VIRY.CZ

zdravim,
zistene priznaky - pri prehliadani FB pada prehliadac (FF 3.6.20, ale tiez MSIE skusobne po rokoch pouzity)
- pred par dnami upgrade AVG z verzie 9.0 na AVG 2012, vyhodilo niekolko upozorneni, dnes -> Nálezy Rezidentního štítu
"Infekce";"Objekt";"Výsledek";"Čas nálezu";"Typ objektu";"Proces"
"Nalezen virus Win32/Heur";"e:\System Volume Information\_restore{DFF683EE-A6F8-4EBC-B1D8-3C1974B51129}\RP1588\A0202475.exe";"Objekt je nedostupný.";"9.11.2011, 11:38:23";"Soubor";"E:\WINDOWS\system32\svchost.exe"
"Nalezen virus Win32/Heur";"e:\System Volume Information\_restore{DFF683EE-A6F8-4EBC-B1D8-3C1974B51129}\RP1588\A0202475.exe";"Přesunuto do Virového trezoru";"9.11.2011, 11:22:06";"Soubor";"E:\WINDOWS\system32\svchost.exe"
"Trojský kůň Generic17.AHDM";"e:\System Volume Information\_restore{DFF683EE-A6F8-4EBC-B1D8-3C1974B51129}\RP1588\A0202474.exe";"Přesunuto do Virového trezoru";"7.11.2011, 14:22:49";"Soubor";"E:\WINDOWS\system32\svchost.exe"

prikladam log z RSIT a prosim o radu; dakujem

Logfile of random's system information tool 1.09 (written by random/random)
Run by User at 2011-11-09 14:47:24
Systém Microsoft Windows XP Professional Service Pack 2
System drive E: has 4 GB (18%) free of 22 GB
Total RAM: 1536 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:47:46, on 9.11.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\PROGRA~1\AVG\AVG2012\avgrsx.exe
E:\Program Files\AVG\AVG2012\avgcsrvx.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
E:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.exe
E:\Program Files\AVG\AVG2012\avgwdsvc.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\Program Files\Common Files\LightScribe\LSSrvc.exe
E:\WINDOWS\System32\nvsvc32.exe
E:\WINDOWS\system32\PrintCtrl.exe
E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
E:\Program Files\AVG\AVG2012\avgnsx.exe
E:\Program Files\AVG\AVG2012\avgemcx.exe
E:\Program Files\Canon\CAL\CALMAIN.exe
E:\WINDOWS\system32\wscntfy.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\htpatch.exe
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\WINDOWS\system32\PrintDisp.exe
E:\Program Files\AVG\AVG2012\avgtray.exe
E:\Program Files\Skype\Phone\Skype.exe
E:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe
E:\Program Files\AVG\AVG2012\avgcsrvx.exe
E:\Program Files\Microsoft Office\Office\1029\msoffice.exe
E:\Program Files\Skype\Plugin Manager\skypePM.exe
E:\totalcmd\TOTALCMD.EXE
X:\software\antivir\RSIT.exe
E:\Program Files\trend micro\User.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Freecorder - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files\Freecorder\prxtbFre0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - E:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files\Freecorder\prxtbFre0.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [HTpatch] E:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [PrintDisp] E:\WINDOWS\system32\PrintDisp.exe
O4 - HKLM\..\Run: [Adobe ARM] "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "E:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunOnce: [DeleteEngineAfterUpdate] reg DELETE HKCU\Software\ConduitEngine /f
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - S-1-5-18 Startup: Dropbox.lnk = E:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Dropbox.lnk = E:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = E:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://E:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Convert link target to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download with GetRight - E:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - E:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Stiahni polozku pomocou Net Transport - E:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Stiahni vsetky polozky cez Net Transport - E:\Program Files\Xi\NetTransport 2\NTAddList.html
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - E:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - E:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .swf: E:\Program Files\Netscape\Communicator\Program\PLUGINS\NPSWF32.dll
O15 - Trusted Zone: http://www.applian.com
O15 - Trusted Zone: http://izgard.cenia.cz
O15 - Trusted Zone: http://*.czshare.com
O15 - Trusted Zone: http://www.facebook.com
O15 - Trusted Zone: *.enviro.gov.sk
O15 - Trusted Zone: http://www.katasterportal.sk
O15 - Trusted Zone: http://www.podnemapy.sk
O15 - Trusted Zone: http://*.podnemapy.sk
O15 - Trusted Zone: http://www.post.sk
O15 - Trusted Zone: http://www.radiosamson.cz
O15 - Trusted Zone: *.sazp.sk
O15 - Trusted Zone: www.slsp.sk
O15 - Trusted Zone: www.turistickamapa.sk
O15 - Trusted IP range: http://195.28.70.134
O15 - Trusted IP range: 192.168.233.101
O16 - DPF: {1DB93715-3B60-43EE-93E6-279BB3E1DF76} (OCXDownloadChecker Control) - http://192.168.233.101/cab/OCXChecker_6110.cab
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.5.0_01) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5F8C7B1-E411-48C2-A754-A9F5AF2EFB2E}: NameServer = 192.168.110.99,192.168.110.100,195.146.128.60
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE0D91B7-709A-4F6C-88AD-9F640E3333E5}: NameServer = 192.168.110.99,192.168.110.100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ArcGIS License Manager - Unknown owner - E:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - E:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - E:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - E:\WINDOWS\system32\PrintCtrl.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 11048 bytes

=========Mozilla firefox=========

ProfilePath - E:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\msdzf5jr.default

prefs.js - "browser.startup.homepage" - "about:blank"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2, {71328583-3CA7-4809-B4BA-570A85818FBB}:0.6.3, {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.0.9, {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5, {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14, {46868735-c3fa-47ce-8ce7-cce51a66aceb}:1.2, {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1865, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.20"

"jqs@sun.com"=E:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=E:\Program Files\AVG\AVG2012\Firefox4\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=E:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=E:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=E:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2303]
"Description"=RealMedia Plugin
"Path"=E:\Program Files\Real Alternative\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1465]
"Description"=RealPlayer Version Plugin
"Path"=E:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=E:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

E:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

E:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
inspector-cmdline.js
inspector.dll
inspector.xpt
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsJSRealPlayerPlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

E:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
npnul32.dll
nppdf32.dll
nppl3260.dll
nprpjplug.dll
NPSVG3.dll
NPSVG3.zip
nsIQTScriptablePlugin.xpt

E:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

E:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\msdzf5jr.default\extensions\
elemhidehelper@adblockplus.org
{1392b8d2-5c05-419f-a8f6-b9f15a596612}
{1650a312-02bc-40ee-977e-83f158701739}
{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
{34274bf4-1d97-a289-e984-17e546307e4f}
{46868735-c3fa-47ce-8ce7-cce51a66aceb}
{6e84150a-d526-41f1-a480-a67d3fed910d}
{71328583-3CA7-4809-B4BA-570A85818FBB}
{73a6fe31-595d-460b-a920-fcc0f8843232}
{909409b9-2e3b-4682-a5d1-71ca80a76456}
{a0faa0a4-f1a7-4098-9a74-21efc3a92372}
{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
{dc572301-7619-498c-a57d-39143191b318}
{FF380879-E2AA-4E2D-A348-99B9CBD7D3C0}

E:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\msdzf5jr.default\searchplugins\
siteadvisor.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-06-06 64928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
Freecorder Toolbar - E:\Program Files\Freecorder\prxtbFre0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - E:\Program Files\AVG\AVG2012\avgssie.dll [2011-10-14 1360736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - E:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - E:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2004-07-19 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-22 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-22 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046}
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]
{1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - E:\Program Files\Freecorder\prxtbFre0.dll [2011-05-09 176936]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HTpatch"=E:\WINDOWS\htpatch.exe [2002-10-30 28672]
"UnlockerAssistant"=E:\Program Files\Unlocker\UnlockerAssistant.exe [2009-10-26 15872]
"PrintDisp"=E:\WINDOWS\system32\PrintDisp.exe [2009-08-21 878080]
"Adobe ARM"=E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"AVG_TRAY"=E:\Program Files\AVG\AVG2012\avgtray.exe [2011-10-24 2415456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=E:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"DeleteEngineAfterUpdate"=reg DELETE HKCU\Software\ConduitEngine /f []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
E:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2006-01-12 483328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
E:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Budík]
C:\Ado\My Data\privat\BUDIK104\Budik.exe [2000-01-10 1497600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
E:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b]
E:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [2004-06-23 729088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
E:\WINDOWS\System32\ctfmon.exe [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
E:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
E:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KUGHGZXAKT]
E:\DOCUME~1\User\LOCALS~1\Temp\Qzd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
E:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
E:\WINDOWS\System32\NvCpl.dll [2003-11-17 3022848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
E:\WINDOWS\System32\NVMCTRAY.DLL [2003-11-17 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
E:\Program Files\QuickTime\qttask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
E:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
E:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
E:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-17 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
E:\Program Files\Java\jre6\bin\jusched.exe [2009-06-22 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
E:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
E:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
E:\PROGRA~1\Adobe\ACROBA~1.0CE\Distillr\AcroTray.exe [2001-03-15 49254]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
E:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2008-02-15 25214]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
E:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-01-15 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
E:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

E:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - E:\Program Files\Microsoft Office\Office\OSA9.EXE

E:\Documents and Settings\User\Start Menu\Programs\Startup
Dropbox.lnk - E:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-05-09 52224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0xB1000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\GetRight\getright.exe"="E:\Program Files\GetRight\getright.exe:*:Enabled:GetRight® www.getright.com"
"E:\Program Files\WinHTTrack\WinHTTrack.exe"="E:\Program Files\WinHTTrack\WinHTTrack.exe:*:Disabled:WinHTTrack Website Copier, Web Site mirroring for professional and private purposes"
"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"E:\Program Files\Windows Media Player\wmplayer.exe"="E:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"E:\Program Files\Internet Explorer\iexplore.exe"="E:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\wincmd\WINCMD32.EXE"="C:\wincmd\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit international version, file manager replacement for Windows"
"E:\Program Files\VideoLAN\VLC\vlc.exe"="E:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"E:\Program Files\Java\jre1.5.0_01\bin\javaw.exe"="E:\Program Files\Java\jre1.5.0_01\bin\javaw.exe:*:Disabled:Java(TM) 2 Platform Standard Edition binary"
"X:\Download\_rapget141\rapget.exe"="X:\Download\_rapget141\rapget.exe:*:Enabled:rapget"
"E:\Program Files\AVG\AVG8\avgam.exe"="E:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"E:\Program Files\AVG\AVG8\avgdiag.exe"="E:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"E:\Program Files\AVG\AVG8\avgdiagex.exe"="E:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"E:\Program Files\AVG\AVG8\avgemc.exe"="E:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"E:\Program Files\AVG\AVG8\avgupd.exe"="E:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"E:\Program Files\AVG\AVG8\avgnsx.exe"="E:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"E:\Program Files\Mozilla Thunderbird\thunderbird.exe"="E:\Program Files\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird"
"E:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe"="E:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe:*:Enabled:Adobe Acrobat 7.0"
"E:\Program Files\Java\jre6\bin\javaw.exe"="E:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"E:\Program Files\Java\jre6\bin\java.exe"="E:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"E:\Program Files\Adobe\Acrobat 7.0\Acrobat\plug_ins\PaperCapture\Server\Roman\capserve.exe"="E:\Program Files\Adobe\Acrobat 7.0\Acrobat\plug_ins\PaperCapture\Server\Roman\capserve.exe:*:Enabled:Adobe Acrobat Capture Server"
"E:\Program Files\Bonjour\mDNSResponder.exe"="E:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"E:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="E:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"E:\Program Files\ArcGIS\Bin\ArcMap.exe"="E:\Program Files\ArcGIS\Bin\ArcMap.exe:*:Disabled:ArcMap"
"E:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe"="E:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"E:\Program Files\AVG\AVG2012\avgmfapx.exe"="E:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"E:\Program Files\AVG\AVG2012\avgnsx.exe"="E:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"E:\Program Files\AVG\AVG2012\avgdiagex.exe"="E:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"E:\Program Files\AVG\AVG2012\avgemcx.exe"="E:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
"E:\Program Files\Skype\Phone\Skype.exe"="E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=iyvu9_32.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MIDI1"=SYNCOR11.DLL
"vidc.DIVX"=divx.dll
"VIDC.WMV3"=E:\PROGRA~1\COMBIN~1\Filters\wmv9vcm.dll
"MSVideo8"=VfWWDM32.dll
"vidc.yv12"=divx.dll
"vidc.xvid"=xvidvfw.dll
"vidc.ffds"=E:\PROGRA~1\COMBIN~1\Filters\ff_vfw.dll
"vidc.X264"=x264vfw.dll
"vidc.vp60"=vp6vfw.dll
"vidc.vp61"=vp6vfw.dll
"vidc.vp62"=vp6vfw.dll
"vidc.hfyu"=huffyuv.dll
"msacm.ac3acm"=AC3ACM.acm
"msacm.at3"=atrac3.acm
"msacm.divxa32"=DivXa32.acm
"msacm.lameacm"=LameACM.acm
"vidc.iv50"=E:\WINDOWS\ir50_32.dll
"msacm.iac2"=E:\WINDOWS\system32\iac25_32.ax
"vidc.iv41"=ir41_32.ax
"vidc.mpg4"=E:\WINDOWS\mpg4c32.dll
"vidc.mpg2"=E:\WINDOWS\mpg4c32.dll
"vidc.mpg3"=E:\WINDOWS\mpg4c32.dll
"vidc.GEOX"=E:\WINDOWS\system32\GeoCodec.dll
"vidc.MJPG"=E:\WINDOWS\m3jpeg32.dll
"vidc.dmb1"=E:\WINDOWS\m3jpeg32.dll
"vidc.GM20"=E:\WINDOWS\system32\GXGM20.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.ini - open - "E:\Program Files\NoteTab Light\NoteTab.exe" "%1"
.txt - open - "E:\Program Files\NoteTab Light\NoteTab.exe" "%1"

======List of files/folders created in the last 1 month======

2011-11-03 14:45:10 ----D---- E:\Documents and Settings\User\Application Data\AVG2012
2011-11-03 14:42:47 ----D---- E:\WINDOWS\system32\drivers\AVG
2011-11-03 14:42:47 ----D---- E:\Documents and Settings\All Users\Application Data\AVG2012
2011-11-03 14:22:43 ----D---- E:\Documents and Settings\All Users\Application Data\MFAData

======List of files/folders modified in the last 1 month======

2011-11-09 14:47:31 ----D---- E:\WINDOWS\Prefetch
2011-11-09 14:47:31 ----D---- E:\Program Files\trend micro
2011-11-09 14:43:53 ----D---- E:\Documents and Settings\User\Application Data\Skype
2011-11-09 13:25:17 ----D---- E:\Documents and Settings\User\Application Data\PriceGong
2011-11-09 13:23:00 ----D---- E:\Program Files\Freecorder
2011-11-09 13:20:49 ----D---- E:\Program Files\ConduitEngine
2011-11-09 12:52:49 ----D---- E:\Program Files\Mozilla Thunderbird
2011-11-09 11:22:05 ----D---- E:\WINDOWS\Temp
2011-11-09 08:59:50 ----A---- E:\WINDOWS\wincmd.ini
2011-11-09 07:52:36 ----D---- E:\WINDOWS\system32\CatRoot2
2011-11-09 07:36:38 ----D---- E:\Documents and Settings\User\Application Data\Dropbox
2011-11-07 15:46:50 ----A---- E:\WINDOWS\SchedLgU.Txt
2011-11-07 08:05:16 ----D---- E:\Documents and Settings\User\Application Data\skypePM
2011-11-07 07:48:03 ----D---- E:\WINDOWS
2011-11-04 09:11:51 ----SHD---- E:\WINDOWS\Installer
2011-11-04 09:10:57 ----RSHDC---- E:\WINDOWS\system32\dllcache
2011-11-04 09:10:43 ----D---- E:\WINDOWS\system32
2011-11-04 09:08:20 ----D---- E:\WINDOWS\system32\drivers
2011-11-04 09:08:20 ----D---- E:\WINDOWS\inf
2011-11-03 14:35:48 ----D---- E:\Documents and Settings\All Users\Application Data\avg9
2011-11-03 14:35:00 ----D---- E:\Program Files\AVG
2011-11-03 14:34:41 ----D---- E:\WINDOWS\WinSxS
2011-11-03 13:33:56 ----AC---- E:\WINDOWS\M3JPEG.INI
2011-11-02 15:43:42 ----AC---- E:\WINDOWS\system32\PerfStringBackup.INI
2011-10-27 15:17:50 ----AC---- E:\WINDOWS\NeroDigital.ini
2011-10-19 13:37:32 ----D---- E:\Program Files\The KMPlayer
2011-10-18 09:51:31 ----D---- E:\Program Files\Mozilla Firefox
2011-10-11 14:44:34 ----D---- E:\Program Files\Name It

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; E:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; E:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 BTHidEnum;Bluetooth HID Enumerator; E:\WINDOWS\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; E:\WINDOWS\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R0 sisagp;SiS AGP Filter; E:\WINDOWS\System32\DRIVERS\SISAGPX.sys [2002-10-31 30848]
R0 SiSide;SiSide; E:\WINDOWS\System32\DRIVERS\siside.sys [2002-10-21 6016]
R0 sisidex;sisidex; E:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; E:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-04-11 82944]
R1 AFS2K;AFS2k; E:\WINDOWS\system32\drivers\AFS2K.sys [2005-01-12 82380]
R1 Avgldx86;AVG AVI Loader Driver; E:\WINDOWS\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; E:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
R1 Avgtdix;AVG TDI Driver; E:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R1 BANTExt;Belarc SMBios Access; E:\WINDOWS\System32\Drivers\BANTExt.sys [2008-02-27 3840]
R1 intelppm;Intel Processor Driver; E:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-03 36096]
R2 ElbyCDIO;ElbyCDIO Driver; E:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-22 8064]
R2 Sentinel;Sentinel; E:\WINDOWS\System32\Drivers\SENTINEL.SYS [2004-05-14 76288]
R3 aeaudio;aeaudio; E:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 AVGIDSDriver;AVGIDSDriver; E:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134608]
R3 AVGIDSFilter;AVGIDSFilter; E:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim; E:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
R3 BlueletAudio;Bluetooth Audio Service; E:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; E:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; E:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; E:\WINDOWS\System32\Drivers\btcusb.sys [2007-05-09 36496]
R3 ElbyCDFL;ElbyCDFL; E:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 nv;nv; E:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-11-17 1618939]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; E:\WINDOWS\System32\Drivers\RootMdm.sys [2002-08-29 5888]
R3 rtl8029;Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver; E:\WINDOWS\System32\DRIVERS\RTL8029.SYS [2001-08-17 19017]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; E:\WINDOWS\System32\DRIVERS\sisnic.sys [2002-07-10 32256]
R3 smwdm;smwdm; E:\WINDOWS\system32\drivers\smwdm.sys [2002-12-05 534976]
R3 usbscan;USB Scanner Driver; E:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 USBSTOR;USB Mass Storage Driver; E:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 VComm;Virtual Serial port driver; E:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; E:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S2 713xTVCard;SAA7130 TV Card; E:\WINDOWS\System32\DRIVERS\SAA713x.sys [2005-03-15 277504]
S2 PfModNT;PfModNT; \??\E:\WINDOWS\System32\PfModNT.sys []
S3 Andbus;LGE Android Platform Composite USB Device; E:\WINDOWS\system32\DRIVERS\lgandbus.sys [2010-12-07 14336]
S3 AndDiag;LGE Android Platform USB Serial Port; E:\WINDOWS\system32\DRIVERS\lganddiag.sys [2010-12-07 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; E:\WINDOWS\system32\DRIVERS\lgandgps.sys [2010-12-07 20096]
S3 ANDModem;LGE Android Platform USB Modem; E:\WINDOWS\system32\DRIVERS\lgandmodem.sys [2010-12-07 25088]
S3 androidusb;ADB Interface Driver; E:\WINDOWS\System32\Drivers\lgandadb.sys [2010-08-02 25728]
S3 Bridge;MAC Bridge; E:\WINDOWS\System32\DRIVERS\bridge.sys [2004-08-03 71552]
S3 BridgeMP;MAC Bridge Miniport; E:\WINDOWS\System32\DRIVERS\bridge.sys [2004-08-03 71552]
S3 BTNetFilter;Bluetooth Network Filter; \??\E:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys []
S3 Cap7134;Philips WDM Video Capture; E:\WINDOWS\System32\DRIVERS\Cap7134.sys [2003-03-07 348160]
S3 CCDECODE;Closed Caption Decoder; E:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 FlyPCI;FlyPCI; \??\E:\PROGRA~1\FLY200~1\FlyPCI.sys []
S3 k600bus;Sony Ericsson 600i driver (WDM); E:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-05-11 52384]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers; E:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-05-11 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers; E:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-05-11 77072]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; E:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; E:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; E:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 s1317bus;Sony Ericsson Device 1317 driver (WDM); E:\WINDOWS\system32\DRIVERS\s1317bus.sys [2007-10-31 83840]
S3 s1317mdfl;Sony Ericsson Device 1317 USB WMC Modem Filter; E:\WINDOWS\system32\DRIVERS\s1317mdfl.sys [2007-10-31 14976]
S3 s1317mdm;Sony Ericsson Device 1317 USB WMC Modem Driver; E:\WINDOWS\system32\DRIVERS\s1317mdm.sys [2007-10-31 110592]
S3 s1317mgmt;Sony Ericsson Device 1317 USB WMC Device Management Drivers (WDM); E:\WINDOWS\system32\DRIVERS\s1317mgmt.sys [2007-10-31 104448]
S3 s1317nd5;Sony Ericsson Device 1317 USB Ethernet Emulation SEMC1317 (NDIS); E:\WINDOWS\system32\DRIVERS\s1317nd5.sys [2007-10-31 25472]
S3 s1317obex;Sony Ericsson Device 1317 USB WMC OBEX Interface; E:\WINDOWS\system32\DRIVERS\s1317obex.sys [2007-10-31 100608]
S3 s1317unic;Sony Ericsson Device 1317 USB Ethernet Emulation SEMC1317 (WDM); E:\WINDOWS\system32\DRIVERS\s1317unic.sys [2007-10-31 109952]
S3 SLIP;BDA Slip De-Framer; E:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); E:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; E:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Microsoft USB Generic Parent Driver; E:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; E:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 Wdf01000;Wdf01000; E:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-05-09 40704]
S3 WSTCODEC;World Standard Teletext Codec; E:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-04-11 87808]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ArcGIS License Manager;ArcGIS License Manager; E:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe [1999-12-01 467968]
R2 AVGIDSAgent;AVGIDSAgent; E:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; E:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; E:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CCALib8;Canon Camera Access Library 8; E:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 JavaQuickStarterService;Java Quick Starter; E:\Program Files\Java\jre6\bin\jqs.exe [2009-06-22 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; E:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 NVSvc;NVIDIA Display Driver Service; E:\WINDOWS\System32\nvsvc32.exe [2003-11-17 77824]
R2 Printer Control;Printer Control; E:\WINDOWS\system32\PrintCtrl.exe [2009-06-16 77824]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S3 Adobe LM Service;Adobe LM Service; E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-02-14 69632]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-09-22 654848]
S3 gusvc;Google Updater Service; E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; E:\Program Files\Windows Media Player\WMPNetwk.exe [2006-05-09 823808]

-----------------EOF-----------------

Dobrý den

Trváte na antiviru od AVG?

U nás ho moc nedoporučujeme. Důvody: Slabší detekce, vysoká zátěž systému a způsobuje dosti problémů.. Doporučuji výměnu za Avast, MSE nebo Aviru (anglická)

Doporučuji odinstalovat program Spybot - Search & Destroy , protože už má nejlepší léta za sebou a není již tak účinný proti novým hrozbám. Doporučuji nahradit za SUPERAntispyware, který používejte zhruba 1x za 14 dní jako preventivní sken ke svému AV

Aktualizujte SP3 a IE 8

Na havěť mrkneme raději podrobněji

Malwarebytes' Anti-Malware Obrázek

Stáhneme,nainstalujeme a spustíme(pokud si nevíte rady jak,klikněte ZDE)
Vybereme Úplná kontrola a klikneme na tlačítko Prohledat
Program provede kontrolu počítače a na konci se vám objeví hláska,že bylo skenování dokončeno,tak potvrdíme tlačítkem OK
Objeví se vám log,který mi sem vložte
NIC NEMAZAT!!Program mívá občas falešné detekce,takže mazat budeme až po konzultaci

je to na pracovnom kompe, AVG mame zakupene z firmy; za roky pouzivania som s nimspokojny ako s hociktorym inym AV (mam odskusany Avast, NOD,...)
ale urcite nejaka suvislost s momentalnym problemom bude, dnes som mal problem vobec stiahnut MWAM, musel som odstavit AVG, aby nepadol browser
zatial som urobil len rychlu kontrolu
---------------------------------
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Verzia databázy: 8129

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

10.11.2011 8:05:52
mbam-log-2011-11-10 (08-05-52).txt

Typ kontroly: Rýchla kontrola
Objektov kontrolovaných: 211717
Uplynutý čas: 11 min, 21 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0
Infikované služby pamäte:(Škodlivé položky neboli zistené)
Infikované moduly pamäte:(Škodlivé položky neboli zistené)
Infikované registračné kľúče:(Škodlivé položky neboli zistené)
Infikované registračné hodnoty:(Škodlivé položky neboli zistené)
Infikované položky registračných dát:(Škodlivé položky neboli zistené)
Infikované priečinky:(Škodlivé položky neboli zistené)
Infikované súbory:(Škodlivé položky neboli zistené)
-------------------------------------------------
spustam uplnu, to potrva...

Pracovní pc?.. přečtěte si pravidla fora..

Pravidla fora: č.1 a č.2, č.3

to sa ospravedlnujem

keby sme mali nejakeho IT specialistu, alebo nazvys peniaze na servis, tak to neriesim...
pls - mozeme uz aspon dokoncit tento pripad ?
---------
ps - uz v minulosti som sa zaujimal o to, ako podporit forum zo Slovenska, ale stale zostava jedina moznost PayPal, co je asi najhorsia zo vsetkych moznych

log:

Malwarebytes' Anti-Malware 1.51.2.1300
http://www.malwarebytes.org

Verzia databázy: 8129

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

10.11.2011 10:39:04
mbam-log-2011-11-10 (10-38-58).txt

Typ kontroly: Úplná kontrola (E:\|)
Objektov kontrolovaných: 338283
Uplynutý čas: 2 hod, 23 min, 14 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 1

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
e:\program files\virtual dub\vd_1.6.4_build_23174.exe (PUP.Perflogger) -> No action taken.
------------------------

ps - este mi AVG pocas scanovania (AVG som dal docasne odpojit, ale neda sa dlhsie ako 15 min) vyhodilo hlasku

Poradím se s kolegy, jestli vám může být poskytnutá pomoc, ale nic nezaručuji...

Podpora funguje i ze Slovenska http://www.viry.cz/forum/viewtopic.php?f=7&t=78175

Po konzultaci vás dokončím naposledy...

Nalezené položky dejte smazat..
Vyčistěte pc dle návodu:http://www.viry.cz/forum/viewtopic.php?f=46&t=47040

Jak se chová počítač?

dakujem;
podozrivy subor vymazany, body obnovy zrusene;

co sa kompu tyka:
1. MBAM vypisoval podchvilou hlasku - Uspesne blokovany pokus potencialne neziaducej stranky ... 89.28.89.214 alebo 85.17.159.77 (mozno aj ine, ale tieto dve som si zapisal)
Typ: odchadzajuci

2. zistil som, ze na 99,99% ten problem s padanim browsera sposobuje AVG 2012; musel som docasne vypnut ochranu, aby som vobec mohol stiahnut MBAM
vyskusal som potom browsovat rozne stranky, medzi inym aj facebook -> pri vypnutej ochrane v pohode, akonahle som ju zapol, tak firefox padol

Můžete to mít nějak blokované firemně.. Bohužel budete muset říct firmě a napsat na podporu AVG.. blokování odchozích věcí je u MBAM normální.. nenechával bych ho běžet reálně..

pouze jako sken...

nn, ziadna firemna blokacia stranok u nas nie je

a problem sa objavil az niekolko dni po upgrade AVG z v.9 na v.2012
preto ma spravanie kompu prekvapilo, keby to robilo hned, tak mi je jasna suvislost

tak - este nejake kroky ? odinstalit MBAM ?

Můžete odinstalovat MBAM a vložit mi aktuální RSIT, ale pokud trváte na AVG ( kvůli firmě ) tak budete muset napsat na jejich podporu..

aktualny log z RSIT:
--------------------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by User at 2011-11-10 15:54:32
Systém Microsoft Windows XP Professional Service Pack 2
System drive E: has 5 GB (21%) free of 22 GB
Total RAM: 1536 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:54:55, on 10.11.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\PROGRA~1\AVG\AVG2012\avgrsx.exe
E:\Program Files\AVG\AVG2012\avgcsrvx.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
E:\Program Files\AVG\AVG2012\avgwdsvc.exe
E:\Program Files\Bonjour\mDNSResponder.exe
E:\Program Files\Java\jre6\bin\jqs.exe
E:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.exe
E:\Program Files\Common Files\LightScribe\LSSrvc.exe
E:\WINDOWS\System32\nvsvc32.exe
E:\WINDOWS\system32\PrintCtrl.exe
E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\AVG\AVG2012\avgnsx.exe
E:\Program Files\AVG\AVG2012\avgemcx.exe
E:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
E:\Program Files\Canon\CAL\CALMAIN.exe
E:\WINDOWS\system32\wuauclt.exe
E:\WINDOWS\system32\wscntfy.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\AVG\AVG2012\avgcsrvx.exe
E:\WINDOWS\htpatch.exe
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\WINDOWS\system32\PrintDisp.exe
E:\Program Files\AVG\AVG2012\avgtray.exe
E:\Program Files\Skype\Phone\Skype.exe
E:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe
E:\Program Files\Microsoft Office\Office\1029\msoffice.exe
E:\Program Files\Skype\Plugin Manager\skypePM.exe
E:\totalcmd\TOTALCMD.EXE
X:\software\antivir\RSIT.exe
E:\Program Files\trend micro\User.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Freecorder - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files\Freecorder\prxtbFre0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - E:\Program Files\Xi\NetTransport 2\NTIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - E:\Program Files\Freecorder\prxtbFre0.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [HTpatch] E:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [PrintDisp] E:\WINDOWS\system32\PrintDisp.exe
O4 - HKLM\..\Run: [Adobe ARM] "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "E:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - S-1-5-18 Startup: Dropbox.lnk = E:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Dropbox.lnk = E:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = E:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://E:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Convert link target to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download with GetRight - E:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - E:\Program Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Stiahni polozku pomocou Net Transport - E:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: Stiahni vsetky polozky cez Net Transport - E:\Program Files\Xi\NetTransport 2\NTAddList.html
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - E:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - E:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .swf: E:\Program Files\Netscape\Communicator\Program\PLUGINS\NPSWF32.dll
O15 - Trusted Zone: http://www.applian.com
O15 - Trusted Zone: http://izgard.cenia.cz
O15 - Trusted Zone: http://*.czshare.com
O15 - Trusted Zone: http://www.facebook.com
O15 - Trusted Zone: *.enviro.gov.sk
O15 - Trusted Zone: http://www.katasterportal.sk
O15 - Trusted Zone: http://www.podnemapy.sk
O15 - Trusted Zone: http://*.podnemapy.sk
O15 - Trusted Zone: http://www.post.sk
O15 - Trusted Zone: http://www.radiosamson.cz
O15 - Trusted Zone: *.sazp.sk
O15 - Trusted Zone: www.slsp.sk
O15 - Trusted Zone: www.turistickamapa.sk
O15 - Trusted IP range: http://195.28.70.134
O15 - Trusted IP range: 192.168.233.101
O16 - DPF: {1DB93715-3B60-43EE-93E6-279BB3E1DF76} (OCXDownloadChecker Control) - http://192.168.233.101/cab/OCXChecker_6110.cab
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.5.0_01) -
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5F8C7B1-E411-48C2-A754-A9F5AF2EFB2E}: NameServer = 192.168.110.99,192.168.110.100,195.146.128.60
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE0D91B7-709A-4F6C-88AD-9F640E3333E5}: NameServer = 192.168.110.99,192.168.110.100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - E:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ArcGIS License Manager - Unknown owner - E:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - E:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - E:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - E:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - E:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - E:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Printer Control - ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM - E:\WINDOWS\system32\PrintCtrl.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 10874 bytes

=========Mozilla firefox=========

ProfilePath - E:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\msdzf5jr.default

prefs.js - "browser.startup.homepage" - "about:blank"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2, {71328583-3CA7-4809-B4BA-570A85818FBB}:0.6.3, {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.0.9, {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5, {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14, {46868735-c3fa-47ce-8ce7-cce51a66aceb}:1.2, {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1865, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24"

"jqs@sun.com"=E:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=E:\Program Files\AVG\AVG2012\Firefox4\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=E:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=E:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=E:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2303]
"Description"=RealMedia Plugin
"Path"=E:\Program Files\Real Alternative\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1465]
"Description"=RealPlayer Version Plugin
"Path"=E:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=E:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

E:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

E:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
inspector-cmdline.js
inspector.dll
inspector.xpt
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsJSRealPlayerPlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

E:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
npnul32.dll
nppdf32.dll
nppl3260.dll
nprpjplug.dll
NPSVG3.dll
NPSVG3.zip
nsIQTScriptablePlugin.xpt

E:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

E:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\msdzf5jr.default\extensions\
elemhidehelper@adblockplus.org
{1392b8d2-5c05-419f-a8f6-b9f15a596612}
{1650a312-02bc-40ee-977e-83f158701739}
{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
{34274bf4-1d97-a289-e984-17e546307e4f}
{46868735-c3fa-47ce-8ce7-cce51a66aceb}
{6e84150a-d526-41f1-a480-a67d3fed910d}
{71328583-3CA7-4809-B4BA-570A85818FBB}
{73a6fe31-595d-460b-a920-fcc0f8843232}
{909409b9-2e3b-4682-a5d1-71ca80a76456}
{a0faa0a4-f1a7-4098-9a74-21efc3a92372}
{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
{dc572301-7619-498c-a57d-39143191b318}
{FF380879-E2AA-4E2D-A348-99B9CBD7D3C0}

E:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\msdzf5jr.default\searchplugins\
siteadvisor.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-06-06 64928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
Freecorder Toolbar - E:\Program Files\Freecorder\prxtbFre0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - E:\Program Files\AVG\AVG2012\avgssie.dll [2011-10-14 1360736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}]
NTIECatcher Class - E:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [2004-07-19 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - E:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-22 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - E:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-22 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046}
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - E:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]
{1392b8d2-5c05-419f-a8f6-b9f15a596612} - Freecorder Toolbar - E:\Program Files\Freecorder\prxtbFre0.dll [2011-05-09 176936]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HTpatch"=E:\WINDOWS\htpatch.exe [2002-10-30 28672]
"UnlockerAssistant"=E:\Program Files\Unlocker\UnlockerAssistant.exe [2009-10-26 15872]
"PrintDisp"=E:\WINDOWS\system32\PrintDisp.exe [2009-08-21 878080]
"Adobe ARM"=E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"AVG_TRAY"=E:\Program Files\AVG\AVG2012\avgtray.exe [2011-10-24 2415456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=E:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
E:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2006-01-12 483328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
E:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Budík]
C:\Ado\My Data\privat\BUDIK104\Budik.exe [2000-01-10 1497600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
E:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2005-05-19 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b]
E:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [2004-06-23 729088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
E:\WINDOWS\System32\ctfmon.exe [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
E:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
E:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
E:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KUGHGZXAKT]
E:\DOCUME~1\User\LOCALS~1\Temp\Qzd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
E:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
E:\WINDOWS\System32\NvCpl.dll [2003-11-17 3022848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
E:\WINDOWS\System32\NVMCTRAY.DLL [2003-11-17 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
E:\Program Files\QuickTime\qttask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
E:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
E:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
E:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-17 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
E:\Program Files\Java\jre6\bin\jusched.exe [2009-06-22 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
E:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
E:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
E:\PROGRA~1\Adobe\ACROBA~1.0CE\Distillr\AcroTray.exe [2001-03-15 49254]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
E:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2008-02-15 25214]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
E:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-01-15 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
E:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

E:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - E:\Program Files\Microsoft Office\Office\OSA9.EXE

E:\Documents and Settings\User\Start Menu\Programs\Startup
Dropbox.lnk - E:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\WPDShServiceObj.dll [2006-05-09 52224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0xB1000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\Program Files\GetRight\getright.exe"="E:\Program Files\GetRight\getright.exe:*:Enabled:GetRight® www.getright.com"
"E:\Program Files\WinHTTrack\WinHTTrack.exe"="E:\Program Files\WinHTTrack\WinHTTrack.exe:*:Disabled:WinHTTrack Website Copier, Web Site mirroring for professional and private purposes"
"E:\Program Files\Mozilla Firefox\firefox.exe"="E:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"E:\Program Files\Windows Media Player\wmplayer.exe"="E:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"E:\Program Files\Internet Explorer\iexplore.exe"="E:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\wincmd\WINCMD32.EXE"="C:\wincmd\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit international version, file manager replacement for Windows"
"E:\Program Files\VideoLAN\VLC\vlc.exe"="E:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"E:\Program Files\Java\jre1.5.0_01\bin\javaw.exe"="E:\Program Files\Java\jre1.5.0_01\bin\javaw.exe:*:Disabled:Java(TM) 2 Platform Standard Edition binary"
"X:\Download\_rapget141\rapget.exe"="X:\Download\_rapget141\rapget.exe:*:Enabled:rapget"
"E:\Program Files\AVG\AVG8\avgam.exe"="E:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"E:\Program Files\AVG\AVG8\avgdiag.exe"="E:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"E:\Program Files\AVG\AVG8\avgdiagex.exe"="E:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"E:\Program Files\AVG\AVG8\avgemc.exe"="E:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"E:\Program Files\AVG\AVG8\avgupd.exe"="E:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"E:\Program Files\AVG\AVG8\avgnsx.exe"="E:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"E:\Program Files\Mozilla Thunderbird\thunderbird.exe"="E:\Program Files\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird"
"E:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe"="E:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe:*:Enabled:Adobe Acrobat 7.0"
"E:\Program Files\Java\jre6\bin\javaw.exe"="E:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"E:\Program Files\Java\jre6\bin\java.exe"="E:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"E:\Program Files\Adobe\Acrobat 7.0\Acrobat\plug_ins\PaperCapture\Server\Roman\capserve.exe"="E:\Program Files\Adobe\Acrobat 7.0\Acrobat\plug_ins\PaperCapture\Server\Roman\capserve.exe:*:Enabled:Adobe Acrobat Capture Server"
"E:\Program Files\Bonjour\mDNSResponder.exe"="E:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"E:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="E:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"E:\Program Files\ArcGIS\Bin\ArcMap.exe"="E:\Program Files\ArcGIS\Bin\ArcMap.exe:*:Disabled:ArcMap"
"E:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe"="E:\Documents and Settings\User\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"E:\Program Files\AVG\AVG2012\avgmfapx.exe"="E:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"E:\Program Files\AVG\AVG2012\avgnsx.exe"="E:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"E:\Program Files\AVG\AVG2012\avgdiagex.exe"="E:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"E:\Program Files\AVG\AVG2012\avgemcx.exe"="E:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
"E:\Program Files\Skype\Phone\Skype.exe"="E:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=iyvu9_32.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MIDI1"=SYNCOR11.DLL
"vidc.DIVX"=divx.dll
"VIDC.WMV3"=E:\PROGRA~1\COMBIN~1\Filters\wmv9vcm.dll
"MSVideo8"=VfWWDM32.dll
"vidc.yv12"=divx.dll
"vidc.xvid"=xvidvfw.dll
"vidc.ffds"=E:\PROGRA~1\COMBIN~1\Filters\ff_vfw.dll
"vidc.X264"=x264vfw.dll
"vidc.vp60"=vp6vfw.dll
"vidc.vp61"=vp6vfw.dll
"vidc.vp62"=vp6vfw.dll
"vidc.hfyu"=huffyuv.dll
"msacm.ac3acm"=AC3ACM.acm
"msacm.at3"=atrac3.acm
"msacm.divxa32"=DivXa32.acm
"msacm.lameacm"=LameACM.acm
"vidc.iv50"=E:\WINDOWS\ir50_32.dll
"msacm.iac2"=E:\WINDOWS\system32\iac25_32.ax
"vidc.iv41"=ir41_32.ax
"vidc.mpg4"=E:\WINDOWS\mpg4c32.dll
"vidc.mpg2"=E:\WINDOWS\mpg4c32.dll
"vidc.mpg3"=E:\WINDOWS\mpg4c32.dll
"vidc.GEOX"=E:\WINDOWS\system32\GeoCodec.dll
"vidc.MJPG"=E:\WINDOWS\m3jpeg32.dll
"vidc.dmb1"=E:\WINDOWS\m3jpeg32.dll
"vidc.GM20"=E:\WINDOWS\system32\GXGM20.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.ini - open - "E:\Program Files\NoteTab Light\NoteTab.exe" "%1"
.txt - open - "E:\Program Files\NoteTab Light\NoteTab.exe" "%1"

======List of files/folders created in the last 1 month======

2011-11-03 14:45:10 ----D---- E:\Documents and Settings\User\Application Data\AVG2012
2011-11-03 14:42:47 ----D---- E:\WINDOWS\system32\drivers\AVG
2011-11-03 14:42:47 ----D---- E:\Documents and Settings\All Users\Application Data\AVG2012
2011-11-03 14:22:43 ----D---- E:\Documents and Settings\All Users\Application Data\MFAData

======List of files/folders modified in the last 1 month======

2011-11-10 15:54:47 ----D---- E:\WINDOWS\system32\CatRoot2
2011-11-10 15:54:41 ----D---- E:\Program Files\trend micro
2011-11-10 15:54:15 ----A---- E:\WINDOWS\wincmd.ini
2011-11-10 15:51:37 ----D---- E:\Documents and Settings\User\Application Data\Dropbox
2011-11-10 15:51:32 ----D---- E:\WINDOWS\Temp
2011-11-10 15:50:03 ----RD---- E:\Program Files
2011-11-10 15:49:37 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
2011-11-10 15:48:33 ----A---- E:\WINDOWS\SchedLgU.Txt
2011-11-10 15:48:16 ----D---- E:\WINDOWS\system32\drivers
2011-11-10 15:47:12 ----D---- E:\Documents and Settings\User\Application Data\Skype
2011-11-10 14:50:28 ----D---- E:\WINDOWS\Prefetch
2011-11-10 14:49:38 ----A---- E:\Documents and Settings\User\Application Data\ntl.ini
2011-11-10 14:40:40 ----D---- E:\Program Files\Virtual dub
2011-11-10 08:02:07 ----D---- E:\Documents and Settings\User\Application Data\skypePM
2011-11-10 07:45:45 ----D---- E:\Program Files\Mozilla Firefox
2011-11-10 07:40:41 ----D---- E:\Documents and Settings\User\Application Data\PriceGong
2011-11-10 07:34:29 ----D---- E:\Program Files\Spybot - Search & Destroy
2011-11-10 07:34:28 ----D---- E:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2011-11-10 07:28:15 ----D---- E:\Program Files\Mozilla Thunderbird
2011-11-09 13:23:00 ----D---- E:\Program Files\Freecorder
2011-11-07 07:48:03 ----D---- E:\WINDOWS
2011-11-04 09:11:51 ----SHD---- E:\WINDOWS\Installer
2011-11-04 09:10:57 ----RSHDC---- E:\WINDOWS\system32\dllcache
2011-11-04 09:10:43 ----D---- E:\WINDOWS\system32
2011-11-04 09:08:20 ----D---- E:\WINDOWS\inf
2011-11-03 14:35:48 ----D---- E:\Documents and Settings\All Users\Application Data\avg9
2011-11-03 14:35:00 ----D---- E:\Program Files\AVG
2011-11-03 14:34:41 ----D---- E:\WINDOWS\WinSxS
2011-11-03 13:33:56 ----AC---- E:\WINDOWS\M3JPEG.INI
2011-11-02 15:43:42 ----AC---- E:\WINDOWS\system32\PerfStringBackup.INI
2011-10-27 15:17:50 ----AC---- E:\WINDOWS\NeroDigital.ini
2011-10-19 13:37:32 ----D---- E:\Program Files\The KMPlayer
2011-10-11 14:44:34 ----D---- E:\Program Files\Name It

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; E:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; E:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 BTHidEnum;Bluetooth HID Enumerator; E:\WINDOWS\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; E:\WINDOWS\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R0 sisagp;SiS AGP Filter; E:\WINDOWS\System32\DRIVERS\SISAGPX.sys [2002-10-31 30848]
R0 SiSide;SiSide; E:\WINDOWS\System32\DRIVERS\siside.sys [2002-10-21 6016]
R0 sisidex;sisidex; E:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; E:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-04-11 82944]
R1 AFS2K;AFS2k; E:\WINDOWS\system32\drivers\AFS2K.sys [2005-01-12 82380]
R1 Avgldx86;AVG AVI Loader Driver; E:\WINDOWS\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; E:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
R1 Avgtdix;AVG TDI Driver; E:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R1 BANTExt;Belarc SMBios Access; E:\WINDOWS\System32\Drivers\BANTExt.sys [2008-02-27 3840]
R1 intelppm;Intel Processor Driver; E:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-03 36096]
R2 ElbyCDIO;ElbyCDIO Driver; E:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-04-22 8064]
R2 Sentinel;Sentinel; E:\WINDOWS\System32\Drivers\SENTINEL.SYS [2004-05-14 76288]
R3 aeaudio;aeaudio; E:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 AVGIDSDriver;AVGIDSDriver; E:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134608]
R3 AVGIDSFilter;AVGIDSFilter; E:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim; E:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
R3 BlueletAudio;Bluetooth Audio Service; E:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; E:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; E:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; E:\WINDOWS\System32\Drivers\btcusb.sys [2007-05-09 36496]
R3 ElbyCDFL;ElbyCDFL; E:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 nv;nv; E:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-11-17 1618939]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; E:\WINDOWS\System32\Drivers\RootMdm.sys [2002-08-29 5888]
R3 rtl8029;Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver; E:\WINDOWS\System32\DRIVERS\RTL8029.SYS [2001-08-17 19017]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; E:\WINDOWS\System32\DRIVERS\sisnic.sys [2002-07-10 32256]
R3 smwdm;smwdm; E:\WINDOWS\system32\drivers\smwdm.sys [2002-12-05 534976]
R3 usbscan;USB Scanner Driver; E:\WINDOWS\System32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 USBSTOR;USB Mass Storage Driver; E:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 VComm;Virtual Serial port driver; E:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; E:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S2 713xTVCard;SAA7130 TV Card; E:\WINDOWS\System32\DRIVERS\SAA713x.sys [2005-03-15 277504]
S2 PfModNT;PfModNT; \??\E:\WINDOWS\System32\PfModNT.sys []
S3 Andbus;LGE Android Platform Composite USB Device; E:\WINDOWS\system32\DRIVERS\lgandbus.sys [2010-12-07 14336]
S3 AndDiag;LGE Android Platform USB Serial Port; E:\WINDOWS\system32\DRIVERS\lganddiag.sys [2010-12-07 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; E:\WINDOWS\system32\DRIVERS\lgandgps.sys [2010-12-07 20096]
S3 ANDModem;LGE Android Platform USB Modem; E:\WINDOWS\system32\DRIVERS\lgandmodem.sys [2010-12-07 25088]
S3 androidusb;ADB Interface Driver; E:\WINDOWS\System32\Drivers\lgandadb.sys [2010-08-02 25728]
S3 Bridge;MAC Bridge; E:\WINDOWS\System32\DRIVERS\bridge.sys [2004-08-03 71552]
S3 BridgeMP;MAC Bridge Miniport; E:\WINDOWS\System32\DRIVERS\bridge.sys [2004-08-03 71552]
S3 BTNetFilter;Bluetooth Network Filter; \??\E:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys []
S3 Cap7134;Philips WDM Video Capture; E:\WINDOWS\System32\DRIVERS\Cap7134.sys [2003-03-07 348160]
S3 CCDECODE;Closed Caption Decoder; E:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 FlyPCI;FlyPCI; \??\E:\PROGRA~1\FLY200~1\FlyPCI.sys []
S3 k600bus;Sony Ericsson 600i driver (WDM); E:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-05-11 52384]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers; E:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-05-11 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers; E:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-05-11 77072]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; E:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; E:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; E:\WINDOWS\System32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 s1317bus;Sony Ericsson Device 1317 driver (WDM); E:\WINDOWS\system32\DRIVERS\s1317bus.sys [2007-10-31 83840]
S3 s1317mdfl;Sony Ericsson Device 1317 USB WMC Modem Filter; E:\WINDOWS\system32\DRIVERS\s1317mdfl.sys [2007-10-31 14976]
S3 s1317mdm;Sony Ericsson Device 1317 USB WMC Modem Driver; E:\WINDOWS\system32\DRIVERS\s1317mdm.sys [2007-10-31 110592]
S3 s1317mgmt;Sony Ericsson Device 1317 USB WMC Device Management Drivers (WDM); E:\WINDOWS\system32\DRIVERS\s1317mgmt.sys [2007-10-31 104448]
S3 s1317nd5;Sony Ericsson Device 1317 USB Ethernet Emulation SEMC1317 (NDIS); E:\WINDOWS\system32\DRIVERS\s1317nd5.sys [2007-10-31 25472]
S3 s1317obex;Sony Ericsson Device 1317 USB WMC OBEX Interface; E:\WINDOWS\system32\DRIVERS\s1317obex.sys [2007-10-31 100608]
S3 s1317unic;Sony Ericsson Device 1317 USB Ethernet Emulation SEMC1317 (WDM); E:\WINDOWS\system32\DRIVERS\s1317unic.sys [2007-10-31 109952]
S3 SLIP;BDA Slip De-Framer; E:\WINDOWS\System32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); E:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; E:\WINDOWS\System32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Microsoft USB Generic Parent Driver; E:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; E:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 Wdf01000;Wdf01000; E:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; E:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-05-09 40704]
S3 WSTCODEC;World Standard Teletext Codec; E:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-04-11 87808]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ArcGIS License Manager;ArcGIS License Manager; E:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe [1999-12-01 467968]
R2 AVGIDSAgent;AVGIDSAgent; E:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; E:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; E:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CCALib8;Canon Camera Access Library 8; E:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 JavaQuickStarterService;Java Quick Starter; E:\Program Files\Java\jre6\bin\jqs.exe [2009-06-22 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; E:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 NVSvc;NVIDIA Display Driver Service; E:\WINDOWS\System32\nvsvc32.exe [2003-11-17 77824]
R2 Printer Control;Printer Control; E:\WINDOWS\system32\PrintCtrl.exe [2009-06-16 77824]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; E:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S3 Adobe LM Service;Adobe LM Service; E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-02-14 69632]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-09-22 654848]
S3 gusvc;Google Updater Service; E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; E:\Program Files\Windows Media Player\WMPNetwk.exe [2006-05-09 823808]

-----------------EOF-----------------

Spustíme si HijackThis

Kód: Vybrat vše

E:\Program Files\trend micro\User.exe

(Pokud nenajdeme nebo nemáme,tak stáhneme ZDE )

Dále klikneme na tlačítko Do a system scan only

Najdeme a označíme následující položky:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [Adobe ARM] "E:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office\OSA9.EXE
O15 - Trusted Zone: http://www.applian.com
O15 - Trusted Zone: http://izgard.cenia.cz
O15 - Trusted Zone: http://*.czshare.com
O15 - Trusted Zone: http://www.facebook.com
O15 - Trusted Zone: *.enviro.gov.sk
O15 - Trusted Zone: http://www.katasterportal.sk
O15 - Trusted Zone: http://www.podnemapy.sk
O15 - Trusted Zone: http://*.podnemapy.sk
O15 - Trusted Zone: http://www.post.sk
O15 - Trusted Zone: http://www.radiosamson.cz
O15 - Trusted Zone: *.sazp.sk
O15 - Trusted Zone: www.slsp.sk
O15 - Trusted Zone: www.turistickamapa.sk
O15 - Trusted IP range: http://195.28.70.134
O15 - Trusted IP range: 192.168.233.101

klikneme na položku Fix checked a potvrdíme tlačítkem Ano

Otevřeme si Poznámkový blok Obrázek

(stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)

Vložíme do něj následující script:

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Budík]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CorelDRAW Graphics Suite 11b]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KUGHGZXAKT]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\E:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

Soubor uložíme jako oprava.reg (při ukládání nastavte Uložit jako typ:Všechny soubory)
Poté tento soubor spustíme a potvrdíme

TFC

Stáhneme a spustíme program
Klikneme na Start a potvrdíme OK
Program začne uklízet,poté restartuje pc
po použití program smažte

urobene podla pokynov

VIRY.CZ

pada browser pri FB

pada browser pri FB

Re: pada browser pri FB

Re: pada browser pri FB

Re: pada browser pri FB

Re: pada browser pri FB

Re: pada browser pri FB

Re: pada browser pri FB

Re: pada browser pri FB

Re: pada browser pri FB

Re: pada browser pri FB

Re: pada browser pri FB

Re: pada browser pri FB

Re: pada browser pri FB

Re: pada browser pri FB

Re: pada browser pri FB