VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosim o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=109996

Stránka 1 z 2

prosim o kontrolu

Napsal: 04 bře 2011 15:14
od lubkomir
mam starsi notebook a v poslednom case zacal akosi blbnut. Zacalo to hodinami napr. pride na 17: 59 a nasledne skoci na 17:00 ... a teraz zacina nejak spomalovat a mrznut.
Dakujem za odpoved

Logfile of random's system information tool 1.08 (written by random/random)
Run by Lubo at 2011-03-01 17:34:29
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 6 GB (30%) free of 20 GB
Total RAM: 502 MB (4% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2008-05-20 736360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}]
BrowserHelper Class - C:\Program Files\SGPSA\SearchAssistant.dll [2009-10-15 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-02 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll [2011-01-28 726016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{af83e43c-dd2b-4787-826b-31b17dee52ed} - QT Breadcrumbs Address Bar - C:\WINDOWS\system32\mscoree.dll [2008-07-25 282112]
{1BB22D38-A411-4B13-A746-C2A4F4EC7344} - Fast Browser Search Toolbar - C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll []
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YouTube Downloader Toolbar - C:\Program Files\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll [2011-01-28 726016]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"VisualTaskTips"=C:\Program Files\VisualTaskTips\VisualTaskTips.exe [2008-08-15 65536]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"ViOrb"=C:\Program Files\extra\ViOrb\ViOrb.exe [2008-06-15 167936]
"True transparacy"=C:\Program Files\extra\True Transparency\TrueTransparency.exe [2008-06-24 372224]
"TransBar"=C:\Program Files\extra\TransBar\TransBar.exe [2005-06-01 93696]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-07-01 1447168]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2006-04-14 667718]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2006-04-14 602182]
"EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2006-04-14 569413]
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-07-25 32768]
"HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2006-04-19 65536]
"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480]
"LMgrOSD"=C:\Program Files\Launch Manager\OSD.exe [2005-03-16 204800]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2006-04-20 86016]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-07-19 94208]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-07-19 114688]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-02-28 570664]
""= []
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-01-28 526336]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-08-15 40960]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detection]
C:\Program Files\HappyFoto\HF Designer\dd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]
C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-02-26 2376992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-08-23 98304]

C:\Documents and Settings\Lubo\Nabídka Start\Programy\Po spuštění
PMB Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-07-19 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-07-28 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Common Files\aol\ACS\AOLacsd.exe"="C:\Program Files\Common Files\aol\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\aol\ACS\AOLDial.exe"="C:\Program Files\Common Files\aol\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"D:\HRY\fm\fm.exe"="D:\HRY\fm\fm.exe:*:Enabled:Football Manager 2009"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Lubo\Dokumenty\Stažené soubory\solutoinstaller.exe"="C:\Documents and Settings\Lubo\Dokumenty\Stažené soubory\solutoinstaller.exe:*:Enabled:SolutoInstaller"
"C:\Program Files\Soluto\Soluto.exe"="C:\Program Files\Soluto\Soluto.exe:*:Enabled:Soluto Tray"
"C:\Program Files\Soluto\SolutoService.exe"="C:\Program Files\Soluto\SolutoService.exe:*:Enabled:Soluto Service"
"C:\Program Files\Soluto\SolutoConsole.exe"="C:\Program Files\Soluto\SolutoConsole.exe:*:Enabled:Soluto Console"
"C:\Program Files\Soluto\SolutoUpdateService.exe"="C:\Program Files\Soluto\SolutoUpdateService.exe:*:Enabled:Soluto Update Service"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\aol\ACS\AOLacsd.exe"="C:\Program Files\Common Files\aol\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\aol\ACS\AOLDial.exe"="C:\Program Files\Common Files\aol\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

======List of files/folders created in the last 1 months======

2011-03-01 17:34:32 ----D---- C:\Program Files\trend micro
2011-03-01 17:34:29 ----D---- C:\rsit
2011-02-25 17:09:50 ----A---- C:\WINDOWS\chicksme.ini
2011-02-25 17:09:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\SME Kuramatic
2011-02-25 17:09:45 ----D---- C:\Program Files\SME Kuramatic
2011-02-25 16:41:46 ----D---- C:\Program Files\ICQ6Toolbar
2011-02-25 16:41:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2011-02-25 16:40:28 ----D---- C:\Documents and Settings\Lubo\Data aplikací\ICQ
2011-02-25 16:40:11 ----D---- C:\Program Files\ICQ7.4
2011-02-22 01:09:39 ----A---- C:\WINDOWS\system32\lsdelete.exe
2011-02-22 00:44:08 ----A---- C:\WINDOWS\system32\drivers\Lbd.sys
2011-02-22 00:44:01 ----A---- C:\WINDOWS\system32\drivers\SBREDrv.sys
2011-02-22 00:38:53 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{3D8A16C3-37D5-4543-A6B3-D545F952AD73}
2011-02-22 00:37:38 ----D---- C:\Program Files\Lavasoft
2011-02-22 00:37:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2011-02-21 23:50:03 ----A---- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
2011-02-21 23:39:56 ----A---- C:\WINDOWS\system32\drivers\Soluto.sys
2011-02-21 23:39:44 ----D---- C:\Program Files\Soluto
2011-02-21 23:35:35 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2011-02-21 23:28:34 ----D---- C:\WINDOWS\SxsCaPendDel
2011-02-21 23:18:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Soluto
2011-02-21 16:40:53 ----D---- C:\Program Files\Common Files\Java
2011-02-21 16:39:36 ----A---- C:\WINDOWS\system32\javaws.exe
2011-02-21 16:39:36 ----A---- C:\WINDOWS\system32\javaw.exe
2011-02-21 16:39:35 ----A---- C:\WINDOWS\system32\java.exe
2011-02-15 20:41:37 ----D---- C:\Documents and Settings\Lubo\Data aplikací\YouTube Downloader
2011-02-15 20:27:13 ----D---- C:\Documents and Settings\Lubo\Data aplikací\Search Settings
2011-02-15 20:27:03 ----D---- C:\Program Files\Application Updater
2011-02-15 20:27:02 ----D---- C:\Program Files\YouTube Downloader Toolbar
2011-02-15 20:27:02 ----D---- C:\Program Files\Common Files\Spigot

======List of files/folders modified in the last 1 months======

2011-03-01 17:34:51 ----D---- C:\WINDOWS\Temp
2011-03-01 17:34:32 ----RD---- C:\Program Files
2011-03-01 17:21:41 ----D---- C:\WINDOWS\Prefetch
2011-03-01 17:15:15 ----SD---- C:\WINDOWS\Tasks
2011-03-01 17:14:57 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-01 17:12:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-01 12:34:21 ----SHD---- C:\WINDOWS\Installer
2011-03-01 12:34:18 ----D---- C:\Program Files\VistaExperience.org
2011-03-01 12:31:20 ----HD---- C:\WINDOWS\inf
2011-03-01 12:31:05 ----D---- C:\WINDOWS\system32\drivers
2011-03-01 12:30:15 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-01 12:30:15 ----D---- C:\Documents and Settings\Lubo\Data aplikací\Samsung
2011-03-01 12:25:56 ----RSD---- C:\WINDOWS\Fonts
2011-03-01 12:19:50 ----D---- C:\Program Files\Google
2011-02-25 17:09:50 ----D---- C:\WINDOWS
2011-02-25 13:20:36 ----A---- C:\WINDOWS\NeroDigital.ini
2011-02-22 06:44:37 ----D---- C:\Program Files\Search Guard Plus
2011-02-22 01:49:16 ----D---- C:\WINDOWS\Microsoft.NET
2011-02-22 01:09:49 ----RSD---- C:\WINDOWS\assembly
2011-02-22 01:09:28 ----D---- C:\Program Files\Search Guard PlusU
2011-02-22 00:44:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-02-22 00:37:32 ----D---- C:\WINDOWS\WinSxS
2011-02-21 23:55:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-21 23:35:07 ----D---- C:\WINDOWS\system32\XPSViewer
2011-02-21 23:35:06 ----D---- C:\WINDOWS\system32\cs-cz
2011-02-21 23:31:16 ----D---- C:\WINDOWS\system32\en-us
2011-02-21 23:27:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-02-21 23:25:41 ----D---- C:\Program Files\Internet Explorer
2011-02-21 16:40:53 ----D---- C:\Program Files\Common Files
2011-02-21 16:39:40 ----D---- C:\WINDOWS\system32
2011-02-21 16:39:25 ----D---- C:\Program Files\Java
2011-02-06 21:39:32 ----D---- C:\Documents and Settings\Lubo\Data aplikací\Skype
2011-02-06 20:15:46 ----D---- C:\Documents and Settings\Lubo\Data aplikací\skypePM
2011-02-02 21:40:23 ----A---- C:\WINDOWS\system32\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2011-02-18 64512]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-07-04 44944]
R0 Soluto;Soluto; C:\WINDOWS\system32\DRIVERS\Soluto.sys [2011-02-09 51144]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-08-30 721904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-07-01 53256]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-07-01 54280]
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-08-24 21275]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-07-01 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-07-01 71688]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-04-14 13568]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-07-01 30728]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-07-19 1049180]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-08-15 12160]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2008-01-07 2216064]
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []
S3 a1ugb1y4;a1ugb1y4; C:\WINDOWS\system32\drivers\a1ugb1y4.sys []
S3 AVPsys;AVPsys; \??\C:\WINDOWS\system32\drivers\cdaudio.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-07-28 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-01-28 387072]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2008-07-14 468224]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-04-14 114753]
R2 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-02-18 1405384]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-04-14 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-04-14 540745]
R2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2011-02-09 311328]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-07-01 19200]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-17 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-23 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.08 2011-03-01 17:34:59

======Uninstall list======

-->C:\Program Files\InstallShield Installation Information\{36C41D70-56F5-4E2B-81DA-6BEB7502D7A1}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {3C3813E1-C370-4F32-9639-8B43C7C780CD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {F67648A4-713E-4298-BBAD-A83D8283B0F3}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {2659571A-3405-4486-B7D8-2F125BC0E3B2}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
Ad-Aware-->"C:\Documents and Settings\All Users\Data aplikací\{3D8A16C3-37D5-4543-A6B3-D545F952AD73}\Ad-Aware90Install.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Data aplikací\{3D8A16C3-37D5-4543-A6B3-D545F952AD73}\Ad-Aware90Install.exe
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Adobe Reader 8.1.0 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A81000000003}
Aktualizace zabezpečení systému Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Alky for Applications (Windows XP)-->MsiExec.exe /X{BB05D173-9681-4812-A7FA-BD4042A3DA00}
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
ESET Smart Security-->MsiExec.exe /I{667A316D-2841-4A37-8930-D358CCBAE3BA}
Football Manager 2009-->"D:\HRY\fm\Uninstall_Football Manager 2009\Uninstall Football Manager 2009.exe"
Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Happy Foto Asistent (Len odstrániť)-->"C:\Program Files\HappyFoto\HfAsistentSlk\uninstall.exe"
HF Designer-->"C:\Program Files\HappyFoto\HF Designer\unins000.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7.4-->"C:\Program Files\InstallShield Installation Information\{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IE7Pro-->C:\Program Files\IEPro\uninst.exe
Intel(R) Graphics Media Accelerator Driver for Mobile-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
K-Lite Mega Codec Pack 4.1.4-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Launch Manager V1.2.9-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\Setup.exe" -l0x9 -uninst
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
Leawo PowerPoint to Video Free version 1.9.0.48-->"C:\Program Files\Leawo\PowerPoint to Video Free\unins000.exe"
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mEoU-->MsiExec.exe /I{B502B428-3386-40A9-98DB-079AAB72E64F}
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2007 Recent Documents Gadget-->MsiExec.exe /X{90120000-008A-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ Run Time Lib Setup-->MsiExec.exe /X{AAF4238F-7C29-451D-9925-C753271A5728}
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.16)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Nero 8-->MsiExec.exe /X{D6D5CB84-0E6E-4E69-B300-C690B6911029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{82427977-8776-4087-90CA-9F65174D3C4D}
Nokia Flashing Cable Driver-->MsiExec.exe /X{A4E0CA0F-1903-440A-9B98-FEA6CB049999}
Nokia Map Loader-->MsiExec.exe /I{45D4F727-43B5-49CD-B474-B9866A8F4FB8}
Nokia Maps Updater 1.0.10-->"C:\Program Files\Nokia\Nokia Maps Updater\Uninstall Information\unins000.exe"
Nokia Music-->MsiExec.exe /I{BEC99D86-1D70-4AB8-8D15-E116392F9B7D}
Nokia Ovi Application Installer 6.85.3011-->msiexec /qn /x {42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Application Installer-->MsiExec.exe /I{42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Content Copier 6.85.3011-->msiexec /qn /x {6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi Content Copier-->MsiExec.exe /X{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi One Touch Access 6.85.3011-->msiexec /qn /x {4AE48A64-6C6A-4E5A-95FA-55F5131DECF9}
Nokia Ovi One Touch Access-->MsiExec.exe /I{4AE48A64-6C6A-4E5A-95FA-55F5131DECF9}
Nokia Ovi Suite-->MsiExec.exe /I{B5264B25-8908-49BB-A708-5A70DFBF8094}
Nokia Ovi System Utilities 6.85.3016-->msiexec /qn /x {FF34EA62-92C1-41E6-BA64-B2B7ECB53737}
Nokia Ovi System Utilities-->MsiExec.exe /X{FF34EA62-92C1-41E6-BA64-B2B7ECB53737}
Nokia Photos-->MsiExec.exe /I{D3656CE3-0F62-447F-AEF3-9BF29B6197D9}
Nokia Software Updater-->MsiExec.exe /X{2FA28330-2028-4033-BD10-425C87EB4D54}
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
Open Transport Tycoon Deluxe 0.6.3-->D:\HRY\ttd\Uninstal.exe
Oprava Hotfix systému Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
PC Connectivity Solution-->MsiExec.exe /I{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}
Postranní panel systému Windows-->RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,UnInstall
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x5 REMOVE
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Search Guard Plus (My Tattoons)-->C:\Program Files\Search Guard Plus\uninstalSGP.exe
Search Guard Plus Updater (My Tattoons)-->C:\Program Files\Search Guard PlusU\uninstalSGPU.exe
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Office 2007 (KB947801)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SME Kuramatic 1.4-->"C:\Program Files\SME Kuramatic\unins000.exe"
Software Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
Soluto-->MsiExec.exe /X{B594B13B-0395-411D-AE09-C86E7304C749}
Sony Picture Utility-->C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VisualTaskTips-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\VTaskTip.inf,DefaultUninstall
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
YouTube Downloader 2.6.5-->"C:\Program Files\YouTube Downloader\uninstall.exe"
YouTube Downloader Toolbar v4.3-->MsiExec.exe /X{92881120-6DA5-44A3-8BAB-2429A01D022E}
YoWindow-->"C:\Program Files\YoWindow\uninstall.exe"

======Security center information======

AV: Lavasoft Ad-Watch Live! Anti-Virus
AV: ESET Smart Security 3.0
FW: ESET personal firewall

======System event log======

Computer Name: LUBKOMIR
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{EBAD773A-B334-49A4-AF17-D9A7116F9C63} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 42341
Source Name: Tcpip
Time Written: 20110217213440.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{EBAD773A-B334-49A4-AF17-D9A7116F9C63} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 42340
Source Name: Tcpip
Time Written: 20110217213425.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{EBAD773A-B334-49A4-AF17-D9A7116F9C63} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 42339
Source Name: Tcpip
Time Written: 20110217213410.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 14000
Message: MTP WPD Driver has started successfully.

Record Number: 42338
Source Name: WPDMTPDriver
Time Written: 20110217212325.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 3005
Message: Windows Defender Real-Time Protection agent has taken action to protect this machine from spyware or other potentially unwanted software.

For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=74409

Scan ID: {F80CAF83-5E2C-43E1-83B4-5C9420698ACF}

User: LUBKOMIR\Lubo

Name: Unknown

ID:

Severity: Dosud nezatříděn

Category: Dosud nezatříděn

Alert Type: Neklasifikovaný software

Action: Ignorovat

Record Number: 42337
Source Name: WinDefend
Time Written: 20110217185603.000000+060
Event Type: Informace
User:

=====Application event log=====

Computer Name: LUBKOMIR
Event Code: 2003
Message:
Record Number: 14168
Source Name: EAPOL
Time Written: 20101223082023.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 0
Message:
Record Number: 14167
Source Name: NMIndexingService
Time Written: 20101223082015.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 0
Message:
Record Number: 14166
Source Name: gupdate
Time Written: 20101223082005.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 14165
Source Name: SecurityCenter
Time Written: 20101223081938.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 0
Message:
Record Number: 14164
Source Name: gupdate
Time Written: 20101223081933.000000+060
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\Nokia\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Alky for Applications\Libraries\;C:\Program Files\Samsung\Samsung PC Studio 3\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Re: prosim o kontrolu

Napsal: 04 bře 2011 22:56
od Roli
Zdravím, přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj ICQ6Toolbar

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

Re: prosim o kontrolu

Napsal: 05 bře 2011 22:29
od lubkomir
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verzia databázy: 5968

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

1. 3. 2011 17:59:51
mbam-log-2011-03-01 (17-59-42).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Objektov kontrolovaných: 196046
Uplynutý čas: 29 min, 9 sek

Infikované služby pamäte: 2
Infikované moduly pamäte: 1
Infikované registračné kľúče: 5
Infikované registračné hodnoty: 6
Infikované položky registračných dát: 1
Infikované priečinky: 0
Infikované súbory: 20

Infikované služby pamäte:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 1036 -> No action taken.
c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 976 -> No action taken.

Infikované moduly pamäte:
c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> No action taken.

Infikované registračné kľúče:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A} (PUP.Dealio) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> No action taken.

Infikované registračné hodnoty:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio) -> Value: {F3FEE66E-E034-436A-86E4-9690573BEE8A} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio) -> Value: {F3FEE66E-E034-436A-86E4-9690573BEE8A} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> No action taken.

Infikované položky registračných dát:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> No action taken.

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> No action taken.
c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> No action taken.
c:\program files\youtube downloader toolbar\IE\4.3\youtubedownloadertoolbarie.dll (PUP.Dealio) -> No action taken.
c:\nero-8\Keygen\keygen.exe (Trojan.Agent) -> No action taken.
c:\program files\youtube downloader toolbar\widgihelper.exe (PUP.Dealio) -> No action taken.
c:\system volume information\_restore{05b967c1-5f36-4dc9-b16f-20e87c77ab00}\RP211\A0075987.rbf (PUP.Dealio) -> No action taken.
c:\system volume information\_restore{05b967c1-5f36-4dc9-b16f-20e87c77ab00}\RP217\A0076989.exe (PUP.Fbsearch) -> No action taken.
c:\system volume information\_restore{05b967c1-5f36-4dc9-b16f-20e87c77ab00}\RP217\A0076999.exe (PUP.Fbsearch) -> No action taken.
c:\system volume information\_restore{05b967c1-5f36-4dc9-b16f-20e87c77ab00}\RP217\A0077005.exe (PUP.Fbsearch) -> No action taken.
c:\system volume information\_restore{05b967c1-5f36-4dc9-b16f-20e87c77ab00}\RP226\A0078953.exe (Worm.Koobface) -> No action taken.
c:\system volume information\_restore{05b967c1-5f36-4dc9-b16f-20e87c77ab00}\RP226\A0078954.exe (Worm.Koobface) -> No action taken.
c:\system volume information\_restore{05b967c1-5f36-4dc9-b16f-20e87c77ab00}\RP226\A0078955.exe (Worm.Koobface) -> No action taken.
d:\system volume information\_restore{63e01208-e4fd-4967-9334-249e697fad51}\RP20\A0039254.exe (Worm.Magania) -> No action taken.
d:\system volume information\_restore{63e01208-e4fd-4967-9334-249e697fad51}\RP20\A0039304.exe (Worm.Magania) -> No action taken.
d:\system volume information\_restore{63e01208-e4fd-4967-9334-249e697fad51}\RP20\A0039335.exe (Worm.Magania) -> No action taken.
d:\system volume information\_restore{63e01208-e4fd-4967-9334-249e697fad51}\RP20\A0039387.exe (Worm.AutoRun) -> No action taken.
d:\system volume information\_restore{63e01208-e4fd-4967-9334-249e697fad51}\RP20\A0039455.exe (Worm.AutoRun) -> No action taken.
d:\zaloha\nová složka\Crack\keygen\ea games generic multi-keygen (22.03.2008) 168.exe (Trojan.Orsam) -> No action taken.
c:\rest.cmd (Trojan.Agent) -> No action taken.
c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> No action taken.


p.s. mozes mi este poradit kore programi ktore sa spustaju pri starte mozem vypnut?

Re: prosim o kontrolu

Napsal: 05 bře 2011 22:39
od Roli
Ty zbytečné programy po Startu ještě pořešíme nejdříve odstraníme ty šmejdy, jen mi to pak připomeň.

To co Mbam našel nech smazat.


Šmejdy v System Volume Information odstraníš podle TOHOTO návodu.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

Re: prosim o kontrolu

Napsal: 06 bře 2011 10:54
od lubkomir
ComboFix 11-03-05.01 - Lubo . 03. 2011 17:33:05.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.502.146 [GMT 1:00]
Spuštěný z: c:\documents and settings\Lubo\Plocha\ComboFix.exe
AV: ESET Smart Security 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Default User\xmlUpdater.exe
c:\documents and settings\Lubo\xmlUpdater.exe
C:\mtwb.dat
c:\program files\Search Guard Plus
c:\program files\Search Guard Plus\fbsProtection.xml
c:\program files\Search Guard Plus\fbsSearchProvider.xml
c:\program files\Search Guard Plus\FbsSearchProviderIE8.exe
c:\program files\Search Guard Plus\SearchGuardPlus.ico
c:\program files\Search Guard Plus\uninstalSGP.exe
c:\program files\Search Guard PlusU
c:\program files\Search Guard PlusU\SGPU.ico
c:\program files\Search Guard PlusU\sgpUpdater.exe
c:\program files\Search Guard PlusU\sgpUpdater.xml
c:\program files\Search Guard PlusU\uninstalSGPU.exe
c:\program files\SGPSA
c:\program files\SGPSA\BHO.dll
c:\program files\SGPSA\SearchAssistant.dll
c:\program files\YouTube Downloader Toolbar\IE\4.3\yoUTubedownloadertoolbarie.dll
c:\windows\system32\config\systemprofile\xmlUpdater.exe
D:\install.exe
.
c:\windows\regedit.exe . . . je infikován!!
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
-------\Service_AVPsys
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-01 do 2011-03-01 )))))))))))))))))))))))))))))))
.
.
2011-03-01 17:10 . 2011-03-01 17:10 -------- d-----w- c:\program files\CCleaner
2011-03-01 16:34 . 2011-03-01 16:34 -------- d-----w- c:\program files\trend micro
2011-03-01 16:34 . 2011-03-01 16:34 -------- d-----w- C:\rsit
2011-03-01 16:27 . 2011-03-01 16:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-03-01 16:27 . 2011-03-01 16:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-01 16:27 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-01 16:17 . 2011-03-01 16:17 -------- d-----w- c:\documents and settings\Lubo\Data aplikací\MiniDm
2011-02-25 16:09 . 2011-02-25 16:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SME Kuramatic
2011-02-25 16:09 . 2011-02-25 16:09 -------- d-----w- c:\program files\SME Kuramatic
2011-02-25 15:41 . 2011-02-25 15:41 -------- d-----w- c:\program files\ICQ6Toolbar
2011-02-25 15:41 . 2011-02-25 15:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ICQ
2011-02-25 15:40 . 2011-02-26 08:03 -------- d-----w- c:\documents and settings\Lubo\Data aplikací\ICQ
2011-02-25 15:40 . 2011-02-25 16:16 -------- d-----w- c:\program files\ICQ7.4
2011-02-22 00:09 . 2011-02-18 09:50 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-02-22 00:01 . 2011-02-22 00:01 -------- d-----w- c:\documents and settings\LocalService\Plocha
2011-02-21 23:44 . 2011-02-18 09:50 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-02-21 23:44 . 2011-02-21 23:44 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-02-21 23:40 . 2011-02-21 23:40 -------- d-----w- c:\documents and settings\Lubo\Local Settings\Data aplikací\Sunbelt Software
2011-02-21 23:38 . 2011-02-21 23:39 -------- dc-h--w- c:\documents and settings\All Users\Data aplikací\{3D8A16C3-37D5-4543-A6B3-D545F952AD73}
2011-02-21 23:37 . 2011-02-21 23:39 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2011-02-21 23:37 . 2011-02-21 23:37 -------- d-----w- c:\program files\Lavasoft
2011-02-21 22:39 . 2011-02-09 18:10 51144 ----a-w- c:\windows\system32\drivers\Soluto.sys
2011-02-21 22:39 . 2011-02-21 22:39 -------- d-----w- c:\documents and settings\All Users\Soluto
2011-02-21 22:39 . 2011-02-21 22:40 -------- d-----w- c:\program files\Soluto
2011-02-21 22:28 . 2011-03-01 16:11 -------- d-----w- c:\windows\SxsCaPendDel
2011-02-21 22:18 . 2011-02-21 23:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Soluto
2011-02-21 15:40 . 2011-02-21 15:40 -------- d-----w- c:\program files\Common Files\Java
2011-02-15 19:41 . 2011-02-15 19:41 -------- d-----w- c:\documents and settings\Lubo\Data aplikací\YouTube Downloader
2011-02-15 19:27 . 2011-02-15 19:27 -------- d-----w- c:\documents and settings\Lubo\Data aplikací\Search Settings
2011-02-15 19:27 . 2011-02-15 19:27 -------- d-----w- c:\program files\Application Updater
2011-02-15 19:27 . 2011-02-15 19:27 -------- d-----w- c:\program files\YouTube Downloader Toolbar
2011-02-15 19:27 . 2011-02-15 19:27 -------- d-----w- c:\program files\Common Files\Spigot
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-02 20:40 . 2010-09-14 19:14 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2009-08-31 18:24 73728 ----a-w- c:\windows\system32\javacpl.cpl
.
.
------- Sigcheck -------
.
[-] 2008-08-15 19:42 . A23DF7213FE43F712F27A74DBCA5222B . 1593856 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
.
[-] 2008-08-15 . 12A799AD9415AE9C8ABCC5F75E9CF034 . 557056 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
[-] 2008-08-15 . 97BF1C54DAF9FF61E897846DC7329CEF . 647680 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2001-10-25 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\InstallTemp\19620\comctl32.dll
[7] 2001-10-25 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\InstallTemp\19646\comctl32.dll
[7] 2001-10-25 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[-] 2008-08-15 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
.
[-] 2008-08-15 . F0C7CFFD1165068388311C793E32C4CC . 1482240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
.
[-] 2008-07-28 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
[-] 2008-08-15 . 94927BB89A6825C4A5952A2BF78F027B . 40960 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
[-] 2008-07-28 21:27 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
.
[-] 2008-08-15 . FA0FB276ECE342EA4CA6152AAD1DD561 . 2227840 . . [5.1.2600.5512] . . c:\windows\system32\ntkrnlpa.exe
.
[-] 2008-08-15 . 0177C8C4A571846C1FE31019C83E44BA . 2350976 . . [5.1.2600.5512] . . c:\windows\system32\ntoskrnl.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"VisualTaskTips"="c:\program files\VisualTaskTips\VisualTaskTips.exe" [2008-08-15 65536]
"ViOrb"="c:\program files\extra\ViOrb\ViOrb.exe" [2008-06-15 167936]
"True transparacy"="c:\program files\extra\True Transparency\TrueTransparency.exe" [2008-06-24 372224]
"TransBar"="c:\program files\extra\TransBar\TransBar.exe" [2005-06-01 93696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-07-01 1447168]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-04-14 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-04-14 602182]
"EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2006-04-14 569413]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2006-04-19 65536]
"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480]
"LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2005-03-16 204800]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2006-04-20 86016]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-01-28 526336]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-08-15 40960]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2008-04-23 124928]
.
c:\documents and settings\Lubo\Nabˇdka Start\Programy\Po spuçtŘnˇ\
PMB Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2010-2-5 333088]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]
2009-02-26 16:04 2376992 ----a-w- c:\program files\Nokia\Nokia Music\NokiaMusic.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-08-23 19:25 98304 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IEPro\\MiniDM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\HRY\\fm\\fm.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Lubo\\Dokumenty\\Stažené soubory\\solutoinstaller.exe"=
"c:\\Program Files\\Soluto\\Soluto.exe"=
"c:\\Program Files\\Soluto\\SolutoService.exe"=
"c:\\Program Files\\Soluto\\SolutoConsole.exe"=
"c:\\Program Files\\Soluto\\SolutoUpdateService.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17660:TCP"= 17660:TCP:BitComet 17660 TCP
"17660:UDP"= 17660:UDP:BitComet 17660 UDP
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [22. 2. 2011 0:44 64512]
R0 Soluto;Soluto;c:\windows\system32\drivers\Soluto.sys [21. 2. 2011 23:39 51144]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [30. 8. 2009 11:38 721904]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [28. 1. 2011 17:10 387072]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14. 7. 2008 6:23 468224]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18. 2. 2011 10:50 1405384]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [9. 2. 2011 19:30 311328]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3. 11. 2006 15:49 13592]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [18. 2. 2011 10:50 15232]
S1 mailKmd;mailKmd; [x]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2008-04-23 04:16 124928 ----a-w- c:\windows\system32\advpack.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-01 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-02-18 09:50]
.
2011-03-01 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 14:50]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uInternet Connection Wizard,ShellNext = hxxp://dt-updates.com/activate?query=Yq%2f0nIp4fUyC1QVS4ROjhxPtHeuL84dh0Ep3mpY6yXTSVlzp3384gP1WEwF8Snbhezb%2f9YwFtWXcDqfhwm9bWRJENP8xGkOLd3Gku6vI7XVQ66NhIYvHYmvDPQz6tnzR4LX0Ohlfdu8eVpi%2bcqez1f6KLppzphvbj%2fBA47RVXpNVAWmSYD8ff0sVTIdtaSz5P1j%2fROnEHLNN4D%2bTmsvypJkbSlDz1mW7TQ4rM5JGqLQANykyFwZJIvtlOEVEl3Y8LXExA5NWpqEuziB2EJT1FooCI8PVAMhvNMzXBbRUw6w%3d
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
FF - ProfilePath - c:\documents and settings\Lubo\Data aplikací\Mozilla\Firefox\Profiles\3mvc2rk0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/resul ... EF&v=19&q=
FF - prefs.js: browser.search.selectedEngine - Fast Browser Search
FF - prefs.js: browser.startup.homepage - www.spisskanovaves.eu
FF - prefs.js: keyword.URL - hxxp://www.fastbrowsersearch.com/results/resul ... C2F3CE}&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-Device Detection - c:\program files\HappyFoto\HF Designer\dd.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-01 17:13
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
"OOBETimer"=hex:ff,d5,71,d6,8b,6a,8d,6f,d5,33,93,fd
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1128)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(1184)
c:\windows\system32\SETUPAPI.dll
.
- - - - - - - > 'explorer.exe'(2064)
c:\windows\system32\SHDOCVW.dll
c:\program files\extra\True Transparency\TrueTransparencyHook.dll
c:\program files\VisualTaskTips\VttHooks.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\program files\extra\ViOrb\StartHook.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
c:\windows\system32\msi.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\progra~1\Intel\Wireless\Bin\Dot1XCfg.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Celkový čas: 2011-03-01 17:20:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-01 16:20
.
Před spuštěním: 7 108 083 712
Po spuštění: 7 004 524 544
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - D54E7C1F1380A517DD7394D21DBB1937

Re: prosim o kontrolu

Napsal: 06 bře 2011 18:23
od Roli
Stáhni SystemLook

spusť aplikaci a do otevřeného okna zkopíruj :

Kód: Vybrat vše

:filefind
regedit.exe
pak klik na Look aplikace vytvoří SystemLook.txt jeho obsah mi sem zkopíruj.

Re: prosim o kontrolu

Napsal: 06 bře 2011 20:02
od lubkomir
vyskoci mi hlasenie:
Vstupni bod procedury MSVCR80._except_handler4_common se nepodarilo v dynamicky propojovane knihovne vmsvcrt.dll nalezt. A ked dam ok ta sa nic ine nestane.

Re: prosim o kontrolu

Napsal: 07 bře 2011 20:23
od Roli
No tak jinak.

Stáhni TENHLE soubor a ulož ho na Místní disk C:ne jinam.


Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

FCopy::
c:\regedit.exe | c:\windows\regedit.exe

Folder::
c:\program files\ICQ6Toolbar
c:\documents and settings\Lubo\Data aplikací\Search Settings

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings"=-
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Re: prosim o kontrolu

Napsal: 07 bře 2011 21:40
od lubkomir
ComboFix 11-03-07.02 - Lubo . 03. 2011 11:22:05.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.502.275 [GMT 1:00]
Spuštěný z: c:\documents and settings\Lubo\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Lubo\Plocha\CFScript.txt
AV: ESET Smart Security 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Lubo\Data aplikací\Search Settings
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\ICQ6Toolbar\voucher.bmp
c:\program files\ICQ6Toolbar\voucher2.bmp
c:\windows\system32\LogFiles . . . . nemohl být smazán
c:\windows\system32\LogFiles\WUDF\WUDFTrace.etl . . . . nemohl být smazán
.
c:\windows\regedit.exe . . . je infikován!!
.
.
--------------- FCopy ---------------
.
c:\regedit.exe --> c:\windows\regedit.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-06 do 2011-03-06 )))))))))))))))))))))))))))))))
.
.
2011-03-06 10:09 . 2011-03-06 10:10 -------- d-----w- c:\program files\ICQ7.4
2011-03-06 10:08 . 2011-03-06 10:08 146432 ------w- C:\regedit.exe
2011-03-01 17:10 . 2011-03-01 17:10 -------- d-----w- c:\program files\CCleaner
2011-03-01 16:34 . 2011-03-01 16:34 -------- d-----w- c:\program files\trend micro
2011-03-01 16:34 . 2011-03-01 16:34 -------- d-----w- C:\rsit
2011-03-01 16:27 . 2011-03-01 16:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-03-01 16:27 . 2011-03-01 16:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-01 16:27 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-01 16:17 . 2011-03-01 16:17 -------- d-----w- c:\documents and settings\Lubo\Data aplikací\MiniDm
2011-02-25 16:09 . 2011-02-25 16:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SME Kuramatic
2011-02-25 16:09 . 2011-02-25 16:09 -------- d-----w- c:\program files\SME Kuramatic
2011-02-25 15:41 . 2011-03-06 10:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ICQ
2011-02-25 15:40 . 2011-03-06 10:10 -------- d-----w- c:\documents and settings\Lubo\Data aplikací\ICQ
2011-02-22 00:09 . 2011-02-18 09:50 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-02-22 00:01 . 2011-02-22 00:01 -------- d-----w- c:\documents and settings\LocalService\Plocha
2011-02-21 23:44 . 2011-02-18 09:50 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-02-21 23:44 . 2011-02-21 23:44 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-02-21 23:40 . 2011-02-21 23:40 -------- d-----w- c:\documents and settings\Lubo\Local Settings\Data aplikací\Sunbelt Software
2011-02-21 23:38 . 2011-02-21 23:39 -------- dc-h--w- c:\documents and settings\All Users\Data aplikací\{3D8A16C3-37D5-4543-A6B3-D545F952AD73}
2011-02-21 23:37 . 2011-02-21 23:39 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Lavasoft
2011-02-21 23:37 . 2011-02-21 23:37 -------- d-----w- c:\program files\Lavasoft
2011-02-21 22:39 . 2011-02-21 22:39 -------- d-----w- c:\documents and settings\All Users\Soluto
2011-02-21 22:28 . 2011-03-01 16:11 -------- d-----w- c:\windows\SxsCaPendDel
2011-02-21 22:18 . 2011-03-06 10:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Soluto
2011-02-21 15:40 . 2011-02-21 15:40 -------- d-----w- c:\program files\Common Files\Java
2011-02-15 19:41 . 2011-02-15 19:41 -------- d-----w- c:\documents and settings\Lubo\Data aplikací\YouTube Downloader
2011-02-15 19:27 . 2011-02-15 19:27 -------- d-----w- c:\program files\Application Updater
2011-02-15 19:27 . 2011-02-15 19:27 -------- d-----w- c:\program files\YouTube Downloader Toolbar
2011-02-15 19:27 . 2011-02-15 19:27 -------- d-----w- c:\program files\Common Files\Spigot
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-06 10:08 . 2008-04-14 06:52 146432 ----a-w- c:\windows\regedit.exe
2011-02-02 20:40 . 2010-09-14 19:14 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 18:19 . 2009-08-31 18:24 73728 ----a-w- c:\windows\system32\javacpl.cpl
.
.
------- Sigcheck -------
.
[-] 2008-08-15 19:42 . A23DF7213FE43F712F27A74DBCA5222B . 1593856 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
.
[-] 2008-08-15 . 12A799AD9415AE9C8ABCC5F75E9CF034 . 557056 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
[-] 2008-08-15 . 97BF1C54DAF9FF61E897846DC7329CEF . 647680 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2001-10-25 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\InstallTemp\19620\comctl32.dll
[7] 2001-10-25 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\InstallTemp\19646\comctl32.dll
[7] 2001-10-25 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[-] 2008-08-15 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
.
[-] 2008-08-15 . F0C7CFFD1165068388311C793E32C4CC . 1482240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
.
[-] 2008-07-28 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
[-] 2008-08-15 . 94927BB89A6825C4A5952A2BF78F027B . 40960 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
[-] 2008-07-28 21:27 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
.
[-] 2008-08-15 . FA0FB276ECE342EA4CA6152AAD1DD561 . 2227840 . . [5.1.2600.5512] . . c:\windows\system32\ntkrnlpa.exe
.
[-] 2008-08-15 . 0177C8C4A571846C1FE31019C83E44BA . 2350976 . . [5.1.2600.5512] . . c:\windows\system32\ntoskrnl.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" [2011-03-01 119608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"VisualTaskTips"="c:\program files\VisualTaskTips\VisualTaskTips.exe" [2008-08-15 65536]
"ViOrb"="c:\program files\extra\ViOrb\ViOrb.exe" [2008-06-15 167936]
"True transparacy"="c:\program files\extra\True Transparency\TrueTransparency.exe" [2008-06-24 372224]
"TransBar"="c:\program files\extra\TransBar\TransBar.exe" [2005-06-01 93696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-07-01 1447168]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-04-14 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-04-14 602182]
"EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2006-04-14 569413]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2006-04-19 65536]
"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480]
"LMgrOSD"="c:\program files\Launch Manager\OSD.exe" [2005-03-16 204800]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2006-04-20 86016]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 570664]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-08-15 40960]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2008-04-23 124928]
.
c:\documents and settings\Lubo\Nabˇdka Start\Programy\Po spuçtŘnˇ\
PMB Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe [2010-2-5 333088]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]
2009-02-26 16:04 2376992 ----a-w- c:\program files\Nokia\Nokia Music\NokiaMusic.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-08-23 19:25 98304 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IEPro\\MiniDM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\HRY\\fm\\fm.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17660:TCP"= 17660:TCP:BitComet 17660 TCP
"17660:UDP"= 17660:UDP:BitComet 17660 UDP
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [22. 2. 2011 0:44 64512]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [30. 8. 2009 11:38 721904]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [28. 1. 2011 17:10 387072]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14. 7. 2008 6:23 468224]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18. 2. 2011 10:50 1405384]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3. 11. 2006 15:49 13592]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [18. 2. 2011 10:50 15232]
S1 mailKmd;mailKmd; [x]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2008-04-23 04:16 124928 ----a-w- c:\windows\system32\advpack.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-06 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-02-18 09:50]
.
2011-03-06 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 14:50]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uInternet Connection Wizard,ShellNext = hxxp://dt-updates.com/activate?query=Yq%2f0nIp4fUyC1QVS4ROjhxPtHeuL84dh0Ep3mpY6yXTSVlzp3384gP1WEwF8Snbhezb%2f9YwFtWXcDqfhwm9bWRJENP8xGkOLd3Gku6vI7XVQ66NhIYvHYmvDPQz6tnzR4LX0Ohlfdu8eVpi%2bcqez1f6KLppzphvbj%2fBA47RVXpNVAWmSYD8ff0sVTIdtaSz5P1j%2fROnEHLNN4D%2bTmsvypJkbSlDz1mW7TQ4rM5JGqLQANykyFwZJIvtlOEVEl3Y8LXExA5NWpqEuziB2EJT1FooCI8PVAMhvNMzXBbRUw6w%3d
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
FF - ProfilePath - c:\documents and settings\Lubo\Data aplikací\Mozilla\Firefox\Profiles\3mvc2rk0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.fastbrowsersearch.com/results/resul ... EF&v=19&q=
FF - prefs.js: browser.search.selectedEngine - Fast Browser Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://www.fastbrowsersearch.com/results/resul ... C2F3CE}&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-SolutoService
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-06 11:00
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
"OOBETimer"=hex:ff,d5,71,d6,8b,6a,8d,6f,d5,33,93,fd
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1132)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(1188)
c:\windows\system32\SETUPAPI.dll
.
- - - - - - - > 'explorer.exe'(2860)
c:\windows\system32\SHDOCVW.dll
c:\program files\extra\True Transparency\TrueTransparencyHook.dll
c:\program files\VisualTaskTips\VttHooks.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\program files\extra\ViOrb\StartHook.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\msi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\RTHDCPL.EXE
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\progra~1\Intel\Wireless\Bin\Dot1XCfg.exe
c:\progra~1\ICQ7.4\ICQ.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Celkový čas: 2011-03-06 11:07:59 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-06 10:07
ComboFix2.txt 2011-03-01 16:20
.
Před spuštěním: 7 482 540 032
Po spuštění: 7 475 302 400
.
- - End Of File - - EBA755779157A4BBDA080D098CEE6D1B

ale zaroven vyhodilo aj hlasku:

notepad.exe - soucast nelze najit

Aplikace nemohla byt spustena, pretoze sucast vADVAPI32.dll nelze najit. Potize pravdepodobne odstranite opatovnou instalaci aplikacie.

Re: prosim o kontrolu

Napsal: 07 bře 2011 22:01
od Roli
Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak použij CureIt z mého podpisu a dej vědět jak to dopadlo.

Re: prosim o kontrolu

Napsal: 09 bře 2011 20:17
od lubkomir
vypisalo mi ze ComboFix Uninstall nemoze najst

Re: prosim o kontrolu

Napsal: 09 bře 2011 20:39
od Roli
Ono to musí být naprosto přesně :

ComboFixmezera/Uninstall

proto pišu, zkopíruj do okna.

Re: prosim o kontrolu

Napsal: 09 bře 2011 21:54
od lubkomir
Velmi pekne dakujem.

Nenaslo ziadne virusy.

Este sa opytam jednu vec ... akosi mi zbůbli hodiny vo windowse ... napr. je 11:59 a potom neskoci 12:00 ale 11:00 ... a tak je to zacyklene.

Este raz DAKUJEM.

Re: prosim o kontrolu

Napsal: 09 bře 2011 22:11
od Roli
Jdi přes Start >> Ovládací panely >> Datum a čas

všechny karty překontroluj zda je vše jak má být a na kartě Čas v internetu,

zaškrtni Automaticky synchronizovat s .................

Jinak mě nic chytřejšího co s tím časem nenapadá.


Ještě mi sem dej aktuální log z Rsit, mrknu co se zbytečně spouští po Startu.

Re: prosim o kontrolu

Napsal: 10 bře 2011 20:47
od lubkomir
Logfile of random's system information tool 1.08 (written by random/random)
Run by Lubo at 2011-03-09 17:29:55
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 9 GB (46%) free of 20 GB
Total RAM: 502 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:30:09, on 9. 3. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\VisualTaskTips\VisualTaskTips.exe
C:\Program Files\extra\ViOrb\ViOrb.exe
C:\Program Files\extra\True Transparency\TrueTransparency.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\ICQ7.4\ICQ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Lubo\Dokumenty\Preberanie\RSIT.exe
C:\Program Files\trend micro\Lubo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://dt-updates.com/activate?query=Yq ... BbRUw6w%3d
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: QT Breadcrumbs Address Bar - {af83e43c-dd2b-4787-826b-31b17dee52ed} - mscoree.dll (file missing)
O3 - Toolbar: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [VisualTaskTips] C:\Program Files\VisualTaskTips\VisualTaskTips.exe
O4 - HKLM\..\Run: [ViOrb] C:\Program Files\extra\ViOrb\ViOrb.exe
O4 - HKLM\..\Run: [True transparacy] C:\Program Files\extra\True Transparency\TrueTransparency.exe
O4 - HKLM\..\Run: [TransBar] C:\Program Files\extra\TransBar\TransBar.exe /S
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: PMB Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 11069 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2008-05-20 736360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-02 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{af83e43c-dd2b-4787-826b-31b17dee52ed} - QT Breadcrumbs Address Bar - C:\WINDOWS\system32\mscoree.dll [2008-07-25 282112]
{1BB22D38-A411-4B13-A746-C2A4F4EC7344}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"VisualTaskTips"=C:\Program Files\VisualTaskTips\VisualTaskTips.exe [2008-08-15 65536]
"ViOrb"=C:\Program Files\extra\ViOrb\ViOrb.exe [2008-06-15 167936]
"True transparacy"=C:\Program Files\extra\True Transparency\TrueTransparency.exe [2008-06-24 372224]
"TransBar"=C:\Program Files\extra\TransBar\TransBar.exe [2005-06-01 93696]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-07-01 1447168]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2006-04-14 667718]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2006-04-14 602182]
"EOUApp"=C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe [2006-04-14 569413]
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-07-25 32768]
"HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2006-04-19 65536]
"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2003-09-16 20480]
"LMgrOSD"=C:\Program Files\Launch Manager\OSD.exe [2005-03-16 204800]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2006-04-20 86016]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-07-19 94208]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-07-19 114688]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-02-28 570664]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-07-19 77824]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"ICQ"=C:\Program Files\ICQ7.4\ICQ.exe [2011-03-01 119608]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-08-15 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia FastStart]
C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe [2009-02-26 2376992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-08-23 98304]

C:\Documents and Settings\Lubo\Nabídka Start\Programy\Po spuštění
PMB Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-07-19 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-07-28 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\HRY\fm\fm.exe"="D:\HRY\fm\fm.exe:*:Enabled:Football Manager 2009"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\aol\ACS\AOLacsd.exe"="C:\Program Files\Common Files\aol\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\aol\ACS\AOLDial.exe"="C:\Program Files\Common Files\aol\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

======List of files/folders created in the last 1 months======

2011-03-09 17:29:57 ----D---- C:\Program Files\trend micro
2011-03-09 17:29:55 ----D---- C:\rsit
2011-03-09 12:51:13 ----SHD---- C:\Config.Msi
2011-03-09 12:44:38 ----SHD---- C:\RECYCLER
2011-03-06 11:09:50 ----D---- C:\Program Files\ICQ7.4
2011-03-06 11:08:20 ----N---- C:\regedit.exe
2011-03-01 18:10:31 ----D---- C:\Program Files\CCleaner
2011-03-01 17:31:50 ----A---- C:\Boot.bak
2011-03-01 17:31:41 ----RASHD---- C:\cmdcons
2011-03-01 17:28:18 ----D---- C:\Documents and Settings\Lubo\Data aplikací\Malwarebytes
2011-03-01 17:28:00 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-03-01 17:27:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-03-01 17:27:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-03-01 17:27:56 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-03-01 17:22:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2011-03-01 17:17:09 ----D---- C:\Documents and Settings\Lubo\Data aplikací\MiniDm
2011-02-25 17:09:50 ----A---- C:\WINDOWS\chicksme.ini
2011-02-25 17:09:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\SME Kuramatic
2011-02-25 17:09:45 ----D---- C:\Program Files\SME Kuramatic
2011-02-25 16:41:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2011-02-25 16:40:28 ----D---- C:\Documents and Settings\Lubo\Data aplikací\ICQ
2011-02-22 00:44:01 ----A---- C:\WINDOWS\system32\drivers\SBREDrv.sys
2011-02-22 00:37:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2011-02-21 23:50:03 ----A---- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
2011-02-21 23:35:35 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2011-02-21 23:28:34 ----D---- C:\WINDOWS\SxsCaPendDel
2011-02-21 23:18:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Soluto
2011-02-21 16:40:53 ----D---- C:\Program Files\Common Files\Java
2011-02-21 16:39:36 ----A---- C:\WINDOWS\system32\javaws.exe
2011-02-21 16:39:36 ----A---- C:\WINDOWS\system32\javaw.exe
2011-02-21 16:39:35 ----A---- C:\WINDOWS\system32\java.exe
2011-02-15 20:41:37 ----D---- C:\Documents and Settings\Lubo\Data aplikací\YouTube Downloader
2011-02-15 20:27:03 ----D---- C:\Program Files\Application Updater
2011-02-15 20:27:02 ----D---- C:\Program Files\YouTube Downloader Toolbar
2011-02-15 20:27:02 ----D---- C:\Program Files\Common Files\Spigot

======List of files/folders modified in the last 1 months======

2011-03-09 17:29:57 ----RD---- C:\Program Files
2011-03-09 12:51:13 ----SHD---- C:\WINDOWS\Installer
2011-03-09 12:50:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-03-09 12:50:20 ----D---- C:\WINDOWS\system32
2011-03-09 12:42:12 ----D---- C:\WINDOWS\Prefetch
2011-03-09 12:21:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-09 12:07:16 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-09 12:07:06 ----D---- C:\WINDOWS\system32\drivers
2011-03-09 11:58:34 ----D---- C:\WINDOWS
2011-03-09 11:57:53 ----SD---- C:\WINDOWS\Tasks
2011-03-09 11:55:00 ----D---- C:\WINDOWS\Temp
2011-03-06 11:49:42 ----RSD---- C:\WINDOWS\assembly
2011-03-06 11:45:18 ----D---- C:\Program Files\Mozilla Firefox
2011-03-06 11:25:01 ----D---- C:\WINDOWS\AppPatch
2011-03-06 11:24:58 ----D---- C:\Program Files\Common Files
2011-03-06 11:08:24 ----A---- C:\WINDOWS\regedit.exe
2011-03-06 11:00:32 ----A---- C:\WINDOWS\system.ini
2011-03-06 11:00:18 ----D---- C:\WINDOWS\system32\drivers\etc
2011-03-06 10:59:16 ----D---- C:\WINDOWS\Media
2011-03-01 17:40:03 ----D---- C:\WINDOWS\system32\config
2011-03-01 17:31:50 ----RASH---- C:\boot.ini
2011-03-01 17:28:09 ----D---- C:\Program Files\Mozilla Thunderbird
2011-03-01 17:17:15 ----D---- C:\WINDOWS\Debug
2011-03-01 17:17:14 ----D---- C:\WINDOWS\Minidump
2011-03-01 12:34:18 ----D---- C:\Program Files\VistaExperience.org
2011-03-01 12:31:20 ----HD---- C:\WINDOWS\inf
2011-03-01 12:30:15 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-01 12:30:15 ----D---- C:\Documents and Settings\Lubo\Data aplikací\Samsung
2011-03-01 12:25:56 ----RSD---- C:\WINDOWS\Fonts
2011-02-25 13:20:36 ----A---- C:\WINDOWS\NeroDigital.ini
2011-02-22 01:49:16 ----D---- C:\WINDOWS\Microsoft.NET
2011-02-22 00:37:32 ----D---- C:\WINDOWS\WinSxS
2011-02-21 23:55:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-21 23:35:07 ----D---- C:\WINDOWS\system32\XPSViewer
2011-02-21 23:35:06 ----D---- C:\WINDOWS\system32\cs-cz
2011-02-21 23:31:16 ----D---- C:\WINDOWS\system32\en-us
2011-02-21 23:27:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-02-21 23:25:41 ----D---- C:\Program Files\Internet Explorer
2011-02-21 16:39:25 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-07-04 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-08-30 721904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-07-01 53256]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-07-01 54280]
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-08-24 21275]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-07-01 71688]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-04-14 13568]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-07-01 30728]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-07-19 1049180]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-08-15 12160]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-12-02 70912]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2008-01-07 2216064]
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []
S3 anyxticy;anyxticy; C:\WINDOWS\system32\drivers\anyxticy.sys []
S3 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-07-01 39944]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-07-28 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-01-28 387072]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2008-07-14 468224]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-04-14 114753]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-04-14 217164]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-04-14 540745]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-07-01 19200]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-23 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.08 2011-03-09 17:30:14

======Uninstall list======

-->C:\Program Files\InstallShield Installation Information\{36C41D70-56F5-4E2B-81DA-6BEB7502D7A1}\setup.exe -runfromtemp -l0x0009 -removeonly
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {3C3813E1-C370-4F32-9639-8B43C7C780CD}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {F67648A4-713E-4298-BBAD-A83D8283B0F3}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {2659571A-3405-4486-B7D8-2F125BC0E3B2}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Adobe Reader 8.1.0 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A81000000003}
Aktualizace zabezpečení systému Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Alky for Applications (Windows XP)-->MsiExec.exe /X{BB05D173-9681-4812-A7FA-BD4042A3DA00}
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
ESET Smart Security-->MsiExec.exe /I{667A316D-2841-4A37-8930-D358CCBAE3BA}
Football Manager 2009-->"D:\HRY\fm\Uninstall_Football Manager 2009\Uninstall Football Manager 2009.exe"
Happy Foto Asistent (Len odstrániť)-->"C:\Program Files\HappyFoto\HfAsistentSlk\uninstall.exe"
HF Designer-->"C:\Program Files\HappyFoto\HF Designer\unins000.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
ICQ7.4-->"C:\Program Files\InstallShield Installation Information\{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
IE7Pro-->C:\Program Files\IEPro\uninst.exe
Intel(R) Graphics Media Accelerator Driver for Mobile-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
K-Lite Mega Codec Pack 4.1.4-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Launch Manager V1.2.9-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D0846526-66DD-4DC9-A02C-98F9A2806812}\Setup.exe" -l0x9 -uninst
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
Leawo PowerPoint to Video Free version 1.9.0.48-->"C:\Program Files\Leawo\PowerPoint to Video Free\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mEoU-->MsiExec.exe /I{B502B428-3386-40A9-98DB-079AAB72E64F}
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2007 Recent Documents Gadget-->MsiExec.exe /X{90120000-008A-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ Run Time Lib Setup-->MsiExec.exe /X{AAF4238F-7C29-451D-9925-C753271A5728}
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (3.6.15)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mXML-->MsiExec.exe /I{9CC89556-3578-48DD-8408-04E66EBEF401}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Nero 8-->MsiExec.exe /X{D6D5CB84-0E6E-4E69-B300-C690B6911029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{82427977-8776-4087-90CA-9F65174D3C4D}
Nokia Flashing Cable Driver-->MsiExec.exe /X{A4E0CA0F-1903-440A-9B98-FEA6CB049999}
Nokia Map Loader-->MsiExec.exe /I{45D4F727-43B5-49CD-B474-B9866A8F4FB8}
Nokia Maps Updater 1.0.10-->"C:\Program Files\Nokia\Nokia Maps Updater\Uninstall Information\unins000.exe"
Nokia Music-->MsiExec.exe /I{BEC99D86-1D70-4AB8-8D15-E116392F9B7D}
Nokia Ovi Application Installer 6.85.3011-->msiexec /qn /x {42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Application Installer-->MsiExec.exe /I{42B74521-4706-412A-9A27-AED12B83E886}
Nokia Ovi Content Copier 6.85.3011-->msiexec /qn /x {6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi Content Copier-->MsiExec.exe /X{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}
Nokia Ovi One Touch Access 6.85.3011-->msiexec /qn /x {4AE48A64-6C6A-4E5A-95FA-55F5131DECF9}
Nokia Ovi One Touch Access-->MsiExec.exe /I{4AE48A64-6C6A-4E5A-95FA-55F5131DECF9}
Nokia Ovi Suite-->MsiExec.exe /I{B5264B25-8908-49BB-A708-5A70DFBF8094}
Nokia Ovi System Utilities 6.85.3016-->msiexec /qn /x {FF34EA62-92C1-41E6-BA64-B2B7ECB53737}
Nokia Ovi System Utilities-->MsiExec.exe /X{FF34EA62-92C1-41E6-BA64-B2B7ECB53737}
Nokia Photos-->MsiExec.exe /I{D3656CE3-0F62-447F-AEF3-9BF29B6197D9}
Nokia Software Updater-->MsiExec.exe /X{2FA28330-2028-4033-BD10-425C87EB4D54}
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
Open Transport Tycoon Deluxe 0.6.3-->D:\HRY\ttd\Uninstal.exe
Oprava Hotfix systému Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
PC Connectivity Solution-->MsiExec.exe /I{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}
Postranní panel systému Windows-->RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,UnInstall
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x5 REMOVE
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Office 2007 (KB947801)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SME Kuramatic 1.4-->"C:\Program Files\SME Kuramatic\unins000.exe"
Software Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
Sony Picture Utility-->C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VisualTaskTips-->rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\VTaskTip.inf,DefaultUninstall
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
YouTube Downloader 2.6.5-->"C:\Program Files\YouTube Downloader\uninstall.exe"
YouTube Downloader Toolbar v4.3-->MsiExec.exe /X{92881120-6DA5-44A3-8BAB-2429A01D022E}
YoWindow-->"C:\Program Files\YoWindow\uninstall.exe"

======Security center information======

AV: ESET Smart Security 3.0 (disabled)
FW: ESET personal firewall

======System event log======

Computer Name: LUBKOMIR
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{EBAD773A-B334-49A4-AF17-D9A7116F9C63} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 43167
Source Name: Tcpip
Time Written: 20110224200724.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{EBAD773A-B334-49A4-AF17-D9A7116F9C63} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 43166
Source Name: Tcpip
Time Written: 20110224200649.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{EBAD773A-B334-49A4-AF17-D9A7116F9C63} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 43165
Source Name: Tcpip
Time Written: 20110224200624.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{EBAD773A-B334-49A4-AF17-D9A7116F9C63} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 43164
Source Name: Tcpip
Time Written: 20110224200619.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{EBAD773A-B334-49A4-AF17-D9A7116F9C63} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.

Record Number: 43163
Source Name: Tcpip
Time Written: 20110224200609.000000+060
Event Type: Informace
User:

=====Application event log=====

Computer Name: LUBKOMIR
Event Code: 105
Message: The service was started.

Record Number: 14388
Source Name: PLFlash DeviceIoControl Service
Time Written: 20101228085732.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 0
Message:
Record Number: 14387
Source Name: Nero BackItUp Scheduler 3
Time Written: 20101228085732.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 0
Message:
Record Number: 14386
Source Name: EvtEng
Time Written: 20101228085719.000000+060
Event Type: Informace
User:

Computer Name: LUBKOMIR
Event Code: 1042
Message: Ukončuji transakci Instalační služby systému Windows: d:\5f333fc23954c5a7b3f14a584ae2f63d\vc_red.msi. ID procesu klienta: 2440.

Record Number: 14385
Source Name: MsiInstaller
Time Written: 20101227222311.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: LUBKOMIR
Event Code: 1029
Message: Produkt: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17. Je nutné restartování. Aby se projevily všechny změny, vyžaduje instalace nebo aktualizace produktu restartování. Restartování bylo odloženo na pozdější dobu.

Record Number: 14384
Source Name: MsiInstaller
Time Written: 20101227222311.000000+060
Event Type: Informace
User: LUBKOMIR\Lubo

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Nokia\PC Connectivity Solution;C:\Program Files\Alky for Applications\Libraries;C:\Program Files\Samsung\Samsung PC Studio 3
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz