Prosím o zkontrolování logu

[icekate]

Logfile of random's system information tool 1.09 (written by random/random)
Run by u at 2011-09-21 18:45:07
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 224 GB (76%) free of 297 GB
Total RAM: 2814 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:45:22, on 21.9.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19120)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\u\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\u.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml ... hfmvbL5ZvQ
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NVIDIA driver monitor] c:\users\public\nvsvc32.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: ICM_UpdaterService Disp (ICM_UpdaterService) - Unknown owner - C:\Program Files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6605 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Norton Security Scan for u.job

=========Mozilla firefox=========

ProfilePath - C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0, {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3, toolbar@ask.com:3.11.3.15590, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.3.1&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\
askcom.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
inbox-hledat.xml
inbox-hledn.xml
mywebsearch.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]
PriceGongBHO Class - C:\Program Files\PriceGong\2.1.0\PriceGongIE.dll [2010-08-18 353656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-10-08 322104]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1537320]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-07-04 3493720]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]
"DivX Download Manager"=C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe start []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"NPSStartup"= []
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2011-08-22 958352]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2011-08-22 3507088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
"NVIDIA driver monitor"=c:\users\public\nvsvc32.exe []
""= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.ffds"=ffdshow.ax
"msacm.ac3filter"=ac3filter.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-09-21 18:45:07 ----D---- C:\rsit
2011-09-21 18:45:07 ----D---- C:\Program Files\trend micro
2011-09-18 05:48:08 ----D---- C:\Temp
2011-09-18 05:35:31 ----A---- C:\Windows\system32\drivers\dgderdrv.sys
2011-09-18 05:35:31 ----A---- C:\Windows\system32\DIFxAPI.dll
2011-09-18 05:35:31 ----A---- C:\Windows\system32\dgderapi.dll
2011-08-24 21:53:19 ----A---- C:\Windows\system32\tzres.dll
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bwhnt.sys
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bwh.sys
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bserd.sys
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bmdm.sys
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bmdfl.sys
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bcmnt.sys
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bcm.sys
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bbus.sys
2011-08-24 00:46:16 ----A---- C:\Windows\system32\FsUsbExService.Exe
2011-08-24 00:46:16 ----A---- C:\Windows\system32\FsUsbExDisk.Sys
2011-08-24 00:46:16 ----A---- C:\Windows\system32\FsUsbExDevice.Dll
2011-08-23 21:05:16 ----D---- C:\Program Files\Zrychleni Pocitace
2011-08-23 20:31:21 ----A---- C:\Windows\system32\Redemption.dll
2011-08-23 20:30:31 ----D---- C:\Program Files\MarkAny
2011-08-23 20:28:33 ----D---- C:\Users\u\AppData\Roaming\Samsung
2011-08-23 20:28:20 ----D---- C:\ProgramData\Samsung
2011-08-23 20:28:20 ----D---- C:\Program Files\Samsung

======List of files/folders modified in the last 1 month======

2011-09-21 18:45:12 ----D---- C:\Windows\Temp
2011-09-21 18:45:07 ----RD---- C:\Program Files
2011-09-21 18:33:38 ----D---- C:\Windows\Debug
2011-09-21 18:33:38 ----D---- C:\Windows
2011-09-21 18:25:31 ----SHD---- C:\Windows\Installer
2011-09-21 18:25:30 ----SHD---- C:\Config.Msi
2011-09-21 18:25:19 ----SHD---- C:\System Volume Information
2011-09-21 18:19:44 ----HD---- C:\ProgramData
2011-09-21 18:16:30 ----D---- C:\ProgramData\DivX
2011-09-21 18:16:29 ----D---- C:\Program Files\Common Files\PX Storage Engine
2011-09-21 18:16:26 ----D---- C:\Program Files\Common Files
2011-09-21 18:16:14 ----D---- C:\Windows\System32
2011-09-21 18:15:21 ----D---- C:\Windows\Tasks
2011-09-21 18:13:16 ----D---- C:\Windows\system32\catroot2
2011-09-21 16:44:16 ----D---- C:\Windows\inf
2011-09-21 16:44:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-20 23:39:16 ----RSD---- C:\Windows\assembly
2011-09-20 23:39:16 ----D---- C:\Windows\Microsoft.NET
2011-09-18 06:47:49 ----HD---- C:\Program Files\InstallShield Installation Information
2011-09-18 06:47:41 ----D---- C:\Windows\winsxs
2011-09-18 06:16:47 ----D---- C:\Windows\LiveKernelReports
2011-09-18 05:40:22 ----D---- C:\Windows\system32\catroot
2011-09-18 05:35:31 ----D---- C:\Windows\system32\drivers
2011-09-18 05:23:05 ----D---- C:\Program Files\PC Connectivity Solution
2011-09-18 05:22:40 ----D---- C:\ProgramData\NokiaInstallerCache
2011-09-18 05:14:34 ----SD---- C:\Users\u\AppData\Roaming\Microsoft
2011-09-18 03:40:20 ----D---- C:\Program Files\Windows Mail
2011-09-18 03:31:13 ----A---- C:\Windows\system32\mrt.exe
2011-09-14 22:26:31 ----D---- C:\Windows\Prefetch
2011-09-10 18:18:21 ----D---- C:\Program Files\Mozilla Firefox
2011-08-26 10:00:36 ----D---- C:\Windows\rescache
2011-08-25 21:02:23 ----D---- C:\Windows\system32\cs-CZ
2011-08-23 20:33:19 ----D---- C:\Windows\system32\Samsung_USB_Drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 43608]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-12-20 1093120]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-10-03 222208]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-10 43040]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-23 9791072]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-24 14848]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 212400]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver; C:\Windows\system32\DRIVERS\SE1008mdm.sys [2009-02-18 58536]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2010-04-27 100224]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-07-04 42184]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-02 136176]
S2 ICM_UpdaterService;ICM_UpdaterService Disp; C:\Program Files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-02 136176]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------


předem děkuji za odpověd.

[vyosek]

Zdravim, pekny vecer preji a vitam vas u nas na foru

Nejakou tu havet si tam chovate, tak s ni zatocime

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[icekate]

ComboFix 11-09-21.03 - u 21.09.2011 19:59:00.2.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.2814.1433 [GMT 2:00]
Spuštěný z: c:\users\u\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\FunWebProducts
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\users\u\AppData\Roaming\Local
c:\users\u\AppData\Roaming\Local\Temp\DDM\Settings\.ddr
c:\users\u\AppData\Roaming\Local\Temp\DDM\Settings\1.ddi
c:\users\u\AppData\Roaming\Local\Temp\DDM\Settings\Inception_Trailer_592.divx.ddr
c:\users\u\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\u\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp
c:\users\u\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Inception_Trailer_592.divx
c:\users\u\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\rbkusunrnrkw.avi.ddp
c:\users\u\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\y1pojonbrf4ku.avi.ddp
c:\users\u\AppData\Roaming\Local\Temp\DDM\Settings\y1pojonbrf4ku.avi.ddr
c:\windows\system32\odbcad32.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-21 do 2011-09-21 )))))))))))))))))))))))))))))))
.
.
2011-09-21 18:19 . 2011-09-21 18:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-21 18:19 . 2011-09-21 18:20 -------- d-----w- c:\users\u\AppData\Local\temp
2011-09-21 16:45 . 2011-09-21 16:45 -------- d-----w- C:\rsit
2011-09-21 16:45 . 2011-09-21 16:45 -------- d-----w- c:\program files\trend micro
2011-09-20 19:15 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{967C910E-701E-4973-8977-B19DDEA3B02E}\mpengine.dll
2011-09-18 03:48 . 2011-09-18 03:48 -------- d-----w- C:\Temp
2011-09-18 03:46 . 2011-09-18 03:46 -------- d-----w- c:\users\u\AppData\Local\Samsung
2011-09-18 03:35 . 2011-07-26 15:26 821824 ----a-w- c:\windows\system32\dgderapi.dll
2011-09-18 03:35 . 2011-07-26 15:26 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2011-09-18 03:35 . 2011-07-26 15:26 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2011-09-18 03:14 . 2011-09-18 03:14 118784 ----a-r- c:\users\u\AppData\Roaming\Microsoft\Installer\{0C485220-4029-48E7-9F27-965DA4A78D5E}\NewShortcut1_0C485220402948E79F27965DA4A78D5E.exe
2011-09-18 03:14 . 2011-09-18 03:14 118784 ----a-r- c:\users\u\AppData\Roaming\Microsoft\Installer\{0C485220-4029-48E7-9F27-965DA4A78D5E}\ARPPRODUCTICON.exe
2011-09-15 21:28 . 2011-08-10 12:14 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-08-24 19:53 . 2011-07-11 13:25 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-24 09:50 . 2010-04-27 02:25 98432 ----a-w- c:\windows\system32\drivers\ss_bbus.sys
2011-08-24 09:50 . 2010-04-27 02:25 14848 ----a-w- c:\windows\system32\drivers\ss_bmdfl.sys
2011-08-24 09:50 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcmnt.sys
2011-08-24 09:50 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcm.sys
2011-08-24 09:50 . 2010-04-27 02:25 123648 ----a-w- c:\windows\system32\drivers\ss_bmdm.sys
2011-08-24 09:50 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwhnt.sys
2011-08-24 09:50 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwh.sys
2011-08-24 09:50 . 2010-04-27 02:25 100224 ----a-w- c:\windows\system32\drivers\ss_bserd.sys
2011-08-23 22:46 . 2010-07-04 17:07 238952 ----a-w- c:\windows\system32\FsUsbExService.Exe
2011-08-23 22:46 . 2010-06-14 07:32 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
2011-08-23 22:46 . 2010-06-14 07:32 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll
2011-08-23 19:05 . 2011-08-23 22:15 -------- d-----w- c:\program files\Zrychleni Pocitace
2011-08-23 18:31 . 2011-07-26 15:26 4659712 ----a-w- c:\windows\system32\Redemption.dll
2011-08-23 18:30 . 2011-08-23 18:30 -------- d-----w- c:\program files\MarkAny
2011-08-23 18:28 . 2011-09-18 04:48 -------- d-----w- c:\users\u\AppData\Roaming\Samsung
2011-08-23 18:28 . 2011-09-18 03:34 -------- d-----w- c:\programdata\Samsung
2011-08-23 18:28 . 2011-09-18 03:33 -------- d-----w- c:\program files\Samsung
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-14 13:53 . 2011-05-14 21:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-26 15:26 . 2011-07-26 15:26 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-07-26 15:26 . 2011-07-26 15:26 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-07-26 15:26 . 2011-07-26 15:26 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-07-26 15:26 . 2011-07-26 15:26 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2011-07-26 15:26 . 2011-07-26 15:26 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26 569344 ----a-w- c:\windows\system32\muzdecode.ax
2011-07-26 15:26 . 2011-07-26 15:26 491520 ----a-w- c:\windows\system32\muzapp.dll
2011-07-26 15:26 . 2011-07-26 15:26 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2011-07-26 15:26 . 2011-07-26 15:26 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2011-07-26 15:26 . 2011-07-26 15:26 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2011-07-26 15:26 . 2011-07-26 15:26 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2011-07-26 15:26 . 2011-07-26 15:26 40960 ----a-w- c:\windows\system32\MAMACExtract.dll
2011-07-26 15:26 . 2011-07-26 15:26 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2011-07-26 15:26 . 2011-07-26 15:26 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2011-07-26 15:26 . 2011-07-26 15:26 245760 ----a-w- c:\windows\system32\MSCLib.dll
2011-07-26 15:26 . 2011-07-26 15:26 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe
2011-07-26 15:26 . 2011-07-26 15:26 200704 ----a-w- c:\windows\system32\muzwmts.dll
2011-07-26 15:26 . 2011-07-26 15:26 172032 ----a-w- c:\windows\system32\muzapp.exe
2011-07-26 15:26 . 2011-07-26 15:26 155648 ----a-w- c:\windows\system32\MSFLib.dll
2011-07-26 15:26 . 2011-07-26 15:26 143360 ----a-w- c:\windows\system32\3DAudio.ax
2011-07-26 15:26 . 2011-07-26 15:26 14336 ----a-w- c:\windows\system32\TBMC374.tmp
2011-07-26 15:26 . 2011-07-26 15:26 14336 ----a-w- c:\windows\system32\TBM9655.tmp
2011-07-26 15:26 . 2011-07-26 15:26 14336 ----a-w- c:\windows\system32\TBM6B32.tmp
2011-07-26 15:26 . 2011-07-26 15:26 135168 ----a-w- c:\windows\system32\muzaf1.dll
2011-07-26 15:26 . 2011-07-26 15:26 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2011-07-26 15:26 . 2011-07-26 15:26 122880 ----a-w- c:\windows\system32\muzeffect.ax
2011-07-26 15:26 . 2011-07-26 15:26 118784 ----a-w- c:\windows\system32\MaDRM.dll
2011-07-26 15:26 . 2011-07-26 15:26 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2011-07-23 11:04 . 2011-08-09 21:48 916480 ----a-w- c:\windows\system32\wininet.dll
2011-07-23 11:00 . 2011-08-09 21:48 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-07-23 10:59 . 2011-08-09 21:48 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-07-23 10:59 . 2011-08-09 21:48 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-07-23 10:59 . 2011-08-09 21:48 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-07-23 10:03 . 2011-08-09 21:48 385024 ----a-w- c:\windows\system32\html.iec
2011-07-23 09:27 . 2011-08-09 21:48 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-07-23 09:25 . 2011-08-09 21:48 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-06 15:31 . 2011-08-09 21:48 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-07-04 11:43 . 2011-05-22 09:18 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2010-04-17 16:24 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-05-22 09:18 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2010-04-17 16:25 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2010-04-17 16:25 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2010-04-17 16:25 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2010-04-17 16:25 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2010-04-17 16:25 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-10 16:18 . 2011-05-24 22:12 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-10-08 322104]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-06-18 1537320]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-05-27 413696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-08-22 958352]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-08-22 3507088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-02 136176]
R2 ICM_UpdaterService;ICM_UpdaterService Disp;c:\program files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-02 136176]
R3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver;c:\windows\system32\DRIVERS\SE1008mdm.sys [2009-02-18 58536]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2010-04-27 100224]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-04 238952]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-05-10 43040]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-02 14:13]
.
2011-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-02 14:13]
.
2011-09-17 c:\windows\Tasks\Norton Security Scan for u.job
- c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2011-01-30 00:27]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZRxdm674YYCZ&ptb=PVG7.QdNS8qKhfmvbL5ZvQ
mStart Page = hxxp://home.sweetim.com
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-DivX Download Manager - c:\program files\DivX\DivX Plus Web Player\DDmService.exe
HKLM-Run-NPSStartup - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-XP Codec Pack - c:\users\u\Desktop\XP Codec Pack\Uninstall.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-21 20:20
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-09-21 20:29:23
ComboFix-quarantined-files.txt 2011-09-21 18:28
.
Před spuštěním: Volných bajtů: 234 148 122 624
Po spuštění: Volných bajtů: 234 064 613 376
.
Current=1 Default=1 Failed=0 LastKnownGood=11 Sets=1,2,3,4,5,6,7,8,9,11
- - End Of File - - 63F0AF3C965B910F682DDB69550EBA1A

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  File::
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  C:\Windows\tasks\Norton Security Scan for u.job
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\askcom.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-1.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-10.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-11.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-12.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-13.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-14.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-15.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-16.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-17.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-18.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-19.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-2.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-3.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-4.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-5.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-6.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-7.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-8.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-9.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin.gif
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin.src
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\inbox-hledat.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\inbox-hledn.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\mywebsearch.xml
  C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\sweetim.xml
  
  Driver::
  gupdate
  gupdatem
  
  Registry::
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "NokiaMServer"=-
  "NeroFilterCheck"="-
  "NBKeyScan"=-
  "QuickTime Task"=-
  "Adobe ARM"=-
  
  DDS::
  uStart Page = hxxp://home.mywebsearch.com/index.jhtml ... hfmvbL5ZvQ
  mStart Page = hxxp://home.sweetim.com
  
  Firefox::
  FF - ProfilePath - c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\
  FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.2.9&q=
  FF - prefs.js: browser.search.selectedEngine - ICQ Search
  FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.3.1&q=
  
  RegLock::
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
  
  AtJob::
  
  FixCSet::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[icekate]

ComboFix 11-09-21.03 - u 21.09.2011 20:46:30.3.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.2814.1393 [GMT 2:00]
Spuštěný z: c:\users\u\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\u\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\askcom.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-1.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-10.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-11.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-12.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-13.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-14.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-15.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-16.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-17.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-18.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-19.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-2.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-3.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-4.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-5.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-6.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-7.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-8.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-9.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin.gif"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin.src"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\inbox-hledat.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\inbox-hledn.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\mywebsearch.xml"
"c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\sweetim.xml"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\Norton Security Scan for u.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\askcom.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-1.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-10.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-11.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-12.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-13.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-14.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-15.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-16.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-17.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-18.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-19.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-2.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-3.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-4.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-5.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-6.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-7.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-8.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin-9.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin.gif
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin.src
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\icqplugin.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\inbox-hledat.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\inbox-hledn.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\mywebsearch.xml
c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\searchplugins\sweetim.xml
c:\windows\iun6002.exe
c:\windows\system32\AutoRun.inf
c:\windows\system32\muzapp.exe
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\Norton Security Scan for u.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-21 do 2011-09-21 )))))))))))))))))))))))))))))))
.
.
2011-09-21 19:04 . 2011-09-21 19:08 -------- d-----w- c:\users\u\AppData\Local\temp
2011-09-21 16:45 . 2011-09-21 16:45 -------- d-----w- C:\rsit
2011-09-21 16:45 . 2011-09-21 16:45 -------- d-----w- c:\program files\trend micro
2011-09-20 19:15 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{967C910E-701E-4973-8977-B19DDEA3B02E}\mpengine.dll
2011-09-18 03:48 . 2011-09-18 03:48 -------- d-----w- C:\Temp
2011-09-18 03:46 . 2011-09-18 03:46 -------- d-----w- c:\users\u\AppData\Local\Samsung
2011-09-18 03:35 . 2011-07-26 15:26 821824 ----a-w- c:\windows\system32\dgderapi.dll
2011-09-18 03:35 . 2011-07-26 15:26 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2011-09-18 03:35 . 2011-07-26 15:26 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2011-09-18 03:14 . 2011-09-18 03:14 118784 ----a-r- c:\users\u\AppData\Roaming\Microsoft\Installer\{0C485220-4029-48E7-9F27-965DA4A78D5E}\NewShortcut1_0C485220402948E79F27965DA4A78D5E.exe
2011-09-18 03:14 . 2011-09-18 03:14 118784 ----a-r- c:\users\u\AppData\Roaming\Microsoft\Installer\{0C485220-4029-48E7-9F27-965DA4A78D5E}\ARPPRODUCTICON.exe
2011-09-15 21:28 . 2011-08-10 12:14 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-08-24 19:53 . 2011-07-11 13:25 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-24 09:50 . 2010-04-27 02:25 98432 ----a-w- c:\windows\system32\drivers\ss_bbus.sys
2011-08-24 09:50 . 2010-04-27 02:25 14848 ----a-w- c:\windows\system32\drivers\ss_bmdfl.sys
2011-08-24 09:50 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcmnt.sys
2011-08-24 09:50 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcm.sys
2011-08-24 09:50 . 2010-04-27 02:25 123648 ----a-w- c:\windows\system32\drivers\ss_bmdm.sys
2011-08-24 09:50 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwhnt.sys
2011-08-24 09:50 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwh.sys
2011-08-24 09:50 . 2010-04-27 02:25 100224 ----a-w- c:\windows\system32\drivers\ss_bserd.sys
2011-08-23 22:46 . 2010-07-04 17:07 238952 ----a-w- c:\windows\system32\FsUsbExService.Exe
2011-08-23 22:46 . 2010-06-14 07:32 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
2011-08-23 22:46 . 2010-06-14 07:32 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll
2011-08-23 19:05 . 2011-08-23 22:15 -------- d-----w- c:\program files\Zrychleni Pocitace
2011-08-23 18:31 . 2011-07-26 15:26 4659712 ----a-w- c:\windows\system32\Redemption.dll
2011-08-23 18:30 . 2011-08-23 18:30 -------- d-----w- c:\program files\MarkAny
2011-08-23 18:28 . 2011-09-18 04:48 -------- d-----w- c:\users\u\AppData\Roaming\Samsung
2011-08-23 18:28 . 2011-09-18 03:34 -------- d-----w- c:\programdata\Samsung
2011-08-23 18:28 . 2011-09-18 03:33 -------- d-----w- c:\program files\Samsung
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-14 13:53 . 2011-05-14 21:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-26 15:26 . 2011-07-26 15:26 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-07-26 15:26 . 2011-07-26 15:26 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-07-26 15:26 . 2011-07-26 15:26 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-07-26 15:26 . 2011-07-26 15:26 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2011-07-26 15:26 . 2011-07-26 15:26 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26 569344 ----a-w- c:\windows\system32\muzdecode.ax
2011-07-26 15:26 . 2011-07-26 15:26 491520 ----a-w- c:\windows\system32\muzapp.dll
2011-07-26 15:26 . 2011-07-26 15:26 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2011-07-26 15:26 . 2011-07-26 15:26 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2011-07-26 15:26 . 2011-07-26 15:26 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2011-07-26 15:26 . 2011-07-26 15:26 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2011-07-26 15:26 . 2011-07-26 15:26 40960 ----a-w- c:\windows\system32\MAMACExtract.dll
2011-07-26 15:26 . 2011-07-26 15:26 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2011-07-26 15:26 . 2011-07-26 15:26 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2011-07-26 15:26 . 2011-07-26 15:26 245760 ----a-w- c:\windows\system32\MSCLib.dll
2011-07-26 15:26 . 2011-07-26 15:26 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe
2011-07-26 15:26 . 2011-07-26 15:26 200704 ----a-w- c:\windows\system32\muzwmts.dll
2011-07-26 15:26 . 2011-07-26 15:26 155648 ----a-w- c:\windows\system32\MSFLib.dll
2011-07-26 15:26 . 2011-07-26 15:26 143360 ----a-w- c:\windows\system32\3DAudio.ax
2011-07-26 15:26 . 2011-07-26 15:26 14336 ----a-w- c:\windows\system32\TBMC374.tmp
2011-07-26 15:26 . 2011-07-26 15:26 14336 ----a-w- c:\windows\system32\TBM9655.tmp
2011-07-26 15:26 . 2011-07-26 15:26 14336 ----a-w- c:\windows\system32\TBM6B32.tmp
2011-07-26 15:26 . 2011-07-26 15:26 135168 ----a-w- c:\windows\system32\muzaf1.dll
2011-07-26 15:26 . 2011-07-26 15:26 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2011-07-26 15:26 . 2011-07-26 15:26 122880 ----a-w- c:\windows\system32\muzeffect.ax
2011-07-26 15:26 . 2011-07-26 15:26 118784 ----a-w- c:\windows\system32\MaDRM.dll
2011-07-26 15:26 . 2011-07-26 15:26 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2011-07-23 11:04 . 2011-08-09 21:48 916480 ----a-w- c:\windows\system32\wininet.dll
2011-07-23 11:00 . 2011-08-09 21:48 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-07-23 10:59 . 2011-08-09 21:48 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-07-23 10:59 . 2011-08-09 21:48 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-07-23 10:59 . 2011-08-09 21:48 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-07-23 10:03 . 2011-08-09 21:48 385024 ----a-w- c:\windows\system32\html.iec
2011-07-23 09:27 . 2011-08-09 21:48 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-07-23 09:25 . 2011-08-09 21:48 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-06 15:31 . 2011-08-09 21:48 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-07-04 11:43 . 2011-05-22 09:18 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2010-04-17 16:24 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-05-22 09:18 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2010-04-17 16:25 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2010-04-17 16:25 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2010-04-17 16:25 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2010-04-17 16:25 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2010-04-17 16:25 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-10 16:18 . 2011-05-24 22:12 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-10-08 322104]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-06-18 1537320]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-08-22 958352]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-08-22 3507088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ICM_UpdaterService;ICM_UpdaterService Disp;c:\program files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver;c:\windows\system32\DRIVERS\SE1008mdm.sys [2009-02-18 58536]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2010-04-27 100224]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-04 238952]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-05-10 43040]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\conime.exe
.
**************************************************************************
.
Celkový čas: 2011-09-21 21:16:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-21 19:14
ComboFix2.txt 2011-09-21 18:29
.
Před spuštěním: Volných bajtů: 235 053 580 288
Po spuštění: Volných bajtů: 234 829 078 528
.
- - End Of File - - D01462AC66432E68006889CB6DC40A41

[vyosek]

Jak se chova PC

[icekate]

Po poslední akci nešel spustit žádný prohlížeč, tak jak jste psali, pomohl restart.
Poslala jsem log a s počítačem zatím nepracuji a neprovádím žádné akce...
co mám vyzkoušet?

[vyosek]

Predpokladam, ze to psalo neco o neplatnem pokusu pri operaci s klicem ci neco podobneho ze...

Jeste jeden skript aplikujte, postup stejny, log pak sem. Pokud se situace bude opakovat, tak jen udelejte restart PC, nic nemackej, jen proste restartujte

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
"NeroFilterCheck"=-

Reboot::

Napiste ci nejsou problemy a jestli PC beha jak ma

[icekate]

po poslední provedené akci opět hláška s klíčem, pomohl restart, ale pc je výrazně rychlejší.
posílám poslední log


ComboFix 11-09-21.03 - u 21.09.2011 22:04:33.4.1 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.2814.1923 [GMT 2:00]
Spuštěný z: c:\users\u\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\u\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-21 do 2011-09-21 )))))))))))))))))))))))))))))))
.
.
2011-09-21 20:14 . 2011-09-21 20:21 -------- d-----w- c:\users\u\AppData\Local\temp
2011-09-21 20:14 . 2011-09-21 20:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-21 16:45 . 2011-09-21 16:45 -------- d-----w- C:\rsit
2011-09-21 16:45 . 2011-09-21 16:45 -------- d-----w- c:\program files\trend micro
2011-09-20 19:15 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{967C910E-701E-4973-8977-B19DDEA3B02E}\mpengine.dll
2011-09-18 03:48 . 2011-09-18 03:48 -------- d-----w- C:\Temp
2011-09-18 03:46 . 2011-09-18 03:46 -------- d-----w- c:\users\u\AppData\Local\Samsung
2011-09-18 03:35 . 2011-07-26 15:26 821824 ----a-w- c:\windows\system32\dgderapi.dll
2011-09-18 03:35 . 2011-07-26 15:26 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2011-09-18 03:35 . 2011-07-26 15:26 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2011-09-18 03:14 . 2011-09-18 03:14 118784 ----a-r- c:\users\u\AppData\Roaming\Microsoft\Installer\{0C485220-4029-48E7-9F27-965DA4A78D5E}\NewShortcut1_0C485220402948E79F27965DA4A78D5E.exe
2011-09-18 03:14 . 2011-09-18 03:14 118784 ----a-r- c:\users\u\AppData\Roaming\Microsoft\Installer\{0C485220-4029-48E7-9F27-965DA4A78D5E}\ARPPRODUCTICON.exe
2011-09-15 21:28 . 2011-08-10 12:14 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2011-09-05 17:04 . 2011-09-05 17:04 183696 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-08-24 19:53 . 2011-07-11 13:25 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-24 09:50 . 2010-04-27 02:25 98432 ----a-w- c:\windows\system32\drivers\ss_bbus.sys
2011-08-24 09:50 . 2010-04-27 02:25 14848 ----a-w- c:\windows\system32\drivers\ss_bmdfl.sys
2011-08-24 09:50 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcmnt.sys
2011-08-24 09:50 . 2010-04-27 02:25 12416 ----a-w- c:\windows\system32\drivers\ss_bcm.sys
2011-08-24 09:50 . 2010-04-27 02:25 123648 ----a-w- c:\windows\system32\drivers\ss_bmdm.sys
2011-08-24 09:50 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwhnt.sys
2011-08-24 09:50 . 2010-04-27 02:25 12288 ----a-w- c:\windows\system32\drivers\ss_bwh.sys
2011-08-24 09:50 . 2010-04-27 02:25 100224 ----a-w- c:\windows\system32\drivers\ss_bserd.sys
2011-08-23 22:46 . 2010-07-04 17:07 238952 ----a-w- c:\windows\system32\FsUsbExService.Exe
2011-08-23 22:46 . 2010-06-14 07:32 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys
2011-08-23 22:46 . 2010-06-14 07:32 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll
2011-08-23 19:05 . 2011-08-23 22:15 -------- d-----w- c:\program files\Zrychleni Pocitace
2011-08-23 18:31 . 2011-07-26 15:26 4659712 ----a-w- c:\windows\system32\Redemption.dll
2011-08-23 18:30 . 2011-08-23 18:30 -------- d-----w- c:\program files\MarkAny
2011-08-23 18:28 . 2011-09-18 04:48 -------- d-----w- c:\users\u\AppData\Roaming\Samsung
2011-08-23 18:28 . 2011-09-18 03:34 -------- d-----w- c:\programdata\Samsung
2011-08-23 18:28 . 2011-09-18 03:33 -------- d-----w- c:\program files\Samsung
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-14 13:53 . 2011-05-14 21:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-26 15:26 . 2011-07-26 15:26 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-07-26 15:26 . 2011-07-26 15:26 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-07-26 15:26 . 2011-07-26 15:26 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-07-26 15:26 . 2011-07-26 15:26 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2011-07-26 15:26 . 2011-07-26 15:26 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2011-07-26 15:26 . 2011-07-26 15:26 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2011-07-26 15:26 . 2011-07-26 15:26 569344 ----a-w- c:\windows\system32\muzdecode.ax
2011-07-26 15:26 . 2011-07-26 15:26 491520 ----a-w- c:\windows\system32\muzapp.dll
2011-07-26 15:26 . 2011-07-26 15:26 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2011-07-26 15:26 . 2011-07-26 15:26 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2011-07-26 15:26 . 2011-07-26 15:26 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2011-07-26 15:26 . 2011-07-26 15:26 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2011-07-26 15:26 . 2011-07-26 15:26 40960 ----a-w- c:\windows\system32\MAMACExtract.dll
2011-07-26 15:26 . 2011-07-26 15:26 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2011-07-26 15:26 . 2011-07-26 15:26 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2011-07-26 15:26 . 2011-07-26 15:26 245760 ----a-w- c:\windows\system32\MSCLib.dll
2011-07-26 15:26 . 2011-07-26 15:26 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe
2011-07-26 15:26 . 2011-07-26 15:26 200704 ----a-w- c:\windows\system32\muzwmts.dll
2011-07-26 15:26 . 2011-07-26 15:26 155648 ----a-w- c:\windows\system32\MSFLib.dll
2011-07-26 15:26 . 2011-07-26 15:26 143360 ----a-w- c:\windows\system32\3DAudio.ax
2011-07-26 15:26 . 2011-07-26 15:26 14336 ----a-w- c:\windows\system32\TBMC374.tmp
2011-07-26 15:26 . 2011-07-26 15:26 14336 ----a-w- c:\windows\system32\TBM9655.tmp
2011-07-26 15:26 . 2011-07-26 15:26 14336 ----a-w- c:\windows\system32\TBM6B32.tmp
2011-07-26 15:26 . 2011-07-26 15:26 135168 ----a-w- c:\windows\system32\muzaf1.dll
2011-07-26 15:26 . 2011-07-26 15:26 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2011-07-26 15:26 . 2011-07-26 15:26 122880 ----a-w- c:\windows\system32\muzeffect.ax
2011-07-26 15:26 . 2011-07-26 15:26 118784 ----a-w- c:\windows\system32\MaDRM.dll
2011-07-26 15:26 . 2011-07-26 15:26 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2011-07-23 11:04 . 2011-08-09 21:48 916480 ----a-w- c:\windows\system32\wininet.dll
2011-07-23 11:00 . 2011-08-09 21:48 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-07-23 10:59 . 2011-08-09 21:48 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-07-23 10:59 . 2011-08-09 21:48 71680 ----a-w- c:\windows\system32\iesetup.dll
2011-07-23 10:59 . 2011-08-09 21:48 109056 ----a-w- c:\windows\system32\iesysprep.dll
2011-07-23 10:03 . 2011-08-09 21:48 385024 ----a-w- c:\windows\system32\html.iec
2011-07-23 09:27 . 2011-08-09 21:48 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2011-07-23 09:25 . 2011-08-09 21:48 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-06 15:31 . 2011-08-09 21:48 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-07-04 11:43 . 2011-05-22 09:18 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2010-04-17 16:24 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-05-22 09:18 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2010-04-17 16:25 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2010-04-17 16:25 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2010-04-17 16:25 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2010-04-17 16:25 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2010-04-17 16:25 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-10 16:18 . 2011-05-24 22:12 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-10-08 322104]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-06-18 1537320]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-08-22 958352]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-08-22 3507088]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ICM_UpdaterService;ICM_UpdaterService Disp;c:\program files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver;c:\windows\system32\DRIVERS\SE1008mdm.sys [2009-02-18 58536]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2010-04-27 100224]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-04 238952]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-05-10 43040]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-21 22:18
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\system32\conime.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkový čas: 2011-09-21 22:28:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-21 20:28
ComboFix2.txt 2011-09-21 19:16
ComboFix3.txt 2011-09-21 18:29
.
Před spuštěním: Volných bajtů: 234 741 039 104
Po spuštění: Volných bajtů: 234 614 198 272
.
- - End Of File - - 5EE74E61C3E61551C115089E4E24E7FE

[vyosek]

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Poprosim o novy log z RSIT a napiste jak se chova nas pacient, ci je jiz vse OK

[icekate]

pacient pracuje mnohem rychleji a zasílám poslední log



Logfile of random's system information tool 1.09 (written by random/random)
Run by u at 2011-09-21 23:58:43
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 224 GB (75%) free of 297 GB
Total RAM: 2814 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:59:04, on 21.9.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19120)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\u\Desktop\CLEAN\RSIT.exe
C:\Program Files\trend micro\u.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: ICM_UpdaterService Disp (ICM_UpdaterService) - Unknown owner - C:\Program Files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 5154 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0, {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3, toolbar@ask.com:3.11.3.15590, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\u\AppData\Roaming\Mozilla\Firefox\Profiles\meu6rco4.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-10-08 322104]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-18 1537320]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2011-08-22 958352]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2011-08-22 3507088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.ffds"=ffdshow.ax
"msacm.ac3filter"=ac3filter.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-09-21 23:16:49 ----D---- C:\ProgramData\Spybot - Search & Destroy
2011-09-21 23:16:49 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-09-21 23:13:33 ----AD---- C:\ProgramData\TEMP
2011-09-21 23:13:22 ----A---- C:\Windows\system32\MSSTDFMT.DLL
2011-09-21 23:13:21 ----D---- C:\Program Files\SpywareBlaster
2011-09-21 23:00:07 ----D---- C:\rsit
2011-09-21 22:43:07 ----SD---- C:\32788R22FWJFW
2011-09-21 22:27:37 ----SHD---- C:\$RECYCLE.BIN
2011-09-21 22:14:34 ----D---- C:\Windows\temp
2011-09-21 19:35:30 ----D---- C:\Windows\ERDNT
2011-09-21 18:45:07 ----D---- C:\Program Files\trend micro
2011-09-18 05:48:08 ----D---- C:\Temp
2011-09-18 05:35:31 ----A---- C:\Windows\system32\drivers\dgderdrv.sys
2011-09-18 05:35:31 ----A---- C:\Windows\system32\DIFxAPI.dll
2011-09-18 05:35:31 ----A---- C:\Windows\system32\dgderapi.dll
2011-08-24 21:53:19 ----A---- C:\Windows\system32\tzres.dll
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bwhnt.sys
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bwh.sys
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bserd.sys
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bmdm.sys
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bmdfl.sys
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bcmnt.sys
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bcm.sys
2011-08-24 11:50:44 ----A---- C:\Windows\system32\drivers\ss_bbus.sys
2011-08-24 00:46:16 ----A---- C:\Windows\system32\FsUsbExService.Exe
2011-08-24 00:46:16 ----A---- C:\Windows\system32\FsUsbExDisk.Sys
2011-08-24 00:46:16 ----A---- C:\Windows\system32\FsUsbExDevice.Dll
2011-08-23 21:05:16 ----D---- C:\Program Files\Zrychleni Pocitace
2011-08-23 20:31:21 ----A---- C:\Windows\system32\Redemption.dll
2011-08-23 20:30:31 ----D---- C:\Program Files\MarkAny
2011-08-23 20:28:33 ----D---- C:\Users\u\AppData\Roaming\Samsung
2011-08-23 20:28:20 ----D---- C:\ProgramData\Samsung
2011-08-23 20:28:20 ----D---- C:\Program Files\Samsung

======List of files/folders modified in the last 1 month======

2011-09-21 23:21:48 ----D---- C:\Windows\system32\drivers\etc
2011-09-21 23:16:49 ----RD---- C:\Program Files
2011-09-21 23:16:49 ----D---- C:\ProgramData
2011-09-21 23:13:22 ----D---- C:\Windows\System32
2011-09-21 22:56:45 ----D---- C:\Windows
2011-09-21 22:43:17 ----D---- C:\Windows\system32\drivers
2011-09-21 22:19:12 ----A---- C:\Windows\system.ini
2011-09-21 22:17:44 ----D---- C:\Windows\system32\WDI
2011-09-21 22:09:40 ----D---- C:\Windows\AppPatch
2011-09-21 22:09:38 ----D---- C:\Program Files\Common Files
2011-09-21 21:04:43 ----D---- C:\Windows\system32\config
2011-09-21 21:03:47 ----D---- C:\Windows\Tasks
2011-09-21 18:33:38 ----D---- C:\Windows\Debug
2011-09-21 18:25:31 ----SHD---- C:\Windows\Installer
2011-09-21 18:25:30 ----D---- C:\Config.Msi
2011-09-21 18:25:19 ----SHD---- C:\System Volume Information
2011-09-21 18:16:30 ----D---- C:\ProgramData\DivX
2011-09-21 18:16:29 ----D---- C:\Program Files\Common Files\PX Storage Engine
2011-09-21 18:13:16 ----D---- C:\Windows\system32\catroot2
2011-09-21 16:44:16 ----D---- C:\Windows\inf
2011-09-21 16:44:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-20 23:39:16 ----RSD---- C:\Windows\assembly
2011-09-20 23:39:16 ----D---- C:\Windows\Microsoft.NET
2011-09-18 06:47:49 ----HD---- C:\Program Files\InstallShield Installation Information
2011-09-18 06:47:41 ----D---- C:\Windows\winsxs
2011-09-18 06:16:47 ----D---- C:\Windows\LiveKernelReports
2011-09-18 05:40:22 ----D---- C:\Windows\system32\catroot
2011-09-18 05:23:05 ----D---- C:\Program Files\PC Connectivity Solution
2011-09-18 05:22:40 ----D---- C:\ProgramData\NokiaInstallerCache
2011-09-18 05:14:34 ----SD---- C:\Users\u\AppData\Roaming\Microsoft
2011-09-18 03:40:20 ----D---- C:\Program Files\Windows Mail
2011-09-18 03:31:13 ----A---- C:\Windows\system32\mrt.exe
2011-09-14 22:26:31 ----D---- C:\Windows\Prefetch
2011-09-10 18:18:21 ----D---- C:\Program Files\Mozilla Firefox
2011-08-26 10:00:36 ----D---- C:\Windows\rescache
2011-08-25 21:02:23 ----D---- C:\Windows\system32\cs-CZ
2011-08-23 20:33:19 ----D---- C:\Windows\system32\Samsung_USB_Drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-07-04 43608]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-12-20 1093120]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-10-03 222208]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-10 43040]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-23 9791072]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-24 14848]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-18 212400]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver; C:\Windows\system32\DRIVERS\SE1008mdm.sys [2009-02-18 58536]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2010-04-27 100224]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-07-04 42184]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2010-07-04 238952]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 ICM_UpdaterService;ICM_UpdaterService Disp; C:\Program Files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe []
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

[vyosek]

Log jiz tez vypada cisty

[icekate]

Mockrát Vám děkuji
Jste skvělí

[vyosek]

Nemate zac rad jsem pomohl

[icekate]

Prosím ještě jeden problémek
Po včerejším čištění mi zůstává po zapnutí pc antivirový program vypnutý....
Musím zapínat ručně