zasekanej noťas, pravděpodobně havěť...

[korkis]

Zdravíčko, mám poslední dobou nějak moc zasekanej noťas, když koukám na nějaký to videjko online, tak se to děsně hryže a noťas nezvládá dělat několik úkonů v jednu chvíli.... kolikrát mám až několika minutovou odezvu... takže prosím o kontrolu logu předtím než to fláknu z okna ven


Logfile of random's system information tool 1.09 (written by random/random)
Run by karel at 2011-12-11 13:42:34
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (7%) free of 45 GB
Total RAM: 2038 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:43:04, on 11.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17103)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\admtray.exe
C:\WINDOWS\system32\rundll32.exe
c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\karel\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\karel\Plocha\RSIT (1).exe
C:\Program Files\trend micro\karel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [chromium] C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe --no-startup-window
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'Default user')
O4 - Startup: Dropbox.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Download All using 4shared Desktop - C:\Program Files\4shared Desktop\down_all.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 5041933411
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Google Update Service (gupdate1c99286569679a) (gupdate1c99286569679a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe

--
End of file - 12187 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\karel\Data aplikací\Mozilla\Firefox\Profiles\gwd3c2fw.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://google.atcomet.com/b/"
prefs.js - "extensions.enabledItems" - "{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4, {06bb13d3-251b-4fbd-adb2-70a6994a4bcd}:2.7.2.0, {64e8cc5b-20db-4212-8320-178fc5ae71f7}:1.1, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, LogMeInClient@logmein.com:1.0.0.586, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10, {DFF722C4-4A11-41A7-9939-C83A06B09897}:1.0, engine@conduit.com:3.2.5.2, {51a86bb3-6602-4c85-92a5-130ee4864f13}:3.2.5.2, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... id=afex&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.121 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_121.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
{DFF722C4-4A11-41A7-9939-C83A06B09897}
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
browsercomps.dll
binary.manifest
nsIBitCometAgent.xpt
npRACtrl.xpt

C:\Program Files\Mozilla Firefox\plugins\
npRACtrl.dll
ractrlkeyhook.dll
unicows.dll
LMIProxyHelper.exe
QuickTimePlugin.class
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npBitCometAgent.dll
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
npdeployJava1.dll

C:\Program Files\Mozilla Firefox\searchplugins\
zwangi115.xml
answers.xml
creativecommons.xml
yahoo.xml
wikipedia.xml
google.xml
eBay.xml
bing.xml
amazondotcom.xml

C:\Documents and Settings\karel\Data aplikací\Mozilla\Firefox\Profiles\gwd3c2fw.default\extensions\
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

C:\Documents and Settings\karel\Data aplikací\Mozilla\Firefox\Profiles\gwd3c2fw.default\searchplugins\
amazondotcom.xml
ebay.xml
icqplugin-11.xml
icqplugin.xml
icqplugin-12.xml
icqplugin-4.xml
conduit.xml
icqplugin-7.xml
icqplugin-13.xml
icqplugin-2.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-8.xml
icqplugin-3.xml
icqplugin-1.xml
icqplugin-9.xml
icqplugin-10.xml
icqplugin-6.xml
icqplugin-5.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll [2009-07-16 664888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-12-09 57224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-02-22 106496]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"=Alaunch []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-07-20 729177]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-11-28 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-11-28 118784]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2005-12-27 69632]
"ADMTray.exe"=C:\Acer\Empowering Technology\admtray.exe [2005-10-24 2462208]
"ntiMUI"=C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2005-05-11 45056]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-12-20 53248]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-27 16248320]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-15 2879488]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-01-17 344064]
"Acer ePower Management"=C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe [2006-01-16 3080192]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-07-20 593920]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\Monitor.exe [2006-01-24 397312]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-11-28 3744552]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-11-03 738944]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2011-11-09 73360]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-05-04 252136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Orb"=C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe [2008-05-14 507904]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""= []
"chromium"=C:\Documents and Settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe [2011-11-15 1036344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileHippo.com]
C:\Program Files\FileHippo.com\UpdateChecker.exe [2010-08-09 248832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flock Update]
C:\Documents and Settings\karel\Local Settings\Data aplikací\Flock\Update\FlockUpdate.exe [2010-12-20 136312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.5\ICQ.exe [2011-08-01 124480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-02-28 63048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-09-01 966712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-05-04 252136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe [2007-11-22 12889088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2008-08-04 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Privoxy.lnk]
C:\PROGRA~1\VIDALI~1\Privoxy\privoxy.exe [2006-11-20 250368]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Documents and Settings\karel\Nabídka Start\Programy\Po spuštění
Dropbox.lnk - C:\Documents and Settings\karel\Data aplikací\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-11-28 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2010-10-06 87424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Orb Networks\Orb\bin\Orb.exe"="C:\Program Files\Orb Networks\Orb\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe"="C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe"="C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\Orb Networks\Orb\bin\xmltv.exe"="C:\Program Files\Orb Networks\Orb\bin\xmltv.exe:*:Enabled:OrbTVGuide"
"C:\Program Files\Orb Networks\Orb\bin\OrbChannelScan.exe"="C:\Program Files\Orb Networks\Orb\bin\OrbChannelScan.exe:*:Enabled:OrbChannelScan"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Java\JRE6\BIN\javaw.exe"="C:\Program Files\Java\JRE6\BIN\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Common Files\Nokia\Fuse\FuseService.exe"="C:\Program Files\Common Files\Nokia\Fuse\FuseService.exe:*:Enabled:Fuse Service"
"C:\Program Files\Nokia\Phoenix\phoenix.exe"="C:\Program Files\Nokia\Phoenix\phoenix.exe:*:Enabled:Phoenix Application"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Documents and Settings\karel\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\karel\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\WINDOWS\System32\ZoneLabs\vsmon.exe"="C:\WINDOWS\System32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"vidc.yv12"=yv12vfw.dll

======List of files/folders created in the last 1 month======

2011-12-09 14:49:59 ----A---- C:\WINDOWS\imsins.BAK
2011-12-09 14:45:15 ----D---- C:\Program Files\Common Files\Java
2011-12-09 14:42:58 ----A---- C:\WINDOWS\system32\javaws.exe
2011-12-09 14:42:58 ----A---- C:\WINDOWS\system32\javaw.exe
2011-12-09 14:42:58 ----A---- C:\WINDOWS\system32\java.exe
2011-12-09 14:36:24 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2011-12-09 10:52:38 ----SHD---- C:\FOUND.012
2011-11-21 00:01:30 ----D---- C:\Program Files\Common Files\Sony Shared
2011-11-20 23:58:21 ----HD---- C:\WINDOWS\$NtUninstallKB942288-v3$
2011-11-20 23:51:51 ----D---- C:\Program Files\Sony Media Go Install
2011-11-20 23:51:50 ----D---- C:\Documents and Settings\karel\Data aplikací\Sony
2011-11-13 12:22:03 ----D---- C:\RM-596
2011-11-12 11:24:26 ----D---- C:\WINDOWS\Internet Logs
2011-11-12 11:23:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\CheckPoint

======List of files/folders modified in the last 1 month======

2011-12-09 14:50:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-09 14:42:42 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-12-09 10:57:42 ----A---- C:\WINDOWS\system32\eRLog.ini
2011-12-09 10:57:24 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2011-12-04 15:07:12 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-12-01 03:16:36 ----A---- C:\WINDOWS\NeroDigital.ini
2011-11-28 18:01:24 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-11-15 02:45:18 ----A---- C:\WINDOWS\ModemLog_Bluetooth Modem.txt
2011-11-13 12:54:26 ----A---- C:\WINDOWS\wincmd.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2004-08-18 13952]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
R0 UBHelper;UBHelper; C:\WINDOWS\system32\drivers\UBHelper.sys [2004-12-17 13952]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 OsaFsLoc;OsaFsLoc; \??\C:\WINDOWS\system32\drivers\OsaFsLoc.sys []
R1 Vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2011-11-09 525840]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys []
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
R2 osanbm;osanbm; \??\C:\WINDOWS\system32\drivers\osanbm.sys []
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-11-01 424320]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-10-31 45312]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-01-17 328061]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-01-17 850474]
R3 Cam5603D;Acer OrbiCam; C:\WINDOWS\System32\Drivers\BisonCam.sys [2006-03-30 576000]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-08 16896]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2005-11-17 60928]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2005-11-17 37888]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2005-11-17 74624]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-24 218496]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-11-28 1353820]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-27 4304384]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-02-28 10144]
R3 NdisFilt;OSA NdisFilter Protocol; C:\WINDOWS\System32\Drivers\NdisFilt.sys [2005-09-13 4392]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-07-10 6144]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-07-20 190592]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-01-17 30459]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-01-17 148900]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2006-01-17 30285]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-01-17 65688]
S3 catchme;catchme; \??\C:\DOCUME~1\karel\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
S3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NETMNT;Acer NetMonitor Protocol; C:\WINDOWS\system32\DRIVERS\NETMNT.sys [2005-05-02 9600]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-05-12 47360]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2005-10-31 46080]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-18 31616]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\WINDOWS\system32\DRIVERS\RtsUCcid.sys [2009-01-23 42496]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-05-18 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vsbus;Virtual Serial Bus Enumerator; C:\WINDOWS\system32\DRIVERS\vsb.sys [2008-07-23 15264]
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\WINDOWS\System32\DRIVERS\vserial.sys [2008-07-23 47744]
S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-11-27 1427968]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 AWService;AdminWorks Agent X6; C:\Acer\Empowering Technology\admServ.exe [2005-10-24 1314816]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-01-17 266295]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 497280]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2011-12-09 161664]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2010-09-27 374152]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2011-11-09 2420616]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 gupdate1c99286569679a;Google Update Service (gupdate1c99286569679a); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-19 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-03-03 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2011-12-09 253600]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-19 133104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S4 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2010-10-06 116104]
S4 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2008-02-28 63040]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Zdravím!
Poprosím o log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[korkis]

tady log z komba....


ComboFix 11-12-10.01 - karel 11.12.2011 18:09:37.4.1 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1336 [GMT 0:00]
Spuštěný z: c:\documents and settings\karel\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Free Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\karel\WINDOWS
c:\windows\msmqinst.log
c:\windows\UA000079.DLL
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-11 do 2011-12-11 )))))))))))))))))))))))))))))))
.
.
2011-12-09 14:45 . 2011-12-09 14:45 -------- d-----w- c:\program files\Common Files\Java
2011-12-09 14:36 . 2011-12-09 23:16 417440 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2011-12-09 10:52 . 2011-12-09 10:52 -------- d-----w- C:\FOUND.012
2011-11-21 00:02 . 2011-11-21 00:02 -------- d-----w- c:\documents and settings\karel\Local Settings\Data aplikací\Sony
2011-11-21 00:01 . 2011-11-21 00:01 -------- d-----w- c:\program files\Common Files\Sony Shared
2011-11-21 00:00 . 2011-11-21 00:00 -------- d-----w- c:\documents and settings\karel\Local Settings\Data aplikací\Downloaded Installations
2011-11-20 23:51 . 2011-11-20 23:51 -------- d-----w- c:\program files\Sony Media Go Install
2011-11-20 23:51 . 2011-11-20 23:51 -------- d-----w- c:\documents and settings\karel\Data aplikací\Sony
2011-11-13 12:22 . 2011-11-13 12:22 -------- d-----w- C:\RM-596
2011-11-12 11:24 . 2011-11-12 11:24 -------- d-----w- c:\windows\Internet Logs
2011-11-12 11:23 . 2011-11-12 11:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\CheckPoint
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-09 23:16 . 2011-05-21 23:08 69792 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-09 14:42 . 2011-04-08 02:18 128000 ----a-w- c:\windows\system32\javacpl.cpl
2011-12-09 14:42 . 2010-07-01 00:42 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-11-28 18:01 . 2010-11-02 17:04 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2009-04-26 22:43 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-04-20 15:31 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2009-04-26 22:44 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2009-04-26 22:44 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2009-04-26 22:44 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2009-04-26 22:44 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:52 . 2009-04-26 22:44 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2009-04-26 22:44 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2009-04-26 22:44 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-10-10 14:22 . 2004-08-18 20:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2004-08-18 20:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 11:41 . 2007-10-09 13:03 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 11:41 . 2004-08-18 20:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 11:41 . 2004-08-18 20:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2007-08-06 12:07 . 2009-02-20 16:37 8784 ----a-w- c:\program files\mozilla firefox\plugins\ractrlkeyhook.dll
2007-07-18 14:54 . 2009-02-20 16:37 245408 ----a-w- c:\program files\mozilla firefox\plugins\unicows.dll
2011-10-03 12:17 . 2011-04-14 02:16 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 07:12 94208 ----a-w- c:\documents and settings\karel\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 07:12 94208 ----a-w- c:\documents and settings\karel\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 07:12 94208 ----a-w- c:\documents and settings\karel\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 07:12 94208 ----a-w- c:\documents and settings\karel\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Orb"="c:\program files\Orb Networks\Orb\bin\OrbTray.exe" [2008-05-14 507904]
"chromium"="c:\documents and settings\karel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe" [2011-11-15 1036344]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-07-20 729177]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-28 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-28 118784]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632]
"ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-12-20 53248]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-27 16248320]
"SkyTel"="SkyTel.EXE" [2006-05-15 2879488]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-01-17 344064]
"Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-01-16 3080192]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-07-20 593920]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 397312]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2011-11-09 73360]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\karel\Nabídka Start\Programy\Po spuštění\
Dropbox.lnk - c:\documents and settings\karel\Data aplikací\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-1-17 618557]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-10-06 03:34 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Privoxy.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Privoxy.lnk
backup=c:\windows\pss\Privoxy.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileHippo.com]
2010-08-09 13:47 248832 ----a-w- c:\program files\FileHippo.com\UpdateChecker.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flock Update]
2010-12-20 13:33 136312 ----a-w- c:\documents and settings\karel\Local Settings\Data aplikací\Flock\Update\FlockUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-08-01 09:28 124480 ----a-w- c:\program files\ICQ7.5\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
2008-02-28 15:31 63048 ----a-w- c:\program files\LogMeIn\x86\LogMeInSystray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 04:22 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-09-01 14:39 966712 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-05-04 13:59 252136 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
2007-11-22 22:49 12889088 ----a-w- c:\program files\Vidalia Bundle\Vidalia\vidalia.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-08-04 00:02 36352 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\xmltv.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\OrbChannelScan.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Java\\JRE6\\BIN\\javaw.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Fuse\\FuseService.exe"=
"c:\\Program Files\\Nokia\\Phoenix\\phoenix.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\karel\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"14385:TCP"= 14385:TCP:BitComet 14385 TCP
"14385:UDP"= 14385:UDP:BitComet 14385 UDP
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [20.4.2011 15:31 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [26.4.2009 22:44 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [26.4.2009 22:44 20568]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [3.11.2011 14:44 27016]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [3.11.2011 14:44 497280]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [7.11.2010 14:42 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [28.2.2008 15:31 12856]
S2 gupdate1c99286569679a;Google Update Service (gupdate1c99286569679a);c:\program files\Google\Update\GoogleUpdate.exe [19.2.2009 12:34 133104]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [9.12.2011 14:36 253600]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [19.2.2009 12:34 133104]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [14.9.2011 1:47 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [14.9.2011 1:47 8576]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [12.5.2009 23:51 47360]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ADOBEFLASHPLAYERUPDATESVC
*NewlyCreated* - JAVAQUICKSTARTERSERVICE
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-19 12:34]
.
2011-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-19 12:34]
.
2011-12-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2011-12-09 23:16]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.atcomet.com/b/
IE: &Download All using 4shared Desktop - c:\program files\4shared Desktop\down_all.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\documents and settings\karel\Data aplikací\Mozilla\Firefox\Profiles\gwd3c2fw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.atcomet.com/b/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-ISW - (no file)
HKU-Default-RunOnce-AutoLaunch - c:\program files\Lavasoft\Ad-Aware\AutoLaunch.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Ad-Watch - c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-11 18:24
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(900)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\system32\igfxdev.dll
.
- - - - - - - > 'lsass.exe'(964)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Celkový čas: 2011-12-11 18:30:31
ComboFix-quarantined-files.txt 2011-12-11 18:30
ComboFix2.txt 2011-03-27 16:44
.
Před spuštěním: 3 207 430 144
Po spuštění: 3 393 650 688
.
- - End Of File - - 6ECDAFB8424C64743821B55C1954EA82

[Rudy]

Několik položek CF smazal, zbytek logu vypadá čistý. Nastala nějaká změna?

[korkis]

ale jo, je to o něco málo rychlejší než to bylo předtím...

asi to jinak nevidím než že přehraju nové widle po 7dmi letech... abych to trošku zrychlil...

[Rudy]

Můžete ještě zkusit vyčistit CCleanerem od balastu: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 , příp. defragmentovat disk.

[korkis]

Ccleaner používám pravidelně, a defragment mám taky hotov, o moc se to nezlepšilo

slyšel jsem že když se navýší RAMka tak se musí něco navýšit i manuálně we windowsech, aby to rychleji šlapalo ale netuším co.... nadstavoval jsem z 512mb na 2giga

[Rudy]

slyšel jsem že když se navýší RAMka tak se musí něco navýšit i manuálně we windowsech......

To určitě ne. Důležité je jen to, aby systém paměť korektně načetl, což se stalo:

Total RAM: 2038 MB (56% free)

Další možností je to, že se vám v kompu něco "pere". Zkuste odinstalovat (standardně přes přidat/ubrat programy) vše, co již nepotřebujete a jen to v kompu zbytečně zabírá místo.

[Rudy]

slyšel jsem že když se navýší RAMka tak se musí něco navýšit i manuálně we windowsech......

To určitě ne. Důležité je jen to, aby systém paměť korektně načetl, což se stalo:

Total RAM: 2038 MB (56% free)

Další možností je to, že se vám v kompu něco "pere". Zkuste odinstalovat (standardně přes přidat/ubrat programy) vše, co již nepotřebujete a jen to v kompu zbytečně zabírá místo.

[korkis]

vymazány nepotřebné programy, i paměti jsem trošku ulevil, znova pročistil Ccleanerem ale pořád je ta rychlost k pláči, největší problémy mám při spuštění videí třeba na youtube... spustím video, zapauzuju ho aby se celé načetlo a pak když přepínám v panelech v chrome, tak kolikrát čekám i několik minut než se panel přepne....

ještě nějaká rada?
už pomalu ztrácím naději a všechna důležitá data kopíruju na externí HDD a připravuju to na reinstal...

Jo a abych nezapomněl.... občas se mi stává že na volbu vypnout nebo restartovat počítač vůbec nereaguje a nevypíná se, takže jednou za čas vypínám noťas natvrdo....

[Rudy]

Udělejte ještě sken GMER: http://www.viry.cz/forum/viewtopic.php?f=29&t=62878 a dejte oba logy.

[korkis]

tákže log číslo 1


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2011-12-18 02:23:47
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 ST9100824A rev.3.06
Running: gmer.exe; Driver: C:\DOCUME~1\karel\LOCALS~1\Temp\axldqpoc.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xA8C21BDA]
SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xA8C21A45]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
AttachedDevice \FileSystem\Fastfat \Fat OsaFsLoc.sys (Filesystem Lock driver/OSA Technologies)

Device \Driver\Tcpip \Device\Ip vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\Tcpip \Device\Tcp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\Tcpip \Device\Udp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

Device \Driver\Tcpip \Device\RawIp vsdatant.sys (ZoneAlarm Firewalling Driver/Check Point Software Technologies LTD)

AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.15 ----


rád bych přidal ten druhý ale hlásí mi to že mám 334247 znaků místo povolených 80000 takže to hážu do přílohy, která jak koukám mi nesebere ani txt, takže to zipuju

[Rudy]

Ani rootkit v systému nemáte. Což znamená, že je nějaký problém v systému samém. Zkontrolujte ještě:

Start>Ovl. panely>systém>hardware>správce zařízení>řadiče IDE/ATA>(klik pravým myšítkem primární/sekundární řadič)>vlastnosti>upřesnit a podívat se, zda je zapnutý DMA režim. Pokud ne, zapněte, nastavení uložte a restartujte PC.

[korkis]

DMA zaplé bylo...

tudíž jsem přešel k variantě přehrání nových widlí a noťas je konečně rychlejší.... takže to tu můžete uzavřít. Nicméně díky za pomoc

[Rudy]

OK, také řešení. Nemáte zač!