VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ajfel at 2011-08-19 19:30:57
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 30 GB (40%) free of 76 GB
Total RAM: 3326 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:31:01, on 19.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\Explorer.EXE
C:\windows\system32\spoolsv.exe
C:\windows\system32\Rundll32.exe
C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\windows\system32\RunDLL32.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\PnkBstrA.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files\Phone spy 93\SoundService.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\Documents and Settings\Ajfel\Local Settings\Temporary Internet Files\Content.IE5\VMSLDLFU\Flash-Player[1].exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\PROGRA~1\COMMON~1\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Documents and Settings\Ajfel\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Ajfel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php?ref=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.1.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Webblog - {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Program Files\wbtooltb\wbtoolDx.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Webblog - {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Program Files\wbtooltb\wbtoolDx.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.1.0.29\coIEPlg.dll
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MST" WISE_SETUP_EXE_PATH="c:\nvidia\displaydriver\195.62\winxp\english\PhysX_9.09.0814_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1757981266-838170752-725345543-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2989084203
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C42BA11F-AC3B-4BC4-BC06-03CC5563494B}: NameServer = 192.168.9.30,192.168.9.35
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Active@ Disk Monitor - LSoft Technologies Inc - C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sound service (SoundService1) - Unknown owner - C:\Program Files\Phone spy 93\SoundService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O23 - Service: wxpdrivers - Unknown owner - C:\Documents and Settings\Ajfel\Local Settings\Temporary Internet Files\Content.IE5\VMSLDLFU\Flash-Player[1].exe

--
End of file - 10023 bytes

======Scheduled tasks folder======

C:\windows\tasks\AppleSoftwareUpdate.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Ajfel\Data aplikací\Mozilla\Firefox\Profiles\lgzq2gi0.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "DTToolbar@toolbarnet.com:1.1.3.0244, {800b5000-a755-47e1-992b-48a1c1357f07}:2, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, gpxdown@geocaching.com:1.100630b, {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1, {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5, bkmrksync@nokia.com:1.0.0.736, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.babylon.com/?babsrc=SP_ss ... ef=sst&&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"=C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_1_3


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
babylon.xml
bing.xml
eBay.xml
google.xml
webblog.xml
wikipedia.xml
yahoo.xml

C:\Documents and Settings\Ajfel\Data aplikací\Mozilla\Firefox\Profiles\lgzq2gi0.default\extensions\
DTToolbar@toolbarnet.com
ffxtlbr@babylon.com
plugin@yontoo.com
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{20a82645-c095-46ed-80e3-08825760534b}
{C3947F4E-8894-4C04-98E0-DF182C706DDF}

C:\Documents and Settings\Ajfel\Data aplikací\Mozilla\Firefox\Profiles\lgzq2gi0.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\5.1.0.29\coIEPlg.dll [2011-04-29 436152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL [2011-03-31 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3947F4E-8894-4C04-98E0-DF182C706DDF}]
Webblog - C:\Program Files\wbtooltb\wbtoolDx.dll [2010-12-09 86696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo Layers - C:\Program Files\Yontoo Layers Runtime\YontooIEClient.dll [2011-07-15 195360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{C3947F4E-8894-4C04-98E0-DF182C706DDF} - Webblog - C:\Program Files\wbtooltb\wbtoolDx.dll [2010-12-09 86696]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\5.1.0.29\coIEPlg.dll [2011-04-29 436152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"P17Helper"=Rundll32 P17.dll,P17Helper []
"Anti-phishing Domain Advisor"=C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2010-12-13 223400]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2011-08-03 13892200]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-07-05 1632360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2005-11-15 1200128]
""= []
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-08-04 966712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MSI TRANSFORMS=C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MST WISE_SETUP_EXE_PATH=c:\nvidia\displaydriver\195.62\winxp\english\PhysX_9.09.0814_SystemSoftware.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Atari\TDU2\UpLauncher.exe"="C:\Program Files\Atari\TDU2\UpLauncher.exe:*:Enabled:UpLauncher"
"C:\Program Files\Atari\TDU2\TestDrive2.exe"="C:\Program Files\Atari\TDU2\TestDrive2.exe:*:Enabled:Test Drive Unlimited 2"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite"
"D:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="D:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"D:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="D:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"D:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="D:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"vidc.avrn"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\avidavicodec.dll
"vidc.advj"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\avidavicodec.dll
"vidc.mszh"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\avimszh.dll
"vidc.zlib"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\avizlib.dll
"vidc.cscd"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\camcodec.dll
"vidc.cvid"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\iccvid.dll
"msacm.trspch"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\tssoft32.acm
"vidc.em2v"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\etxcodec.dll
"vidc.mkvc"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\kmvidc32.dll
"vidc.hfyu"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\huffyuv.dll
"msacm.lameacm"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\lameacm.acm
"msacm.lhacm"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\lhacm.acm
"msacm.l3acm"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\l3codecp.acm
"vidc.sjpg"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll
"vidc.dmb2"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll
"vidc.gepj"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\pmjpeg32.dll
"vidc.qpeg"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Qpeg32.dll
"vidc.q1.0"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Qpeg32.dll
"msacm.sl_anet"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\sl_anet.acm
"vidc.tscc"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\tsccvid.dll
"vidc.vifp"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\vfcodec.dll
"vidc.wrpr"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\aviwrap.dll
"vidc.wnv1"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\wnvplay1.dll
"vidc.advs"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Adaptec\Dvc.dll
"vidc.aflc"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Autodesk\flccodec32.dll
"vidc.afli"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Autodesk\flccodec32.dll
"vidc.aasc"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Autodesk\Aasc32.dll
"vidc.aas4"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Autodesk\Aasc32.dll
"vidc.asv1"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv1.dll
"vidc.asv2"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv2.dll
"vidc.asvx"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\ASUS\asusasv2.dll
"vidc.vcr1"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\ATI\ativcr1.dll
"vidc.vcr2"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\ATI\ativcr2.dll
"vidc.yv12"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\ATI\atiyuv12.DLL
"vidc.mwv1"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Aware\icmw_32.dll
"vidc.bt20"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Brooktree\btvvc32.drv
"vidc.y41p"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Brooktree\btvvc32.drv
"msacm.pcdv"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Canopus\pcdv.acm
"vidc.cdvc"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Canopus\CSCCDVC.DLL
"vidc.ddvc"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Canopus\CSCdvsd.DLL
"vidc.png1"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Core\CorePNG_vfw.dll
"msacm.CoreFLAC_ACM"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Core\CoreFLAC_ACM.acm
"vidc.davc"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\dicas\davcvfw.dll
"vidc.div3"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\DivX\DivXc32.dll
"vidc.div5"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\DivX\DivXc32.dll
"vidc.mpg3"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\DivX\DivXc32.dll
"vidc.div4"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\DivX\DivXc32f.dll
"vidc.div6"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\DivX\DivXc32f.dll
"vidc.ap41"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\DivX\DivXc32f.dll
"vidc.dvx4"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\DivX\divx4.dll
"vidc.divx"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\DivX\DivX520.dll
"msacm.divxa32"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\DivX\divxa32.acm
"vidc.frwd"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Forward\frwd.dll
"vidc.frwt"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Forward\frwd.dll
"vidc.frwa"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Forward\frwt.dll
"vidc.frwu"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Forward\frwu.dll
"vidc.glzw"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Gabest\GLZW.dll
"vidc.gpeg"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Gabest\GPEG.dll
"vidc.i263"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\i263_32.drv
"vidc.iv30"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll
"vidc.iv31"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll
"vidc.iv32"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll
"vidc.iv33"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll
"vidc.iv34"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll
"vidc.iv35"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll
"vidc.iv36"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll
"vidc.iv37"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll
"vidc.iv38"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll
"vidc.iv39"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir32_32.dll
"vidc.iv40"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll
"vidc.iv41"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll
"vidc.iv42"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll
"vidc.iv43"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll
"vidc.iv44"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll
"vidc.iv45"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll
"vidc.iv46"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll
"vidc.iv47"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll
"vidc.iv48"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll
"vidc.iv49"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir41_32.dll
"vidc.iv50"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\ir50_32.dll
"vidc.iyuv"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\iyuv_32.dll
"vidc.yvu9"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\Iyvu9_32.dll
"vidc.ir21"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\IR21_R.DLL
"vidc.rt21"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\IR21_R.DLL
"msacm.imc"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\Intel\IMC32.ACM
"vidc.lead"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\LEAD\LCODCCMP.DLL
"vidc.dvsd"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\MainConcept\MCDVD_32.DLL
"vidc.dvc"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\MainConcept\MCDVD_32.DLL
"vidc.dvcs"=C:\PROGRA~1\ACE Mega CoDecS Pack\SystemS\MainConcept\MCDVD_32.DLL

======List of files/folders created in the last 1 month======

2011-08-19 19:30:11 ----D---- C:\Program Files\trend micro
2011-08-19 19:30:10 ----D---- C:\rsit
2011-08-19 17:49:02 ----A---- C:\windows\winlog-ids.txt
2011-08-19 17:49:02 ----A---- C:\windows\winlog-dirs.txt
2011-08-19 17:48:56 ----A---- C:\windows\services32.exe
2011-08-17 20:23:06 ----A---- C:\windows\system32\uxtuneup.dll
2011-08-15 21:48:13 ----A---- C:\windows\system32\GEARAspi.dll
2011-08-15 21:48:13 ----A---- C:\windows\system32\drivers\GEARAspiWDM.sys
2011-08-15 21:47:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
2011-08-15 21:47:38 ----D---- C:\Program Files\Symantec
2011-08-15 21:47:38 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-08-15 21:47:38 ----A---- C:\windows\system32\S32EVNT1.DLL
2011-08-15 21:47:38 ----A---- C:\windows\system32\drivers\SYMEVENT.SYS
2011-08-15 21:47:12 ----D---- C:\windows\system32\drivers\N360
2011-08-15 21:47:11 ----D---- C:\Program Files\Norton 360
2011-08-15 21:47:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2011-08-15 21:46:58 ----D---- C:\Program Files\NortonInstaller
2011-08-10 18:33:54 ----HDC---- C:\windows\$NtUninstallKB2567680$
2011-08-10 18:33:14 ----HDC---- C:\windows\$NtUninstallKB2536276-v2$
2011-08-10 18:33:09 ----HDC---- C:\windows\$NtUninstallKB2570222$
2011-08-10 18:23:08 ----HDC---- C:\windows\$NtUninstallKB2566454$
2011-08-10 18:23:01 ----HDC---- C:\windows\$NtUninstallKB2562937$
2011-08-05 21:11:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2011-08-05 21:11:01 ----D---- C:\Documents and Settings\Ajfel\Data aplikací\Ubisoft
2011-07-28 21:38:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Anti-phishing Domain Advisor
2011-07-28 21:38:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\EmailNotifier
2011-07-28 21:38:41 ----D---- C:\Documents and Settings\Ajfel\Data aplikací\wbtooltb
2011-07-28 21:38:38 ----D---- C:\Program Files\wbtooltb
2011-07-28 21:38:34 ----D---- C:\Program Files\Yontoo Layers Runtime
2011-07-28 21:38:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
2011-07-26 18:02:55 ----A---- C:\windows\system32\drivers\pccsmcfd.sys
2011-07-26 18:02:45 ----D---- C:\Program Files\PC Connectivity Solution
2011-07-26 18:02:16 ----A---- C:\windows\system32\drivers\nmwcdnsuc.sys
2011-07-26 18:02:16 ----A---- C:\windows\system32\drivers\nmwcdnsu.sys
2011-07-26 18:02:15 ----A---- C:\windows\system32\drivers\usbser_lowerfltj.sys
2011-07-26 18:02:14 ----A---- C:\windows\system32\drivers\usbser_lowerflt.sys
2011-07-26 18:02:13 ----A---- C:\windows\system32\drivers\ccdcmbo.sys
2011-07-26 18:02:12 ----A---- C:\windows\system32\drivers\ccdcmb.sys
2011-07-26 17:58:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
2011-07-22 10:14:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\TomTom
2011-07-22 10:11:22 ----D---- C:\Documents and Settings\Ajfel\Data aplikací\TomTom
2011-07-22 10:11:16 ----D---- C:\Program Files\TomTom International B.V
2011-07-22 10:10:52 ----D---- C:\Program Files\TomTom HOME 2

======List of files/folders modified in the last 1 month======

2011-08-19 19:30:57 ----D---- C:\windows\Temp
2011-08-19 19:30:11 ----RD---- C:\Program Files
2011-08-19 19:25:51 ----SHD---- C:\System Volume Information
2011-08-19 19:23:10 ----A---- C:\windows\SchedLgU.Txt
2011-08-19 19:10:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2011-08-19 18:52:28 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-08-19 17:57:23 ----D---- C:\Documents and Settings\Ajfel\Data aplikací\Skype
2011-08-19 17:49:02 ----D---- C:\WINDOWS
2011-08-19 14:05:25 ----D---- C:\windows\Prefetch
2011-08-18 23:02:26 ----D---- C:\windows\system32\CatRoot2
2011-08-18 19:27:40 ----D---- C:\Documents and Settings\Ajfel\Data aplikací\ICQ
2011-08-18 16:32:24 ----SHD---- C:\windows\Installer
2011-08-18 14:42:44 ----D---- C:\Program Files\Mozilla Firefox
2011-08-18 11:27:09 ----D---- C:\windows\system32
2011-08-17 20:23:24 ----D---- C:\Program Files\TuneUp Utilities 2011
2011-08-16 19:21:21 ----HD---- C:\windows\inf
2011-08-16 16:23:45 ----D---- C:\windows\system32\drivers
2011-08-16 16:21:10 ----DC---- C:\windows\system32\DRVSTORE
2011-08-16 16:17:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2011-08-15 21:47:38 ----D---- C:\Program Files\Common Files
2011-08-15 21:47:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2011-08-15 18:12:39 ----D---- C:\Documents and Settings\Ajfel\Data aplikací\GeoGet
2011-08-15 13:19:14 ----A---- C:\windows\system32\TURegOpt.exe
2011-08-11 15:37:06 ----D---- C:\windows\system32\CatRoot
2011-08-10 23:52:32 ----D---- C:\windows\Help
2011-08-10 23:52:09 ----RSHDC---- C:\windows\system32\dllcache
2011-08-10 23:52:01 ----D---- C:\Program Files\NVIDIA Corporation
2011-08-10 23:51:54 ----D---- C:\windows\system32\ReinstallBackups
2011-08-10 19:18:02 ----RSD---- C:\windows\assembly
2011-08-10 19:18:02 ----D---- C:\windows\Microsoft.NET
2011-08-10 18:36:23 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-08-10 18:35:53 ----D---- C:\windows\WinSxS
2011-08-10 18:33:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-08-10 18:33:18 ----A---- C:\windows\imsins.BAK
2011-08-10 18:33:14 ----HD---- C:\windows\$hf_mig$
2011-08-10 18:28:42 ----A---- C:\windows\system32\MRT.exe
2011-08-10 18:23:28 ----D---- C:\Program Files\Internet Explorer
2011-08-10 18:23:16 ----D---- C:\windows\ie8updates
2011-08-09 18:34:48 ----D---- C:\windows\Minidump
2011-08-05 21:07:54 ----D---- C:\windows\system32\DirectX
2011-08-05 21:00:32 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-03 13:49:00 ----A---- C:\windows\system32\OpenCL.dll
2011-08-03 13:49:00 ----A---- C:\windows\system32\nvwddi.dll
2011-08-03 13:49:00 ----A---- C:\windows\system32\nvsvc32.exe
2011-08-03 13:49:00 ----A---- C:\windows\system32\nvoglnt.dll
2011-08-03 13:49:00 ----A---- C:\windows\system32\nvmctray.dll
2011-08-03 13:49:00 ----A---- C:\windows\system32\nvgenco32.dll
2011-08-03 13:49:00 ----A---- C:\windows\system32\nvdispco32.dll
2011-08-03 13:49:00 ----A---- C:\windows\system32\nvcuvid.dll
2011-08-03 13:49:00 ----A---- C:\windows\system32\nvcuvenc.dll
2011-08-03 13:49:00 ----A---- C:\windows\system32\nvcuda.dll
2011-08-03 13:49:00 ----A---- C:\windows\system32\nvcpl.dll
2011-08-03 13:49:00 ----A---- C:\windows\system32\nvcompiler.dll
2011-08-03 13:49:00 ----A---- C:\windows\system32\nvcolor.exe
2011-08-03 13:49:00 ----A---- C:\windows\system32\nvapi.dll
2011-08-03 13:49:00 ----A---- C:\windows\system32\nv4_disp.dll
2011-08-03 13:49:00 ----A---- C:\windows\system32\easyupdatusapiu.dll
2011-07-28 21:38:42 ----D---- C:\Documents and Settings\Ajfel\Data aplikací\Mozilla
2011-07-27 22:36:25 ----A---- C:\windows\NeroDigital.ini
2011-07-26 18:03:25 ----D---- C:\Program Files\Common Files\Nokia
2011-07-26 18:03:00 ----D---- C:\Program Files\Nokia
2011-07-26 18:02:34 ----D---- C:\windows\system32\drivers\UMDF
2011-07-25 17:08:54 ----A---- C:\windows\system32\mshtml.dll
2011-07-21 21:33:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2011-07-21 21:32:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nokia

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\windows\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-01-21 691696]
R0 SymDS;Symantec Data Store; C:\windows\system32\drivers\N360\0501000.01D\SYMDS.SYS [2011-01-27 340088]
R0 SymEFA;Symantec Extended File Attributes; C:\windows\system32\drivers\N360\0501000.01D\SYMEFA.SYS [2011-03-15 744568]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\windows\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20110812.001\BHDrvx86.sys []
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir; C:\windows\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\windows\system32\drivers\N360\0501000.01D\SRTSPX.SYS [2011-03-31 50168]
R1 SymIRON;Symantec Iron Driver; C:\windows\system32\drivers\N360\0501000.01D\Ironx86.SYS [2010-11-16 136312]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\windows\System32\Drivers\N360\0501000.01D\SYMTDI.SYS [2011-03-22 369784]
R2 DgiVecp;Team MFP Comm Driver; C:\windows\System32\Drivers\DgiVecp.sys [2003-07-29 40448]
R2 eamon;eamon; C:\windows\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R3 Arp1394;Protokol 1394 ARP Client; C:\windows\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\windows\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2010-08-21 26600]
R3 HidUsb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20110818.030\IDSxpx86.sys []
R3 mouhid;Ovladač myši standardu HID; C:\windows\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110819.007\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110819.007\NAVEX15.SYS []
R3 NIC1394;1394 Net Driver; C:\windows\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2011-08-03 12542592]
R3 ossrv;Creative OS Services Driver; C:\windows\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P17;Sound Blaster Audigy; C:\windows\system32\drivers\P17.sys [2005-07-07 1389056]
R3 PSI;PSI; C:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\windows\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 SRTSP;Symantec Real Time Storage Protection; C:\windows\System32\Drivers\N360\0501000.01D\SRTSP.SYS [2011-03-31 516216]
R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT.SYS []
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys []
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 ack4qze6;ack4qze6; C:\windows\system32\drivers\ack4qze6.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\E:\install4\MSICPL.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 SYMFW;Symantec Network Filter Driver; \??\C:\windows\system32\drivers\N360\0300000.086\SYMFW.SYS []
S3 SYMIDS;Symantec Network Filter Driver; \??\C:\windows\system32\drivers\N360\0300000.086\SYMIDS.SYS []
S3 SYMNDIS;Symantec Network Filter Driver; \??\C:\windows\system32\drivers\N360\0300000.086\SYMNDIS.SYS []
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-05-18 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\windows\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Active@ Disk Monitor;Active@ Disk Monitor; C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [2009-09-02 1127944]
R2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe [2011-04-17 130008]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvsvc32.exe [2011-08-03 146024]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2011-04-06 66872]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [2010-12-21 987704]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [2010-12-21 399416]
R2 SoundService1;Sound service; C:\Program Files\Phone spy 93\SoundService.exe [2008-09-02 556544]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-08-15 1526080]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 wxpdrivers;wxpdrivers; C:\Documents and Settings\Ajfel\Local Settings\Temporary Internet Files\Content.IE5\VMSLDLFU\Flash-Player[1].exe [2011-08-19 1215488]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

Zdravím, nejdříve ponech v PC pouze jeden antivir.

Tohle fixni v HJT :

R3 - URLSearchHook: (no name) - - (no file)
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MST" WISE_SETUP_EXE_PATH="c:\nvidia\displaydriver\195.62\winxp\english\PhysX_9.09.0814_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1757981266-838170752-725345543-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

HJT najdeš zde :

C:\Program Files\trend micro\Ajfel.exe

Fix znamená že spustíš HJT

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

wxpdrivers

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!