VIRY.CZ

Dobrý den,
Prosím o kontrolu logu mého PC. Počítač už jede asi třičtvrtě roku tak jak má, a poslední dobou se semtam zamrzne (sekne) a musím dát tvrdý restart. Předem děkuji za pomoc

Logfile of random's system information tool 1.08 (written by random/random)
Run by Bartman at 2011-04-30 13:19:37
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (11%) free of 153 GB
Total RAM: 2559 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:19:51, on 30.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\Program Files\Cyberlink\Shared files\brs.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\GIGABYTE\Gamer HUD\HUD.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bartman\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Bartman.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKCU\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKCU\..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKCU\..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: GIGABYTE Gamer HUD.lnk = ?
O4 - Startup: Obsah aplikace OneNote.onetoc2
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file:///C:/Program%20Files/AutoCAD%202002%20Cz/InstFred.ocx
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Ovládací prvek AcDcToday) - file:///C:/Program%20Files/AutoCAD%202002%20Cz/AcDcToday.ocx
O16 - DPF: {AE563723-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file:///C:/Program%20Files/AutoCAD%202002%20Cz/InstBanr.ocx
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.co ... 4.21.0.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Prvek AcPreview) - file:///C:/Program%20Files/AutoCAD%202002%20Cz/AcPreview.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Faces of War Drivers Auto Removal (pr2akrnb) (pr2akrnb) - Cenega Czech - C:\WINDOWS\system32\pr2akrnb.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 11065 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{C125B866-6152-48BB-9720-4C62DB57C12C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
&Crawler Toolbar Helper - C:\PROGRA~1\Crawler\ctbr.dll [2011-03-11 1232520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-08-10 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-02-23 814160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-08-10 798771]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\ctbr.dll [2011-03-11 1232520]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-02-23 814160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-11-15 77824]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-02-23 3451496]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-06-02 2176512]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-11-04 1753192]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-01-07 13880424]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-06-02 3037696]
"NvCplDaemon"= []
"QuickTime Task"= []
"OEXPRESS"=C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2010-08-10 26624]
"BDRegion"=C:\Program Files\Cyberlink\Shared files\brs.exe [2009-11-19 75048]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2011-01-07 111208]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""= []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe

C:\Documents and Settings\Bartman\Nabídka Start\Programy\Po spuštění
GIGABYTE Gamer HUD.lnk - C:\Documents and Settings\Bartman\Data aplikací\Microsoft\Installer\{1A3210EE-7494-4879-9270-A721ED7F9947}\HUD.exe1_1A3210EE749448799270A721ED7F9947.exe
Obsah aplikace OneNote.onetoc2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2010-01-14 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2010-01-14 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2010-01-14 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\InterVideo\DVD8\WinDVD.exe"="C:\Program Files\InterVideo\DVD8\WinDVD.exe:*:Disabled:WinDVD"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Ubisoft\THE SETTLERS - Vzestup říše\base\bin\Settlers6.exe"="C:\Program Files\Ubisoft\THE SETTLERS - Vzestup říše\base\bin\Settlers6.exe:*:Enabled:THE SETTLERS - Vzestup říše"
"C:\Program Files\Ubisoft\THE SETTLERS - Vzestup říše\extra1\bin\Settlers6.exe"="C:\Program Files\Ubisoft\THE SETTLERS - Vzestup říše\extra1\bin\Settlers6.exe:*:Enabled:THE SETTLERS - Vzestup říše - Východní království"
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe"="C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0"
"C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe"="C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\AddonWeb.exe:*:Disabled:AddonWeb"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\1C Company\Men of War\mow.exe"="C:\Program Files\1C Company\Men of War\mow.exe:*:Enabled:Main executable"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Deep Silver\Sacred 2 - Gold\system\s2gs.exe"="C:\Program Files\Deep Silver\Sacred 2 - Gold\system\s2gs.exe:*:Enabled:Sacred 2 Game Server"
"C:\Program Files\Deep Silver\Sacred 2 - Gold\system\sacred2.exe"="C:\Program Files\Deep Silver\Sacred 2 - Gold\system\sacred2.exe:*:Enabled:Sacred 2"
"C:\Program Files\League of Legends\Air\LolClient.exe"="C:\Program Files\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby"
"C:\Program Files\League of Legends\Game\League of Legends.exe"="C:\Program Files\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\Documents and Settings\Bartman\Local Settings\Data aplikací\Google\Google Earth\client\googleearth.exe"="C:\Documents and Settings\Bartman\Local Settings\Data aplikací\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\EA Games\Shank\client.exe"="C:\Program Files\EA Games\Shank\client.exe:*:Enabled:Ultima Online Client"
"C:\Program Files\Panzers1\Run\panzers.exe"="C:\Program Files\Panzers1\Run\panzers.exe:*:Enabled:-"
"C:\Program Files\Reality Pump\Two Worlds II\TwoWorlds2.exe"="C:\Program Files\Reality Pump\Two Worlds II\TwoWorlds2.exe:*:Enabled:Two Worlds II"
"C:\Program Files\World of Tanks\World_of_Tanks_closed_Beta\WorldOfTanks.exe"="C:\Program Files\World of Tanks\World_of_Tanks_closed_Beta\WorldOfTanks.exe:*:Enabled:World of Tanks"
"C:\Program Files\Stunlock Studios\Bloodline Champions\Binary\BloodlineChampions.exe"="C:\Program Files\Stunlock Studios\Bloodline Champions\Binary\BloodlineChampions.exe:*:Enabled:Bloodline Champions"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\Gamigo\Black Prophecy Client\BIN\WIN32\BlackProphecy.exe"="C:\Program Files\Gamigo\Black Prophecy Client\BIN\WIN32\BlackProphecy.exe:*:Enabled:Black Prophecy Client"
"C:\Program Files\Gamigo\Black Prophecy Client\BIN\WIN32\Launcher.exe"="C:\Program Files\Gamigo\Black Prophecy Client\BIN\WIN32\Launcher.exe:*:Enabled:Black Prophecy Client Launcher"
"C:\Program Files\Gamigo\Black Prophecy Client\BIN\WIN32\Patcher.exe"="C:\Program Files\Gamigo\Black Prophecy Client\BIN\WIN32\Patcher.exe:*:Enabled:Black Prophecy Client Patcher"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Riot Games\air\LolClient.exe"="C:\Program Files\Riot Games\air\LolClient.exe:*:Enabled:League of Legends Lobby"
"C:\Program Files\Riot Games\game\League of Legends.exe"="C:\Program Files\Riot Games\game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\Program Files\Iron Man\IronMan.exe"="C:\Program Files\Iron Man\IronMan.exe:*:Disabled:A2M Game Engine"
"C:\Program Files\Electronic Arts\Ultima Online Stygian Abyss Classic\client.exe"="C:\Program Files\Electronic Arts\Ultima Online Stygian Abyss Classic\client.exe:*:Enabled:Ultima Online Client"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe"="C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

======File associations======

.scr - open - "C:\WINDOWS\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-04-26 20:28:40 ----D---- C:\Program Files\Valve
2011-04-24 22:46:03 ----D---- C:\Program Files\Electronic Arts
2011-04-24 22:30:52 ----D---- C:\Program Files\EA Games
2011-04-24 13:35:32 ----D---- C:\Documents and Settings\Bartman\Data aplikací\vlc
2011-04-24 13:33:31 ----D---- C:\Program Files\Televize - SychrovNET
2011-04-24 11:59:52 ----A---- C:\WINDOWS\ModemLog_Nokia N97 mini USB Modem.txt
2011-04-22 22:27:37 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\SecuROM
2011-04-22 16:11:40 ----D---- C:\Program Files\QuickTime
2011-04-22 16:11:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2011-04-22 16:10:06 ----D---- C:\Program Files\Apple Software Update
2011-04-22 16:10:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2011-04-19 19:00:24 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2011-04-19 18:51:37 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2011-04-19 18:51:04 ----A---- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2011-04-19 18:51:03 ----A---- C:\WINDOWS\system32\drivers\nmwcdnsu.sys
2011-04-19 18:51:02 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2011-04-19 18:51:02 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2011-04-19 18:51:01 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011-04-19 18:51:00 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2011-04-19 18:51:00 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2011-04-19 18:51:00 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2011-04-19 18:51:00 ----A---- C:\WINDOWS\system32\ccdcmbwu.dll
2011-04-19 18:49:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
2011-04-19 17:51:30 ----D---- C:\Documents and Settings\Bartman\Data aplikací\Nokia Ovi Suite
2011-04-19 11:28:01 ----D---- C:\Program Files\NAMCO BANDAI Games
2011-04-17 19:33:18 ----D---- C:\Program Files\Brave Dwarves Back for Treasures
2011-04-16 11:36:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivoGames
2011-04-16 11:36:26 ----D---- C:\Program Files\Poklady starověké sluje
2011-04-16 11:27:34 ----D---- C:\Documents and Settings\Bartman\Data aplikací\SecretIslandEng
2011-04-16 11:26:38 ----D---- C:\Program Files\Poklady ostrova zahad
2011-04-16 00:24:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-04-16 00:24:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-04-16 00:20:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-04-16 00:09:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-04-16 00:09:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-15 23:55:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-15 23:55:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-15 23:55:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-15 23:53:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-15 23:44:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-04-15 15:50:02 ----D---- C:\Program Files\League of Legends
2011-04-10 13:57:28 ----D---- C:\Program Files\Iron Man
2011-04-07 13:44:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\ERS G-Studio
2011-04-07 13:43:49 ----D---- C:\Program Files\Serif Standa
2011-04-06 13:53:57 ----D---- C:\Program Files\Gothic III
2011-04-05 14:27:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2011-04-05 14:27:13 ----D---- C:\Program Files\DVD Shrink
2011-04-02 23:52:09 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-03-31 22:17:37 ----D---- C:\Program Files\Mozilla Firefox
2011-03-31 19:01:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\NexonUS

======List of files/folders modified in the last 1 months======

2011-04-30 13:19:51 ----D---- C:\WINDOWS\Prefetch
2011-04-30 13:19:45 ----D---- C:\Program Files\trend micro
2011-04-30 13:18:21 ----D---- C:\WINDOWS\temp
2011-04-30 13:18:21 ----D---- C:\WINDOWS
2011-04-30 10:50:56 ----D---- C:\WINDOWS\Microsoft.NET
2011-04-30 00:38:14 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-04-30 00:38:13 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-29 23:30:29 ----D---- C:\Documents and Settings\Bartman\Data aplikací\Skype
2011-04-29 22:47:17 ----D---- C:\Documents and Settings\Bartman\Data aplikací\uTorrent
2011-04-29 18:52:47 ----D---- C:\Documents and Settings\Bartman\Data aplikací\skypePM
2011-04-29 16:27:09 ----RD---- C:\Program Files
2011-04-29 16:27:03 ----A---- C:\WINDOWS\disney.ini
2011-04-29 13:21:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-04-29 09:40:46 ----D---- C:\Documents and Settings\Bartman\Data aplikací\LangSoft
2011-04-28 22:03:44 ----D---- C:\WINDOWS\Debug
2011-04-25 08:15:34 ----A---- C:\LOGFILE.TXT
2011-04-24 23:01:26 ----D---- C:\Program Files\Razor
2011-04-24 22:40:06 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-24 13:34:13 ----RSD---- C:\WINDOWS\Fonts
2011-04-24 13:33:19 ----A---- C:\WINDOWS\iun6002.exe
2011-04-24 10:20:47 ----D---- C:\Documents and Settings\Bartman\Data aplikací\Spyware Terminator
2011-04-23 10:24:44 ----SHD---- C:\WINDOWS\Installer
2011-04-23 10:23:44 ----D---- C:\WINDOWS\system32
2011-04-20 16:58:34 ----D---- C:\Documents and Settings\Bartman\Data aplikací\PC Suite
2011-04-19 20:43:08 ----D---- C:\WINDOWS\system32\drivers
2011-04-19 19:00:46 ----HD---- C:\WINDOWS\inf
2011-04-19 18:56:47 ----D---- C:\Program Files\PC Connectivity Solution
2011-04-19 18:55:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
2011-04-19 18:52:40 ----D---- C:\Program Files\Common Files\Nokia
2011-04-19 18:51:37 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-04-19 18:50:58 ----D---- C:\Program Files\Nokia
2011-04-19 18:42:44 ----D---- C:\WINDOWS\Globalization
2011-04-19 18:42:40 ----RSD---- C:\WINDOWS\assembly
2011-04-19 17:51:28 ----D---- C:\Documents and Settings\Bartman\Data aplikací\Nokia
2011-04-18 15:46:44 ----A---- C:\WINDOWS\system32\MRT.exe
2011-04-16 00:27:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-04-16 00:24:27 ----HD---- C:\WINDOWS\$hf_mig$
2011-04-16 00:24:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-16 00:21:58 ----D---- C:\Program Files\Internet Explorer
2011-04-16 00:20:59 ----D---- C:\WINDOWS\ie8updates
2011-04-16 00:20:34 ----D---- C:\WINDOWS\WinSxS
2011-04-16 00:18:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-15 16:08:10 ----D---- C:\WINDOWS\system32\DirectX
2011-04-14 21:52:59 ----D---- C:\Program Files\Atlantica online
2011-04-14 21:34:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-04-14 15:43:17 ----D---- C:\Program Files\Disney Interactive Studios
2011-04-03 20:24:31 ----D---- C:\Documents and Settings\Bartman\Data aplikací\The Creative Assembly
2011-04-02 10:20:13 ----A---- C:\WINDOWS\disneysy.ini
2011-03-31 22:17:52 ----D---- C:\Documents and Settings\Bartman\Data aplikací\Mozilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-05-17 92800]
R0 pe3akrnb;Faces of War Environment Driver (pe3akrnb); C:\WINDOWS\system32\drivers\pe3akrnb.sys [2007-04-19 64896]
R0 ps6akrnb;Faces of War Synchronization Driver (ps6akrnb); C:\WINDOWS\system32\drivers\ps6akrnb.sys [2007-04-19 53128]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-05 685816]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2010-01-14 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/04/07 10:36:19]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-02-27 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-02-27 25888]
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2010-01-14 62848]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-17 2297664]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2010-01-14 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-01-08 9888672]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2010-01-14 32384]
S1 DumpDrv;Crash Dump Driver; C:\WINDOWS\system32\drivers\DumpDrv.sys [2010-01-14 9472]
S3 aey87fhv;aey87fhv; C:\WINDOWS\system32\drivers\aey87fhv.sys []
S3 alln4bx0;alln4bx0; C:\WINDOWS\system32\drivers\alln4bx0.sys []
S3 C-Dilla;C-Dilla; \??\C:\WINDOWS\system32\drivers\CDANT.SYS []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\Bartman\LOCALS~1\Temp\VAL49.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-07-26 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-07-26 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2010-01-14 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2010-01-14 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2010-01-14 133632]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-02-23 42184]
R2 C-DillaSrv;C-DillaSrv; C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [2011-02-17 46080]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-01-07 156776]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-01-27 75136]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-06-02 488960]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2010-05-07 92008]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
S2 pr2akrnb;Faces of War Drivers Auto Removal (pr2akrnb); C:\WINDOWS\system32\pr2akrnb.exe [2007-04-19 407168]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-02-20 74360]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-17 1045256]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2010-01-14 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

ComboFix 11-04-29.03 - Bartman 30.04.2011 14:32:05.7.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2559.1890 [GMT 2:00]
Spuštěný z: c:\documents and settings\Bartman\Dokumenty\Stažené soubory\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Bartman\Local Settings\Data aplikací\.#
c:\documents and settings\Bartman\WINDOWS
c:\windows\system32\miccyhook.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-28 do 2011-04-30 )))))))))))))))))))))))))))))))
.
.
2011-04-26 18:28 . 2011-04-26 18:28 -------- d-----w- c:\program files\Valve
2011-04-24 20:46 . 2011-04-24 21:01 -------- d-----w- c:\program files\Electronic Arts
2011-04-24 20:30 . 2011-04-24 20:42 -------- d-----w- c:\program files\EA Games
2011-04-24 11:35 . 2011-04-24 11:39 -------- d-----w- c:\documents and settings\Bartman\Data aplikací\vlc
2011-04-24 11:33 . 2011-04-24 11:34 -------- d-----w- c:\program files\Televize - SychrovNET
2011-04-22 20:27 . 2011-04-22 20:27 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\SecuROM
2011-04-22 14:12 . 2011-04-22 14:12 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2011-04-22 14:12 . 2011-04-22 14:12 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2011-04-22 14:12 . 2011-04-22 14:12 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2011-04-22 14:12 . 2011-04-22 14:12 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2011-04-22 14:12 . 2011-04-22 14:12 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2011-04-22 14:12 . 2011-04-22 14:12 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2011-04-22 14:12 . 2011-04-22 14:12 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2011-04-22 14:11 . 2011-04-22 14:12 -------- d-----w- c:\program files\QuickTime
2011-04-22 14:11 . 2011-04-22 14:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Apple Computer
2011-04-22 14:10 . 2011-04-22 14:10 -------- d-----w- c:\program files\Apple Software Update
2011-04-22 14:10 . 2011-04-22 14:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Apple
2011-04-19 16:51 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-04-19 16:51 . 2010-07-26 10:24 8576 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2011-04-19 16:51 . 2010-07-26 10:24 137600 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2011-04-19 16:51 . 2010-07-30 12:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-04-19 16:51 . 2010-07-30 12:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-04-19 16:51 . 2010-07-30 12:16 23040 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-04-19 16:51 . 2010-07-30 12:17 111104 ----a-w- c:\windows\system32\ccdcmbwu.dll
2011-04-19 16:51 . 2010-07-30 12:17 604160 ----a-w- c:\windows\system32\nmwcdcocls.dll
2011-04-19 16:51 . 2010-07-30 12:16 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2011-04-19 16:51 . 2010-02-26 12:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-04-19 16:49 . 2011-04-19 16:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NokiaInstallerCache
2011-04-19 15:51 . 2011-04-19 15:51 -------- d-----w- c:\documents and settings\Bartman\Data aplikací\Nokia Ovi Suite
2011-04-19 09:28 . 2011-04-19 09:28 -------- d-----w- c:\program files\NAMCO BANDAI Games
2011-04-17 17:33 . 2011-04-17 17:33 -------- d-----w- c:\program files\Brave Dwarves Back for Treasures
2011-04-16 09:36 . 2011-04-16 09:36 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DivoGames
2011-04-16 09:36 . 2011-04-16 09:36 -------- d-----w- c:\program files\Poklady starověké sluje
2011-04-16 09:27 . 2011-04-16 09:28 -------- d-----w- c:\documents and settings\Bartman\Data aplikací\SecretIslandEng
2011-04-16 09:26 . 2011-04-29 14:26 -------- d-----w- c:\program files\Poklady ostrova zahad
2011-04-15 13:50 . 2011-04-26 14:07 -------- d-----w- c:\program files\League of Legends
2011-04-14 01:39 . 2011-04-14 01:39 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-04-10 11:57 . 2011-04-10 12:07 -------- d-----w- c:\program files\Iron Man
2011-04-07 11:44 . 2011-04-07 11:44 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ERS G-Studio
2011-04-07 11:43 . 2011-04-14 13:44 -------- d-----w- c:\program files\Serif Standa
2011-04-06 11:53 . 2011-04-06 12:06 -------- d-----w- c:\program files\Gothic III
2011-04-05 12:27 . 2011-04-22 09:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DVD Shrink
2011-04-05 12:27 . 2011-04-05 13:03 -------- d-----w- c:\program files\DVD Shrink
2011-04-03 18:44 . 2011-04-03 18:44 -------- d-----w- c:\documents and settings\Bartman\Local Settings\Data aplikací\Chromium
2011-04-02 21:52 . 2011-02-23 13:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-03-31 20:17 . 2011-03-31 20:17 -------- d-----w- c:\documents and settings\Bartman\Local Settings\Data aplikací\Mozilla
2011-03-31 17:01 . 2011-03-31 17:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NexonUS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-24 11:33 . 2010-08-24 12:44 720896 ----a-w- c:\windows\iun6002.exe
2011-03-25 16:01 . 2010-02-27 16:38 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-03-07 05:31 . 2010-02-24 13:09 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:35 . 2010-01-14 15:02 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:52 . 2010-01-14 15:02 1866880 ----a-w- c:\windows\system32\win32k.sys
2011-02-23 14:04 . 2010-06-29 10:57 40648 ----a-w- c:\windows\avastSS.scr
2011-02-23 14:04 . 2010-04-08 19:25 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-23 13:56 . 2010-04-08 19:27 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-23 13:55 . 2010-04-08 19:27 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-23 13:55 . 2010-04-08 19:27 102232 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-02-23 13:55 . 2010-04-08 19:27 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-02-23 13:55 . 2010-04-08 19:27 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-23 13:54 . 2010-04-08 19:27 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-02-23 13:54 . 2010-04-08 19:27 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-22 23:26 . 2010-01-14 15:02 919552 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:26 . 2010-01-14 15:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:26 . 2010-01-14 15:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-18 12:08 . 2010-01-14 15:00 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 19:26 . 2011-02-17 19:26 7056 ----a-w- c:\windows\CDILLA16.EXE
2011-02-17 19:26 . 2011-02-17 19:26 63344 ----a-w- c:\windows\CDILLA05.DLL
2011-02-17 19:26 . 2011-02-17 19:26 60416 ----a-w- c:\windows\CDILLA64.EXE
2011-02-17 19:26 . 2011-02-17 19:26 58160 ----a-w- c:\windows\system32\drivers\CDANT.SYS
2011-02-17 19:26 . 2011-02-17 19:26 55376 ----a-w- c:\windows\CDILLA40.DLL
2011-02-17 19:26 . 2011-02-17 19:26 46080 ----a-w- c:\windows\system32\drivers\CDANTSRV.EXE
2011-02-17 19:26 . 2011-02-17 19:26 44544 ----a-w- c:\windows\CDILLA13.DLL
2011-02-17 19:26 . 2011-02-17 19:26 260608 ----a-w- c:\windows\CDILLA32.DLL
2011-02-17 19:26 . 2011-02-17 19:26 23856 ----a-w- c:\windows\CDILLA10.EXE
2011-02-17 16:24 . 2010-01-14 15:02 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-17 13:19 . 2010-01-14 15:00 457472 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:19 . 2010-01-14 15:01 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-15 13:05 . 2010-01-14 14:59 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-12 13:09 . 2010-03-06 21:52 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-02-12 13:08 . 2010-03-06 21:59 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-02-12 13:08 . 2010-03-06 21:52 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-02-09 13:53 . 2008-04-14 11:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 11:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2008-04-14 11:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2008-04-14 11:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-06 18:26 . 2010-03-06 21:52 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-04-29 20:47 . 2011-03-31 20:17 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
.
[-] 2009-10-09 . FF876311F58C86EC3E1A24F585949C25 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 14:04 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-06-02 3037696]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2010-08-10 26624]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2009-11-19 75048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 77824]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-02-23 3451496]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
.
c:\documents and settings\Bartman\Nabˇdka Start\Programy\Po spuçtŘnˇ\
GIGABYTE Gamer HUD.lnk - c:\documents and settings\Bartman\Data aplikacˇ\Microsoft\Installer\{1A3210EE-7494-4879-9270-A721ED7F9947}\HUD.exe1_1A3210EE749448799270A721ED7F9947.exe [2011-1-24 40960]
Obsah aplikace OneNote.onetoc2 [2010-12-22 3656]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2010-01-14 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Ubisoft\\THE SETTLERS - Vzestup říše\\base\\bin\\Settlers6.exe"=
"c:\\Program Files\\Ubisoft\\THE SETTLERS - Vzestup říše\\extra1\\bin\\Settlers6.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\AddonWeb.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\1C Company\\Men of War\\mow.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Deep Silver\\Sacred 2 - Gold\\system\\s2gs.exe"=
"c:\\Program Files\\Deep Silver\\Sacred 2 - Gold\\system\\sacred2.exe"=
"c:\\Program Files\\League of Legends\\Air\\LolClient.exe"=
"c:\\Program Files\\League of Legends\\Game\\League of Legends.exe"=
"c:\\Documents and Settings\\Bartman\\Local Settings\\Data aplikací\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Panzers1\\Run\\panzers.exe"=
"c:\\Program Files\\Reality Pump\\Two Worlds II\\TwoWorlds2.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Iron Man\\IronMan.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56578:TCP"= 56578:TCP:Pando Media Booster
"56578:UDP"= 56578:UDP:Pando Media Booster
"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"8395:TCP"= 8395:TCP:League of Legends Launcher
"8395:UDP"= 8395:UDP:League of Legends Launcher
"8396:TCP"= 8396:TCP:League of Legends Launcher
"8396:UDP"= 8396:UDP:League of Legends Launcher
"58152:TCP"= 58152:TCP:Pando Media Booster
"58152:UDP"= 58152:UDP:Pando Media Booster
"58224:TCP"= 58224:TCP:Pando Media Booster
"58224:UDP"= 58224:UDP:Pando Media Booster
"6918:TCP"= 6918:TCP:League of Legends Launcher
"6918:UDP"= 6918:UDP:League of Legends Launcher
"6932:TCP"= 6932:TCP:League of Legends Launcher
"6932:UDP"= 6932:UDP:League of Legends Launcher
"6934:TCP"= 6934:TCP:League of Legends Launcher
"6934:UDP"= 6934:UDP:League of Legends Launcher
"6991:TCP"= 6991:TCP:League of Legends Launcher
"6991:UDP"= 6991:UDP:League of Legends Launcher
"6897:TCP"= 6897:TCP:League of Legends Launcher
"6897:UDP"= 6897:UDP:League of Legends Launcher
"6901:TCP"= 6901:TCP:League of Legends Launcher
"6901:UDP"= 6901:UDP:League of Legends Launcher
"6893:TCP"= 6893:TCP:League of Legends Launcher
"6893:UDP"= 6893:UDP:League of Legends Launcher
"8397:TCP"= 8397:TCP:League of Legends Launcher
"8397:UDP"= 8397:UDP:League of Legends Launcher
"6928:TCP"= 6928:TCP:League of Legends Launcher
"6928:UDP"= 6928:UDP:League of Legends Launcher
"6990:TCP"= 6990:TCP:League of Legends Launcher
"6990:UDP"= 6990:UDP:League of Legends Launcher
.
R0 pe3akrnb;Faces of War Environment Driver (pe3akrnb);c:\windows\system32\drivers\pe3akrnb.sys [19.4.2007 17:04 64896]
R0 ps6akrnb;Faces of War Synchronization Driver (ps6akrnb);c:\windows\system32\drivers\ps6akrnb.sys [19.4.2007 17:03 53128]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.5.2010 19:54 685816]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2.4.2011 23:52 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8.4.2010 21:27 301528]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2.6.2010 14:36 142592]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/04/07 10:36];c:\program files\CyberLink\PowerDVD9\000.fcl [28.2.2009 19:40 87536]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8.4.2010 21:27 19544]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 14:16 130384]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [7.5.2010 14:36 92008]
S1 DumpDrv;Crash Dump Driver;c:\windows\system32\drivers\dumpdrv.sys [14.1.2010 17:04 9472]
S2 pr2akrnb;Faces of War Drivers Auto Removal (pr2akrnb);c:\windows\system32\pr2akrnb.exe svc --> c:\windows\system32\pr2akrnb.exe svc [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Bartman\LOCALS~1\Temp\VAL49.tmp --> c:\docume~1\Bartman\LOCALS~1\Temp\VAL49.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\safedrv.sys --> c:\program files\Garena\safedrv.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [19.4.2011 18:51 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [19.4.2011 18:51 8576]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.1.2010 17:01 14848]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 14:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-30 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-09-28 21:44]
.
2011-04-30 c:\windows\Tasks\User_Feed_Synchronization-{C125B866-6152-48BB-9720-4C62DB57C12C}.job
- c:\windows\system32\msfeedssync.exe [2010-01-14 15:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} - file:///C:/Program%20Files/AutoCAD%202002%20Cz/InstFred.ocx
DPF: {AE563723-B4F5-11D4-A415-00108302FDFD} - file:///C:/Program%20Files/AutoCAD%202002%20Cz/InstBanr.ocx
FF - ProfilePath - c:\documents and settings\Bartman\Data aplikací\Mozilla\Firefox\Profiles\pggnztd0.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-NvCplDaemon - (no file)
HKCU-Run-QuickTime Task - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-30 14:41
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Bartman\LOCALS~1\Temp\VAL49.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2011-04-30 14:46:43
ComboFix-quarantined-files.txt 2011-04-30 12:46
.
Před spuštěním: Volných bajtů: 18 048 643 072
Po spuštění: Volných bajtů: 18 032 259 072
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 8216FFAB539D405BD3671278FDEF0547

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkpopírujte do něj:

Folder::
c:\program files\Ask.com

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

Uložte na plochu jako CFScript.txt. Pak je myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

ComboFix 11-04-29.03 - Bartman 01.05.2011 0:18.8.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2559.2006 [GMT 2:00]
Spuštěný z: c:\documents and settings\Bartman\Dokumenty\Stažené soubory\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Bartman\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_77.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-28 do 2011-04-30 )))))))))))))))))))))))))))))))
.
.
2011-04-30 21:54 . 2011-04-30 21:54 -------- d-----w- c:\documents and settings\Bartman\Data aplikací\.minecraft
2011-04-30 21:54 . 2011-04-30 21:54 -------- d-----w- c:\program files\Common Files\Java
2011-04-30 21:54 . 2011-04-30 21:54 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-04-26 18:28 . 2011-04-26 18:28 -------- d-----w- c:\program files\Valve
2011-04-24 20:46 . 2011-04-24 21:01 -------- d-----w- c:\program files\Electronic Arts
2011-04-24 20:30 . 2011-04-24 20:42 -------- d-----w- c:\program files\EA Games
2011-04-24 11:35 . 2011-04-24 11:39 -------- d-----w- c:\documents and settings\Bartman\Data aplikací\vlc
2011-04-24 11:33 . 2011-04-24 11:34 -------- d-----w- c:\program files\Televize - SychrovNET
2011-04-22 20:27 . 2011-04-22 20:27 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\SecuROM
2011-04-22 14:12 . 2011-04-22 14:12 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2011-04-22 14:12 . 2011-04-22 14:12 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2011-04-22 14:12 . 2011-04-22 14:12 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2011-04-22 14:12 . 2011-04-22 14:12 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2011-04-22 14:12 . 2011-04-22 14:12 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2011-04-22 14:12 . 2011-04-22 14:12 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2011-04-22 14:12 . 2011-04-22 14:12 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2011-04-22 14:11 . 2011-04-22 14:12 -------- d-----w- c:\program files\QuickTime
2011-04-22 14:11 . 2011-04-22 14:11 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Apple Computer
2011-04-22 14:10 . 2011-04-22 14:10 -------- d-----w- c:\program files\Apple Software Update
2011-04-22 14:10 . 2011-04-22 14:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Apple
2011-04-19 16:51 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-04-19 16:51 . 2010-07-26 10:24 8576 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2011-04-19 16:51 . 2010-07-26 10:24 137600 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2011-04-19 16:51 . 2010-07-30 12:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-04-19 16:51 . 2010-07-30 12:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-04-19 16:51 . 2010-07-30 12:16 23040 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-04-19 16:51 . 2010-07-30 12:17 111104 ----a-w- c:\windows\system32\ccdcmbwu.dll
2011-04-19 16:51 . 2010-07-30 12:17 604160 ----a-w- c:\windows\system32\nmwcdcocls.dll
2011-04-19 16:51 . 2010-07-30 12:16 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2011-04-19 16:51 . 2010-02-26 12:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-04-19 16:49 . 2011-04-19 16:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\NokiaInstallerCache
2011-04-19 15:51 . 2011-04-19 15:51 -------- d-----w- c:\documents and settings\Bartman\Data aplikací\Nokia Ovi Suite
2011-04-19 09:28 . 2011-04-19 09:28 -------- d-----w- c:\program files\NAMCO BANDAI Games
2011-04-17 17:33 . 2011-04-17 17:33 -------- d-----w- c:\program files\Brave Dwarves Back for Treasures
2011-04-16 09:36 . 2011-04-16 09:36 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DivoGames
2011-04-16 09:36 . 2011-04-16 09:36 -------- d-----w- c:\program files\Poklady starověké sluje
2011-04-16 09:27 . 2011-04-16 09:28 -------- d-----w- c:\documents and settings\Bartman\Data aplikací\SecretIslandEng
2011-04-16 09:26 . 2011-04-29 14:26 -------- d-----w- c:\program files\Poklady ostrova zahad
2011-04-15 13:50 . 2011-04-26 14:07 -------- d-----w- c:\program files\League of Legends
2011-04-14 01:39 . 2011-04-14 01:39 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-04-10 11:57 . 2011-04-10 12:07 -------- d-----w- c:\program files\Iron Man
2011-04-07 11:44 . 2011-04-07 11:44 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ERS G-Studio
2011-04-07 11:43 . 2011-04-14 13:44 -------- d-----w- c:\program files\Serif Standa
2011-04-06 11:53 . 2011-04-06 12:06 -------- d-----w- c:\program files\Gothic III
2011-04-05 12:27 . 2011-04-22 09:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DVD Shrink
2011-04-05 12:27 . 2011-04-05 13:03 -------- d-----w- c:\program files\DVD Shrink
2011-04-03 18:44 . 2011-04-03 18:44 -------- d-----w- c:\documents and settings\Bartman\Local Settings\Data aplikací\Chromium
2011-04-02 21:52 . 2011-02-23 13:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-30 21:54 . 2010-06-23 09:41 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-24 11:33 . 2010-08-24 12:44 720896 ----a-w- c:\windows\iun6002.exe
2011-03-25 16:01 . 2010-02-27 16:38 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-03-07 05:31 . 2010-02-24 13:09 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:35 . 2010-01-14 15:02 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:52 . 2010-01-14 15:02 1866880 ----a-w- c:\windows\system32\win32k.sys
2011-02-23 14:04 . 2010-06-29 10:57 40648 ----a-w- c:\windows\avastSS.scr
2011-02-23 14:04 . 2010-04-08 19:25 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-02-23 13:56 . 2010-04-08 19:27 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-02-23 13:55 . 2010-04-08 19:27 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-02-23 13:55 . 2010-04-08 19:27 102232 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-02-23 13:55 . 2010-04-08 19:27 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-02-23 13:55 . 2010-04-08 19:27 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-02-23 13:54 . 2010-04-08 19:27 30680 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-02-23 13:54 . 2010-04-08 19:27 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-02-22 23:26 . 2010-01-14 15:02 919552 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:26 . 2010-01-14 15:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:26 . 2010-01-14 15:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-18 12:08 . 2010-01-14 15:00 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 19:26 . 2011-02-17 19:26 7056 ----a-w- c:\windows\CDILLA16.EXE
2011-02-17 19:26 . 2011-02-17 19:26 63344 ----a-w- c:\windows\CDILLA05.DLL
2011-02-17 19:26 . 2011-02-17 19:26 60416 ----a-w- c:\windows\CDILLA64.EXE
2011-02-17 19:26 . 2011-02-17 19:26 58160 ----a-w- c:\windows\system32\drivers\CDANT.SYS
2011-02-17 19:26 . 2011-02-17 19:26 55376 ----a-w- c:\windows\CDILLA40.DLL
2011-02-17 19:26 . 2011-02-17 19:26 46080 ----a-w- c:\windows\system32\drivers\CDANTSRV.EXE
2011-02-17 19:26 . 2011-02-17 19:26 44544 ----a-w- c:\windows\CDILLA13.DLL
2011-02-17 19:26 . 2011-02-17 19:26 260608 ----a-w- c:\windows\CDILLA32.DLL
2011-02-17 19:26 . 2011-02-17 19:26 23856 ----a-w- c:\windows\CDILLA10.EXE
2011-02-17 16:24 . 2010-01-14 15:02 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-17 13:19 . 2010-01-14 15:00 457472 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:19 . 2010-01-14 15:01 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-15 13:05 . 2010-01-14 14:59 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-12 13:09 . 2010-03-06 21:52 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-02-12 13:08 . 2010-03-06 21:59 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-02-12 13:08 . 2010-03-06 21:52 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-02-09 13:53 . 2008-04-14 11:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 11:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2008-04-14 11:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2008-04-14 11:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-06 18:26 . 2010-03-06 21:52 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-04-29 20:47 . 2011-03-31 20:17 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
.
[-] 2009-10-09 . FF876311F58C86EC3E1A24F585949C25 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-04-30_12.41.58 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-30 21:54 . 2011-04-30 21:54 16384 c:\windows\temp\Perflib_Perfdata_5bc.dat
+ 2011-04-30 21:54 . 2011-04-30 21:54 157472 c:\windows\system32\javaws.exe
+ 2011-04-30 21:54 . 2011-04-30 21:54 145184 c:\windows\system32\javaw.exe
+ 2011-04-30 21:54 . 2011-04-30 21:54 145184 c:\windows\system32\java.exe
+ 2011-04-30 21:54 . 2011-04-30 21:54 180224 c:\windows\Installer\24ed2ff.msi
+ 2011-04-30 21:53 . 2011-04-30 21:53 675840 c:\windows\Installer\24ed2fa.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 14:04 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-06-02 3037696]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2010-08-10 26624]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2009-11-19 75048]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 77824]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-02-23 3451496]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
.
c:\documents and settings\Bartman\Nabˇdka Start\Programy\Po spuçtŘnˇ\
GIGABYTE Gamer HUD.lnk - c:\documents and settings\Bartman\Data aplikacˇ\Microsoft\Installer\{1A3210EE-7494-4879-9270-A721ED7F9947}\HUD.exe1_1A3210EE749448799270A721ED7F9947.exe [2011-1-24 40960]
Obsah aplikace OneNote.onetoc2 [2010-12-22 3656]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2010-01-14 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Ubisoft\\THE SETTLERS - Vzestup říše\\base\\bin\\Settlers6.exe"=
"c:\\Program Files\\Ubisoft\\THE SETTLERS - Vzestup říše\\extra1\\bin\\Settlers6.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\AddonWeb.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\1C Company\\Men of War\\mow.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Deep Silver\\Sacred 2 - Gold\\system\\s2gs.exe"=
"c:\\Program Files\\Deep Silver\\Sacred 2 - Gold\\system\\sacred2.exe"=
"c:\\Program Files\\League of Legends\\Air\\LolClient.exe"=
"c:\\Program Files\\League of Legends\\Game\\League of Legends.exe"=
"c:\\Documents and Settings\\Bartman\\Local Settings\\Data aplikací\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Panzers1\\Run\\panzers.exe"=
"c:\\Program Files\\Reality Pump\\Two Worlds II\\TwoWorlds2.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Iron Man\\IronMan.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56578:TCP"= 56578:TCP:Pando Media Booster
"56578:UDP"= 56578:UDP:Pando Media Booster
"8394:TCP"= 8394:TCP:League of Legends Launcher
"8394:UDP"= 8394:UDP:League of Legends Launcher
"8395:TCP"= 8395:TCP:League of Legends Launcher
"8395:UDP"= 8395:UDP:League of Legends Launcher
"8396:TCP"= 8396:TCP:League of Legends Launcher
"8396:UDP"= 8396:UDP:League of Legends Launcher
"58152:TCP"= 58152:TCP:Pando Media Booster
"58152:UDP"= 58152:UDP:Pando Media Booster
"58224:TCP"= 58224:TCP:Pando Media Booster
"58224:UDP"= 58224:UDP:Pando Media Booster
"6918:TCP"= 6918:TCP:League of Legends Launcher
"6918:UDP"= 6918:UDP:League of Legends Launcher
"6932:TCP"= 6932:TCP:League of Legends Launcher
"6932:UDP"= 6932:UDP:League of Legends Launcher
"6934:TCP"= 6934:TCP:League of Legends Launcher
"6934:UDP"= 6934:UDP:League of Legends Launcher
"6991:TCP"= 6991:TCP:League of Legends Launcher
"6991:UDP"= 6991:UDP:League of Legends Launcher
"6897:TCP"= 6897:TCP:League of Legends Launcher
"6897:UDP"= 6897:UDP:League of Legends Launcher
"6901:TCP"= 6901:TCP:League of Legends Launcher
"6901:UDP"= 6901:UDP:League of Legends Launcher
"6893:TCP"= 6893:TCP:League of Legends Launcher
"6893:UDP"= 6893:UDP:League of Legends Launcher
"8397:TCP"= 8397:TCP:League of Legends Launcher
"8397:UDP"= 8397:UDP:League of Legends Launcher
"6928:TCP"= 6928:TCP:League of Legends Launcher
"6928:UDP"= 6928:UDP:League of Legends Launcher
"6990:TCP"= 6990:TCP:League of Legends Launcher
"6990:UDP"= 6990:UDP:League of Legends Launcher
.
R0 pe3akrnb;Faces of War Environment Driver (pe3akrnb);c:\windows\system32\drivers\pe3akrnb.sys [19.4.2007 17:04 64896]
R0 ps6akrnb;Faces of War Synchronization Driver (ps6akrnb);c:\windows\system32\drivers\ps6akrnb.sys [19.4.2007 17:03 53128]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.5.2010 19:54 685816]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2.4.2011 23:52 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8.4.2010 21:27 301528]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2.6.2010 14:36 142592]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/04/07 10:36];c:\program files\CyberLink\PowerDVD9\000.fcl [28.2.2009 19:40 87536]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8.4.2010 21:27 19544]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 14:16 130384]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [7.5.2010 14:36 92008]
S1 DumpDrv;Crash Dump Driver;c:\windows\system32\drivers\dumpdrv.sys [14.1.2010 17:04 9472]
S2 pr2akrnb;Faces of War Drivers Auto Removal (pr2akrnb);c:\windows\system32\pr2akrnb.exe svc --> c:\windows\system32\pr2akrnb.exe svc [?]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Bartman\LOCALS~1\Temp\VAL49.tmp --> c:\docume~1\Bartman\LOCALS~1\Temp\VAL49.tmp [?]
S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\safedrv.sys --> c:\program files\Garena\safedrv.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [19.4.2011 18:51 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [19.4.2011 18:51 8576]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.1.2010 17:01 14848]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 14:16 753504]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - JAVAQUICKSTARTERSERVICE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-30 c:\windows\Tasks\User_Feed_Synchronization-{C125B866-6152-48BB-9720-4C62DB57C12C}.job
- c:\windows\system32\msfeedssync.exe [2010-01-14 15:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
DPF: {1F831FA2-42FC-11D4-95A6-0080AD30DCE1} - file:///C:/Program%20Files/AutoCAD%202002%20Cz/InstFred.ocx
DPF: {AE563723-B4F5-11D4-A415-00108302FDFD} - file:///C:/Program%20Files/AutoCAD%202002%20Cz/InstBanr.ocx
FF - ProfilePath - c:\documents and settings\Bartman\Data aplikací\Mozilla\Firefox\Profiles\pggnztd0.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-01 00:32
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Bartman\LOCALS~1\Temp\VAL49.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2011-05-01 00:36:41
ComboFix-quarantined-files.txt 2011-04-30 22:36
ComboFix2.txt 2011-04-30 12:46
.
Před spuštěním: Volných bajtů: 17 883 336 704
Po spuštění: Volných bajtů: 17 862 660 096
.
- - End Of File - - BE5C47F6D46EC4BC8123A65BDC833E6C

Smazáno, log již vypadá čistý. Nastala nějaká změna?

vše zatím OK, kdyžtak se ozvu

VIRY.CZ

Prosím o kontrolu logu, občasné zamrznutí PC

Prosím o kontrolu logu, občasné zamrznutí PC

Re: Prosím o kontrolu logu, občasné zamrznutí PC

Re: Prosím o kontrolu logu, občasné zamrznutí PC

Re: Prosím o kontrolu logu, občasné zamrznutí PC

Re: Prosím o kontrolu logu, občasné zamrznutí PC

Re: Prosím o kontrolu logu, občasné zamrznutí PC

Re: Prosím o kontrolu logu, občasné zamrznutí PC

Re: Prosím o kontrolu logu, občasné zamrznutí PC