18:24 . 2008-11-07 17:55 26144 c:\windows\system32\spupdsvc.exe
+ 2010-08-31 15:04 . 2008-11-07 17:55 16928 c:\windows\system32\spmsgXP_2k3.dll
+ 2001-10-25 14:00 . 2010-11-01 21:31 67960 c:\windows\system32\perfc009.dat
- 2001-10-25 14:00 . 2010-04-02 17:27 67960 c:\windows\system32\perfc009.dat
+ 2001-10-25 14:00 . 2010-11-01 21:31 78560 c:\windows\system32\perfc005.dat
- 2001-10-25 14:00 . 2010-04-02 17:27 78560 c:\windows\system32\perfc005.dat
+ 2010-09-29 16:16 . 2009-02-13 11:02 14464 c:\windows\system32\DRVSTORE\wdcsam_FBC55413B10A1CDD378E9E9377B4222CCA25AB1B\wdcsam64.sys
+ 2010-09-29 16:16 . 2009-02-13 11:02 11520 c:\windows\system32\DRVSTORE\wdcsam_FBC55413B10A1CDD378E9E9377B4222CCA25AB1B\wdcsam.sys
+ 2009-07-14 09:35 . 2009-07-14 09:35 37608 c:\windows\system32\drivers\wdfldr.sys
+ 2010-09-29 16:16 . 2009-02-13 11:02 11520 c:\windows\system32\drivers\wdcsam.sys
+ 2010-08-22 10:11 . 2010-02-26 13:32 18176 c:\windows\system32\drivers\ccdcmb.sys
+ 2009-07-09 18:57 . 2007-06-29 13:47 34304 c:\windows\system32\drivers\AmdLLD.sys
+ 2010-08-30 15:35 . 2005-07-14 11:31 27648 c:\windows\system32\AVSredirect.dll
+ 2011-01-07 15:19 . 2009-09-02 13:43 60752 c:\windows\massfilter\USBDriverInstaller_x86.exe
+ 2011-01-07 15:19 . 2009-09-02 12:16 88400 c:\windows\massfilter\USBDriverInstaller_x64.exe
+ 2011-01-07 15:19 . 2008-11-06 08:49 20992 c:\windows\massfilter\Drivers\64bit\WNET\ZTEusbccid.sys
+ 2011-01-07 15:19 . 2009-04-27 14:01 12800 c:\windows\massfilter\Drivers\64bit\WNET\massfilter.sys
+ 2011-01-07 15:19 . 2008-11-06 08:49 20992 c:\windows\massfilter\Drivers\64bit\WIN7\ZTEusbccid.sys
+ 2011-01-07 15:19 . 2009-04-27 14:15 11776 c:\windows\massfilter\Drivers\64bit\WIN7\massfilter.sys
+ 2011-01-07 15:19 . 2008-11-06 08:49 20992 c:\windows\massfilter\Drivers\64bit\VISTA\ZTEusbccid.sys
+ 2011-01-07 15:19 . 2009-04-27 14:15 11776 c:\windows\massfilter\Drivers\64bit\VISTA\massfilter.sys
+ 2011-01-07 15:19 . 2008-11-06 08:49 13824 c:\windows\massfilter\Drivers\32bit\WNET\ZTEusbccid.sys
+ 2011-01-07 15:19 . 2008-11-06 08:49 13824 c:\windows\massfilter\Drivers\32bit\WIN7\ZTEusbccid.sys
+ 2011-01-07 15:19 . 2008-11-06 08:49 13824 c:\windows\massfilter\Drivers\32bit\VISTA\ZTEusbccid.sys
+ 2010-12-02 19:09 . 2010-12-02 19:09 22016 c:\windows\Installer\1a8994a.msi
+ 2010-12-02 19:07 . 2010-12-02 19:07 22528 c:\windows\Installer\1a8993c.msi
+ 2010-12-02 19:07 . 2010-12-02 19:07 27648 c:\windows\Installer\1a89935.msi
+ 2010-12-02 19:05 . 2010-12-02 19:05 10134 c:\windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}\ARPPRODUCTICON.exe
+ 2010-12-02 19:05 . 2010-12-02 19:05 10134 c:\windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}\ARPPRODUCTICON.exe
+ 2010-10-06 20:00 . 2010-10-06 20:00 10134 c:\windows\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe
+ 2010-12-02 19:04 . 2010-12-02 19:04 10134 c:\windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe
+ 2009-07-10 09:55 . 2010-12-27 00:12 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-07-10 09:55 . 2009-09-17 15:23 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2009-07-10 09:55 . 2009-09-17 15:23 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-07-10 09:55 . 2010-12-27 00:12 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-07-10 09:55 . 2009-09-17 15:23 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2009-07-10 09:55 . 2010-12-27 00:12 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-08-15 15:55 . 2010-12-10 17:06 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
- 2010-08-15 15:55 . 2010-08-15 15:55 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-12-02 19:05 . 2010-12-02 19:05 10134 c:\windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe
+ 2010-12-02 19:09 . 2010-12-02 19:09 10134 c:\windows\Installer\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}\ARPPRODUCTICON.exe
+ 2010-12-02 19:04 . 2010-12-02 19:04 10134 c:\windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe
+ 2010-12-02 19:05 . 2010-12-02 19:05 10134 c:\windows\Installer\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}\ARPPRODUCTICON.exe
- 2010-05-05 16:01 . 2010-05-05 16:01 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 12800 c:\windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
- 2010-05-05 16:01 . 2010-05-05 16:01 53248 c:\windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2010-08-31 15:04 . 2009-07-13 15:49 47104 c:\windows\$NtUninstallWdf01009$\spuninst\KmdfCustom.dll
+ 2010-11-10 18:23 . 2009-04-27 14:00 9728 c:\windows\system32\drivers\massfilter.sys
+ 2011-01-07 15:19 . 2009-04-27 14:00 9728 c:\windows\massfilter\Drivers\32bit\WNET\massfilter.sys
+ 2011-01-07 15:19 . 2009-04-27 14:15 9216 c:\windows\massfilter\Drivers\32bit\WIN7\massfilter.sys
+ 2011-01-07 15:19 . 2009-04-27 14:15 9216 c:\windows\massfilter\Drivers\32bit\VISTA\massfilter.sys
+ 2009-06-26 19:07 . 2009-06-26 19:07 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\msvcr90.dll
+ 2009-06-26 19:07 . 2009-06-26 19:07 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\msvcp90.dll
+ 2009-06-26 19:10 . 2009-06-26 19:10 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_d494ac0e\msvcm90.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcr90.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 572928 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcp90.dll
+ 2008-07-29 03:54 . 2008-07-29 03:54 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\msvcm90.dll
+ 2009-06-26 19:07 . 2009-06-26 19:07 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_35349982\atl90.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 161784 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_d01483b2\atl90.dll
+ 2011-02-03 00:41 . 2011-02-03 00:42 483948 c:\windows\system32\Restore\rstrlog.dat
+ 2010-01-19 11:49 . 2010-01-19 11:49 466944 c:\windows\system32\RemoveDevice.dll
+ 2001-10-25 14:00 . 2010-11-01 21:31 433196 c:\windows\system32\perfh009.dat
- 2001-10-25 14:00 . 2010-04-02 17:27 433196 c:\windows\system32\perfh009.dat
+ 2001-10-25 14:00 . 2010-11-01 21:31 429828 c:\windows\system32\perfh005.dat
- 2001-10-25 14:00 . 2010-04-02 17:27 429828 c:\windows\system32\perfh005.dat
+ 2010-08-22 10:11 . 2010-02-26 13:32 662016 c:\windows\system32\nmwcdcocls.dll
+ 2010-03-05 10:13 . 2010-03-05 10:13 947472 c:\windows\system32\msjava.dll
- 2010-06-04 22:05 . 2010-04-12 16:29 153376 c:\windows\system32\javaws.exe
+ 2010-04-12 16:29 . 2010-04-12 16:29 153376 c:\windows\system32\javaws.exe
- 2010-06-04 22:05 . 2010-04-12 16:29 145184 c:\windows\system32\javaw.exe
+ 2010-04-12 16:29 . 2010-04-12 16:29 145184 c:\windows\system32\javaw.exe
- 2010-06-04 22:05 . 2010-04-12 16:29 145184 c:\windows\system32\java.exe
+ 2010-04-12 16:29 . 2010-04-12 16:29 145184 c:\windows\system32\java.exe
+ 2010-11-10 18:23 . 2009-07-21 14:02 105088 c:\windows\system32\drivers\ZTEusbser6k.sys
+ 2010-11-10 18:23 . 2009-07-21 14:02 105088 c:\windows\system32\drivers\ZTEusbnmea.sys
+ 2010-11-10 18:23 . 2009-07-21 14:02 105088 c:\windows\system32\drivers\ZTEusbmdm6k.sys
+ 2009-07-14 09:35 . 2009-07-14 09:35 444136 c:\windows\system32\drivers\wdf01000.sys
+ 2009-07-10 09:04 . 2010-10-06 19:44 715248 c:\windows\system32\drivers\sptd.sys
+ 2010-10-01 15:23 . 1999-01-20 04:01 210032 c:\windows\system32\DBCLIENT.DLL
+ 2011-01-07 15:19 . 2009-09-02 13:52 289616 c:\windows\massfilter\ejectdisk.exe
+ 2011-01-07 15:19 . 2009-07-21 14:03 119808 c:\windows\massfilter\Drivers\64bit\WNET\ZTEusbser6k.sys
+ 2011-01-07 15:19 . 2009-07-21 14:03 119808 c:\windows\massfilter\Drivers\64bit\WNET\ZTEusbnmea.sys
+ 2011-01-07 15:19 . 2009-07-21 09:16 135168 c:\windows\massfilter\Drivers\64bit\WNET\ZTEusbnet.sys
+ 2011-01-07 15:19 . 2009-07-21 14:03 119808 c:\windows\massfilter\Drivers\64bit\WNET\ZTEusbmdm6k.sys
+ 2011-01-07 15:19 . 2009-07-21 14:05 119680 c:\windows\massfilter\Drivers\64bit\WIN7\ZTEusbser6k.sys
+ 2011-01-07 15:19 . 2009-07-21 14:05 119680 c:\windows\massfilter\Drivers\64bit\WIN7\ZTEusbnmea.sys
+ 2011-01-07 15:19 . 2009-07-21 09:17 135168 c:\windows\massfilter\Drivers\64bit\WIN7\ZTEusbnet.sys
+ 2011-01-07 15:19 . 2009-07-21 14:05 119680 c:\windows\massfilter\Drivers\64bit\WIN7\ZTEusbmdm6k.sys
+ 2011-01-07 15:19 . 2009-07-21 14:05 119680 c:\windows\massfilter\Drivers\64bit\VISTA\ZTEusbser6k.sys
+ 2011-01-07 15:19 . 2009-07-21 14:05 119680 c:\windows\massfilter\Drivers\64bit\VISTA\ZTEusbnmea.sys
+ 2011-01-07 15:19 . 2009-07-21 09:17 135168 c:\windows\massfilter\Drivers\64bit\VISTA\ZTEusbnet.sys
+ 2011-01-07 15:19 . 2009-07-21 14:05 119680 c:\windows\massfilter\Drivers\64bit\VISTA\ZTEusbmdm6k.sys
+ 2011-01-07 15:19 . 2009-07-21 14:02 105088 c:\windows\massfilter\Drivers\32bit\WNET\ZTEusbser6k.sys
+ 2011-01-07 15:19 . 2009-07-21 14:02 105088 c:\windows\massfilter\Drivers\32bit\WNET\ZTEusbnmea.sys
+ 2011-01-07 15:19 . 2009-07-21 09:15 114688 c:\windows\massfilter\Drivers\32bit\WNET\ZTEusbnet.sys
+ 2011-01-07 15:19 . 2009-07-21 14:02 105088 c:\windows\massfilter\Drivers\32bit\WNET\ZTEusbmdm6k.sys
+ 2011-01-07 15:19 . 2009-07-21 14:04 105088 c:\windows\massfilter\Drivers\32bit\WIN7\ZTEusbser6k.sys
+ 2011-01-07 15:19 . 2009-07-21 14:04 105088 c:\windows\massfilter\Drivers\32bit\WIN7\ZTEusbnmea.sys
+ 2011-01-07 15:19 . 2009-07-21 09:16 114688 c:\windows\massfilter\Drivers\32bit\WIN7\ZTEusbnet.sys
+ 2011-01-07 15:19 . 2009-07-21 14:04 105088 c:\windows\massfilter\Drivers\32bit\WIN7\ZTEusbmdm6k.sys
+ 2011-01-07 15:19 . 2009-07-21 14:04 105088 c:\windows\massfilter\Drivers\32bit\VISTA\ZTEusbser6k.sys
+ 2011-01-07 15:19 . 2009-07-21 14:04 105088 c:\windows\massfilter\Drivers\32bit\VISTA\ZTEusbnmea.sys
+ 2011-01-07 15:19 . 2009-07-21 09:16 114688 c:\windows\massfilter\Drivers\32bit\VISTA\ZTEusbnet.sys
+ 2011-01-07 15:19 . 2009-07-21 14:04 105088 c:\windows\massfilter\Drivers\32bit\VISTA\ZTEusbmdm6k.sys
+ 2010-10-06 20:00 . 2010-10-06 20:00 982528 c:\windows\Installer\d4d7f.msi
+ 2010-11-17 21:29 . 2010-11-17 21:29 409088 c:\windows\Installer\4c3893.msi
+ 2010-11-10 18:23 . 2010-11-10 18:23 228352 c:\windows\Installer\3bb925.msi
+ 2010-09-16 17:18 . 2010-09-16 17:18 836096 c:\windows\Installer\36a3dd.msi
+ 2010-12-02 19:09 . 2010-12-02 19:09 356352 c:\windows\Installer\1a89943.msi
+ 2010-12-02 19:05 . 2010-12-02 19:05 316928 c:\windows\Installer\1a8992e.msi
+ 2010-12-02 19:05 . 2010-12-02 19:05 315392 c:\windows\Installer\1a89927.msi
+ 2010-12-02 19:05 . 2010-12-02 19:05 356864 c:\windows\Installer\1a89920.msi
+ 2010-12-02 19:05 . 2010-12-02 19:05 359424 c:\windows\Installer\1a89919.msi
+ 2010-12-02 19:04 . 2010-12-02 19:04 316416 c:\windows\Installer\1a89912.msi
+ 2010-12-02 19:04 . 2010-12-02 19:04 356352 c:\windows\Installer\1a8990b.msi
+ 2010-10-06 10:11 . 2010-10-06 10:11 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
- 2010-06-07 17:11 . 2010-06-07 17:11 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2010-11-07 23:13 . 2010-11-07 23:13 196608 c:\windows\Installer\{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}\Shortcut_SETTINGS__E16DFE45D7AC4FBF87BBB412D05EFC15.exe
+ 2010-11-07 23:13 . 2010-11-07 23:13 204800 c:\windows\Installer\{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}\Shortcut_PES2011_E_19E2C126E9A346458082E1106EC36033.exe
+ 2010-11-07 23:13 . 2010-11-07 23:13 204800 c:\windows\Installer\{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}\ARPPRODUCTICON.exe
+ 2009-07-10 09:55 . 2010-12-27 00:12 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-07-10 09:55 . 2009-09-17 15:23 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-07-10 09:55 . 2010-12-27 00:12 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2009-07-10 09:55 . 2009-09-17 15:23 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2009-07-10 09:55 . 2009-09-17 15:23 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-07-10 09:55 . 2010-12-27 00:12 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2009-07-10 09:55 . 2009-09-17 15:23 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-07-10 09:55 . 2010-12-27 00:12 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2009-07-10 09:55 . 2009-09-17 15:23 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2009-07-10 09:55 . 2010-12-27 00:12 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2009-07-10 09:55 . 2009-09-17 15:23 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2009-07-10 09:55 . 2010-12-27 00:12 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2009-07-10 09:55 . 2009-09-17 15:23 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2009-07-10 09:55 . 2010-12-27 00:12 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2010-09-29 16:17 . 2010-09-29 16:17 271542 c:\windows\Installer\{2AA48AFA-79CA-4043-BFFC-BB5BA23A9FCF}\controlPanelIcon.exe
- 2010-05-05 16:01 . 2010-05-05 16:01 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 223232 c:\windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
- 2010-05-05 16:01 . 2010-05-05 16:01 178176 c:\windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
- 2010-05-05 16:01 . 2010-05-05 16:01 364544 c:\windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
- 2010-05-05 16:01 . 2010-05-05 16:01 159232 c:\windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
- 2010-05-05 16:01 . 2010-05-05 16:01 145920 c:\windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-05-05 16:01 . 2010-05-05 16:01 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-05-05 16:01 . 2010-05-05 16:01 578560 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-05-05 16:01 . 2010-05-05 16:01 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-05-05 16:01 . 2010-05-05 16:01 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 577536 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-05-05 16:01 . 2010-05-05 16:01 577024 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-05-05 16:01 . 2010-05-05 16:01 576000 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-05-05 16:01 . 2010-05-05 16:01 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 567296 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-05-05 16:01 . 2010-05-05 16:01 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 563712 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-05-05 16:01 . 2010-05-05 16:01 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 473600 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2010-08-31 15:04 . 2008-11-07 17:55 382496 c:\windows\$NtUninstallWdf01009$\spuninst\updspapi.dll
+ 2010-08-31 15:04 . 2008-11-07 17:55 231456 c:\windows\$NtUninstallWdf01009$\spuninst\spuninst.exe
+ 2009-06-26 19:07 . 2009-06-26 19:07 3780416 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_a57b1f13\mfc90u.dll
+ 2009-06-26 19:07 . 2009-06-26 19:07 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4137_x-ww_a57b1f13\mfc90.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 3783672 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90u.dll
+ 2008-07-29 08:05 . 2008-07-29 08:05 3768312 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_405b0943\mfc90.dll
+ 2010-08-22 10:11 . 2010-02-26 13:19 1461992 c:\windows\system32\wdfcoinstaller01009.dll
+ 2009-07-09 19:14 . 2010-12-03 18:38 3500368 c:\windows\system32\FNTCACHE.DAT
+ 2010-10-06 20:02 . 2010-10-06 20:02 1604096 c:\windows\Installer\d4daa.msi
+ 2010-09-29 16:17 . 2010-09-29 16:17 1560064 c:\windows\Installer\905f31.msi
+ 2010-10-06 10:11 . 2010-10-06 10:11 1575936 c:\windows\Installer\5a7e8.msi
+ 2010-11-17 21:31 . 2010-11-17 21:31 1315840 c:\windows\Installer\4c389b.msi
+ 2011-02-01 14:43 . 2011-02-01 14:43 3878912 c:\windows\Installer\22e535.msi
+ 2010-11-07 23:13 . 2010-11-07 23:13 2054656 c:\windows\Installer\2106aa.msi
+ 2010-12-02 19:10 . 2010-12-02 19:10 2096128 c:\windows\Installer\1a89951.msi
- 2009-07-10 09:55 . 2009-09-17 15:23 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-07-10 09:55 . 2010-12-27 00:12 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-07-10 09:55 . 2010-12-27 00:12 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2009-07-10 09:55 . 2009-09-17 15:23 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2011-01-08 22:08 . 2011-01-08 22:08 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-05-05 16:00 . 2010-05-05 16:00 2846720 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2011-01-08 22:08 . 2011-01-08 22:08 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
- 2010-05-05 16:00 . 2010-05-05 16:00 2676224 c:\windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2010-12-10 17:06 . 2010-12-10 17:06 20303872 c:\windows\Installer\17ae626.msp
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-25 11:14 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngin0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngin0.dll" [2010-12-25 3911776]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-27 247144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-26 90112]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-08-23 110592]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2010-08-26 225280]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2010-08-29 53248]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2010-08-29 90112]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-25 16855552]
"SkyTel"="SkyTel.EXE" [2007-10-11 1826816]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2010-08-29 851968]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1024000]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
"ACU"="c:\program files\Atheros\ACU.exe" [2006-11-17 348249]
"AtiPTA"="atiptaxx.exe" [2006-02-22 344064]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"Startup Cleaner"="c:\program files\CM Data Software\CM DiskCleaner\Startup Cleaner.exe" [2006-07-14 118784]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"O2DA"="c:\program files\O2 Assistant\bin\sprtcmd.exe" [2010-04-23 206120]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2006-5-24 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Opera 10 Beta\\opera.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2011\\pes2011.exe"=
"c:\\Program Files\\O2\\agent\\bin\\bcont.exe"=
"c:\\Program Files\\O2\\bin\\wificfg.exe"=
"c:\\Program Files\\Common Files\\SupportSoft\\bin\\ssrc.exe"=
"c:\\Program Files\\O2\\agent\\bin\\bcont_nm.exe"=
"c:\\Documents and Settings\\Michal Brož\\Plocha\\utorrent.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 atitray;atitray;c:\program files\Radeon Omega Drivers\v4.8.442\ATI Tray Tools\atitray.sys [9.7.2009 19:03 17952]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 12:23 106208]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [6.2.2009 12:23 727720]
R2 sprtsvc_O2;SupportSoft Sprocket Service (O2);c:\program files\O2\bin\sprtsvc.exe [4.3.2009 15:52 202016]
R2 tgsrvc_O2DA;SupportSoft Repair Service (O2DA);c:\program files\O2 Assistant\bin\tgsrvc.exe [23.4.2010 15:04 185640]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [10.5.2010 10:33 110592]
R2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [10.5.2010 10:32 1858048]
R2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [10.5.2010 10:32 482304]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [10.11.2010 18:23 9728]
S3 sprtsvc_O2DA;SupportSoft Sprocket Service (O2DA);c:\program files\O2 Assistant\bin\sprtsvc.exe [23.4.2010 15:04 206120]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [29.9.2010 16:16 11520]
S3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\drivers\ZTEusbnet.sys [7.1.2011 15:19 114688]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.7.2009 9:04 715248]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-01-24 10:30 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2011-02-01 c:\windows\Tasks\AdobeAAMUpdater-1.0-MAJKL-Michal Brož.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-12-02 19:02]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = hxxp://ati.amd.com/online/cccwelcome/registration.asp?id=1
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: o2.co.uk\*.broadband
FF - ProfilePath - c:\documents and settings\Michal Brož\Data aplikací\Mozilla\Firefox\Profiles\m41bv6yl.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Katalog DVD_is1 - g:\wd my passport essentials\Program files\Katalog DVD\unins000.exe
AddRemove-uTorrentBar Toolbar - c:\progra~1\UTORRE~1\UNWISE.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-03 20:26
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1214440339-1844237615-839522115-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1214440339-1844237615-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:45,4e,90,71,02,58,14,ca,51,85,9f,68,d3,90,1d,e7,0f,c6,2b,bc,47,
bc,1b,64,86,ff,f6,51,63,b7,73,4f,42,bd,50,5b,c9,a1,ff,27,04,09,a2,7c,82,09,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1372)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3740)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\acs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\ACEngSvr.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\windows\ATK0100\ATKOSD.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
.
**************************************************************************
.
Celkový čas: 2011-02-03 20:30:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-03 20:30
ComboFix2.txt 2010-08-29 01:19

Před spuštěním: Volných bajtů: 24 174 981 120
Po spuštění: Volných bajtů: 24 371 904 512

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - 3F8FA68AF4FDEE1700C5F340BE56BE2C

Jak se chova PC

zatim bez problemu, tak snad vsechno v poradku. Kdyby byl problem, tak zase viry.cz poprosim o pomoc
Diky moc za pomoc, jako vzdy vyreseno.
Preju hezky den a jeste jednou diky.

Jeste uklidime

Odinstalujte Combofix

• Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
• Napiste ComboFix /Uninstall
• Stisknete Enter
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

A pokud nejsou problemy ci dotazy, je to z me strany vse