VIRY.CZ

Prosím o kontrolu logu. Již delší dobu totiž mám problém s vyskakujícím oknem pravděpodobně vznikajícím z nějakého problému s tiskárnou, nicméně zatím si jej nedovedu řádně vysvětlit. Co se na tomto vyskakujícím okně píše je: " !!!QueryDosDevice failed
Jsou k dispozici další data. "
Nějaký nával BSODek z Windows nebyl, ale přece se pár objevilo (sice před pár měsíci (s tím oknem byl totiž problém delší dobu))
---------------------------------------------------------------------------------------------
Mini100111-01.dmp 1.10.2011 13:05:38 KERNEL_STACK_INPAGE_ERROR 0x00000077 0xc000000e 0xc000000e 0x00000000 0x016b3000 ntoskrnl.exe ntoskrnl.exe+5c846 NT Kernel & System Operační systém Microsoft® Windows® Microsoft Corporation 5.1.2600.6165 (xpsp_sp3_gdr.111025-1629) 32-bit ntoskrnl.exe+5c846 ntoskrnl.exe+49e2a ntoskrnl.exe+110de ntoskrnl.exe+fb51 C:\WINDOWS\Minidump\Mini100111-01.dmp 1 15 2600 90 112
---------------------------------------------------------------------------------------------
Mini092811-01.dmp 28.9.2011 22:44:31 CRITICAL_OBJECT_TERMINATION 0x000000f4 0x00000003 0x863a4da0 0x863a4f14 0x805fb1d6 ntoskrnl.exe ntoskrnl.exe+5c846 NT Kernel & System Operační systém Microsoft® Windows® Microsoft Corporation 5.1.2600.6165 (xpsp_sp3_gdr.111025-1629) 32-bit ntoskrnl.exe+5c846 ntoskrnl.exe+157561 ntoskrnl.exe+124194 ntoskrnl.exe+77ec C:\WINDOWS\Minidump\Mini092811-01.dmp 1 15 2600 90 112
---------------------------------------------------------------------------------------------
Mini053111-01.dmp 31.5.2011 21:06:45 PAGE_FAULT_IN_NONPAGED_AREA 0x10000050 0xe134301c 0x00000000 0xbf82ee0b 0x00000001 win32k.sys win32k.sys+2ee0b Multi-User Win32 Driver Operační systém Microsoft® Windows® Microsoft Corporation 5.1.2600.6178 (xpsp_sp3_gdr.111123-1620) 32-bit win32k.sys+2ee0b win32k.sys+3acc4 win32k.sys+15451f win32k.sys+14b330 C:\WINDOWS\Minidump\Mini053111-01.dmp 1 15 2600 90 112
-----------------------------------------------------------------------------------------------------
Teď konečně ten log z RSITu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by uzivatel at 2011-12-30 13:34:36
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 43 GB (54%) free of 80 GB
Total RAM: 1023 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:34:44, on 30.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
D:\Štěpa\programy\power iso\PowerISO\PWRISOVM.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\ICQ7.4\ICQ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
D:\Downloads\RSIT.exe
C:\Program Files\trend micro\uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:53798
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Štěpa\programy\power iso\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Rychlé spuštění aplikace HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 8457 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\p475vrlv.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://start.icq.com/"
prefs.js - "extensions.enabledItems" - "{3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872, avg@igeared:6.010.006.004, {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:2.1.0.19, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4.1, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, pdfforge@mybrowserbar.com:4.1, wtxpcom@mybrowserbar.com:4.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.19"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =971163&p="

"avg@igeared"=C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{3f963a5b-e555-4543-90e2-c3908898db71}"=C:\Program Files\AVG\AVG9\Firefox
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
aboutRights.js
aboutRobots.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npnul32.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
fcmdSrch.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\p475vrlv.default\extensions\
engine@conduit.com
plugin3@gameplaylabs.com
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\p475vrlv.default\searchplugins\
askcom.xml
conduit.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"HP Software Update"=c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-04-26 589824]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"PWRISOVM.EXE"=D:\Štěpa\programy\power iso\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2011-11-29 3508624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-12-21 1483264]
"ICQ"=C:\Program Files\ICQ7.4\ICQ.exe [2011-04-05 119608]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2011-11-29 935312]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-11-29 21392]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Rychlé spuštění aplikace HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoSMHelp"=1
"NoSMConfigurePrograms"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDesktopCleanupWizard"=1
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\VUGames\SWAT 4\Content\System\Swat4DedicatedServer.exe"="C:\Program Files\VUGames\SWAT 4\Content\System\Swat4DedicatedServer.exe:*:Enabled:SWAT 4"
"D:\Virtuos\ICQ6\ICQ6.5\ICQ.exe"="D:\Virtuos\ICQ6\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe"="C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe:*:Enabled:CLI Application (Command Line Interface)"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe"="C:\Program Files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.patch.exe"="C:\Program Files\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"="C:\Program Files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.LEAD"=LCODCCMP.DLL
"MSVideo8"=VfWWDM32.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"VIDC.I420"=msh263.drv

======List of files/folders created in the last 1 month======

2011-12-30 13:34:36 ----D---- C:\rsit
2011-12-25 21:17:08 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Temp
2011-12-25 20:29:40 ----D---- C:\Program Files\MyFree Codec
2011-12-25 20:26:26 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Samsung
2011-12-25 20:21:25 ----A---- C:\WINDOWS\system32\drivers\sscemdfl.sys
2011-12-25 20:21:25 ----A---- C:\WINDOWS\system32\drivers\sscecmnt.sys
2011-12-25 20:21:25 ----A---- C:\WINDOWS\system32\drivers\sscecm.sys
2011-12-25 20:21:24 ----A---- C:\WINDOWS\system32\drivers\sscemdm.sys
2011-12-25 20:21:23 ----A---- C:\WINDOWS\system32\drivers\sscewhnt.sys
2011-12-25 20:21:23 ----A---- C:\WINDOWS\system32\drivers\sscewh.sys
2011-12-25 20:21:23 ----A---- C:\WINDOWS\system32\drivers\sscebus.sys
2011-12-25 20:18:42 ----A---- C:\WINDOWS\system32\Redemption.dll
2011-12-25 20:16:40 ----D---- C:\Program Files\MarkAny
2011-12-25 20:16:40 ----A---- C:\WINDOWS\system32\drivers\dgderdrv.sys
2011-12-25 20:16:40 ----A---- C:\WINDOWS\system32\DIFxAPI.dll
2011-12-25 20:16:40 ----A---- C:\WINDOWS\system32\dgderapi.dll
2011-12-25 20:13:22 ----D---- C:\Program Files\Samsung
2011-12-25 20:13:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Samsung
2011-12-14 21:57:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2011-12-14 21:56:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2011-12-13 22:22:02 ----D---- C:\b0e315a4bc22c9da9f
2011-12-13 22:19:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2011-12-13 22:19:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2011-12-13 22:19:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2011-12-13 22:18:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2011-12-13 22:17:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$
2011-12-07 17:40:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\tmp
2011-12-07 17:27:51 ----D---- C:\Program Files\Fotolab
2011-12-07 16:37:24 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 month======

2011-12-30 13:34:44 ----D---- C:\WINDOWS\Prefetch
2011-12-30 13:34:40 ----D---- C:\Program Files\trend micro
2011-12-30 13:31:52 ----D---- C:\WINDOWS\Temp
2011-12-30 13:29:18 ----AD---- C:\WINDOWS
2011-12-29 22:59:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-12-29 21:36:38 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Skype
2011-12-29 20:35:13 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\ICQ
2011-12-29 18:33:03 ----D---- C:\Program Files\MPlayer for Windows
2011-12-25 22:39:19 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-25 21:24:48 ----D---- C:\WINDOWS\system32
2011-12-25 21:24:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-25 21:17:59 ----D---- C:\temp
2011-12-25 20:44:12 ----D---- C:\WINDOWS\system32\drivers
2011-12-25 20:43:58 ----HD---- C:\WINDOWS\inf
2011-12-25 20:29:40 ----RD---- C:\Program Files
2011-12-25 20:22:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-12-25 20:16:27 ----SHD---- C:\WINDOWS\Installer
2011-12-25 20:16:27 ----HD---- C:\Program Files\InstallShield Installation Information
2011-12-25 20:16:25 ----D---- C:\Config.Msi
2011-12-23 11:02:14 ----D---- C:\Program Files\Mozilla Firefox
2011-12-14 22:00:53 ----D---- C:\WINDOWS\system32\dllcache
2011-12-14 22:00:44 ----D---- C:\WINDOWS\system32\cs-cz
2011-12-14 22:00:44 ----D---- C:\Program Files\Internet Explorer
2011-12-14 22:00:05 ----D---- C:\WINDOWS\ie7updates
2011-12-14 21:59:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-12-14 21:58:38 ----RSD---- C:\WINDOWS\assembly
2011-12-14 21:57:12 ----A---- C:\WINDOWS\imsins.BAK
2011-12-14 20:22:35 ----A---- C:\WINDOWS\win.ini
2011-12-13 22:22:04 ----A---- C:\WINDOWS\system32\MRT.exe
2011-12-13 22:19:05 ----HD---- C:\WINDOWS\$hf_mig$
2011-12-07 17:36:07 ----D---- C:\WINDOWS\WinSxS
2011-12-07 16:32:44 ----A---- C:\WINDOWS\DUMP857b.tmp
2011-12-02 19:24:19 ----D---- C:\Program Files\World of Warcraft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2005-04-26 60928]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-04-25 4030144]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-22 51088]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-22 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-22 21744]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-11 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 PAC207;PC Camera; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2007-05-29 508160]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\WINDOWS\system32\DRIVERS\sscebus.sys [2011-10-27 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\WINDOWS\system32\DRIVERS\sscemdfl.sys [2011-10-27 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\WINDOWS\system32\DRIVERS\sscemdm.sys [2011-10-27 123648]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-05-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-03-17 520192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
Prosím tedy o kontrolu a radu

.

To okno se po klasickém zavření zobrazuje v kratkých pravidelných intervalech. "Natvrdo" vypnout jej lze tedy až přes správce úloh.

Zdravím, spíše bych řekl že máš problém s pamětí (RAM) než s tiskárnou.

Tohle fixni v HJT :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

HJT najdeš zde :

C:\Program Files\trend micro\uzivatel.exe

Fix znamená že spustíš HJT Obrázek

jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

Přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj ICQ6Toolbar

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

ComboFix 11-12-31.02 - uzivatel 31.12.2011 16:46:57.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.571 [GMT 1:00]
Spuštěný z: c:\documents and settings\uzivatel\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\uzivatel\LOCALS~1\Temp\8aefdf3f-82dc-462e-be91-2ca1c43911cf\CliSecureRT.dll
c:\documents and settings\All Users\Dokumenty\dll
c:\documents and settings\uzivatel\Local Settings\Temp\8aefdf3f-82dc-462e-be91-2ca1c43911cf\CliSecureRT.dll
c:\windows\alcrmv.exe
c:\windows\iun6002.exe
c:\windows\system32\muzapp.exe
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-28 do 2011-12-31 )))))))))))))))))))))))))))))))
.
.
2011-12-31 15:23 . 2011-12-31 15:23 -------- d-----w- c:\program files\CCleaner
2011-12-30 12:34 . 2011-12-30 12:34 -------- d-----w- C:\rsit
2011-12-25 20:17 . 2011-12-25 20:17 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Temp
2011-12-25 19:29 . 2011-12-25 19:29 -------- d-----w- c:\program files\MyFree Codec
2011-12-25 19:26 . 2011-12-25 19:26 -------- d-----w- c:\documents and settings\uzivatel\Local Settings\Data aplikací\Samsung
2011-12-25 19:26 . 2011-12-25 19:26 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Samsung
2011-12-25 19:21 . 2011-10-27 01:25 14848 ----a-w- c:\windows\system32\drivers\sscemdfl.sys
2011-12-25 19:21 . 2011-10-27 01:25 12416 ----a-w- c:\windows\system32\drivers\sscecmnt.sys
2011-12-25 19:21 . 2011-10-27 01:25 12416 ----a-w- c:\windows\system32\drivers\sscecm.sys
2011-12-25 19:21 . 2011-10-27 01:25 123648 ----a-w- c:\windows\system32\drivers\sscemdm.sys
2011-12-25 19:21 . 2011-10-27 01:25 98560 ----a-w- c:\windows\system32\drivers\sscebus.sys
2011-12-25 19:21 . 2011-10-27 01:25 12288 ----a-w- c:\windows\system32\drivers\sscewhnt.sys
2011-12-25 19:21 . 2011-10-27 01:25 12288 ----a-w- c:\windows\system32\drivers\sscewh.sys
2011-12-25 19:18 . 2011-11-29 15:39 4659712 ----a-w- c:\windows\system32\Redemption.dll
2011-12-25 19:16 . 2011-12-25 19:16 -------- d-----w- c:\program files\MarkAny
2011-12-25 19:16 . 2011-11-29 15:38 821824 ----a-w- c:\windows\system32\dgderapi.dll
2011-12-25 19:16 . 2011-11-29 15:38 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2011-12-25 19:16 . 2011-11-29 15:38 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2011-12-25 19:13 . 2011-12-25 19:20 -------- d-----w- c:\program files\Samsung
2011-12-25 19:13 . 2011-12-25 19:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Samsung
2011-12-13 21:22 . 2011-12-13 21:22 -------- d-----w- C:\b0e315a4bc22c9da9f
2011-12-07 16:40 . 2011-12-12 21:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\tmp
2011-12-07 16:27 . 2011-12-07 16:27 -------- d-----w- c:\program files\Fotolab
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-24 13:39 . 2011-05-14 05:32 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-07 15:32 . 2009-06-06 15:38 90112 ----a-w- c:\windows\DUMP857b.tmp
2011-11-29 15:38 . 2011-11-29 15:38 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-11-29 15:38 . 2011-11-29 15:38 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-11-29 15:38 . 2011-11-29 15:38 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-11-29 15:38 . 2011-11-29 15:38 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2011-11-29 15:38 . 2011-11-29 15:38 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2011-11-29 15:38 . 2011-11-29 15:38 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2011-11-29 15:38 . 2011-11-29 15:38 569344 ----a-w- c:\windows\system32\muzdecode.ax
2011-11-29 15:38 . 2011-11-29 15:38 491520 ----a-w- c:\windows\system32\muzapp.dll
2011-11-29 15:38 . 2011-11-29 15:38 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2011-11-29 15:38 . 2011-11-29 15:38 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2011-11-29 15:38 . 2011-11-29 15:38 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2011-11-29 15:38 . 2011-11-29 15:38 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2011-11-29 15:38 . 2011-11-29 15:38 40960 ----a-w- c:\windows\system32\MAMACExtract.dll
2011-11-29 15:38 . 2011-11-29 15:38 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2011-11-29 15:38 . 2011-11-29 15:38 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2011-11-29 15:38 . 2011-11-29 15:38 245760 ----a-w- c:\windows\system32\MSCLib.dll
2011-11-29 15:38 . 2011-11-29 15:38 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe
2011-11-29 15:38 . 2011-11-29 15:38 200704 ----a-w- c:\windows\system32\muzwmts.dll
2011-11-29 15:38 . 2011-11-29 15:38 155648 ----a-w- c:\windows\system32\MSFLib.dll
2011-11-29 15:38 . 2011-11-29 15:38 143360 ----a-w- c:\windows\system32\3DAudio.ax
2011-11-29 15:38 . 2011-11-29 15:38 14336 ----a-w- c:\windows\system32\avrt.dll
2011-11-29 15:38 . 2011-11-29 15:38 135168 ----a-w- c:\windows\system32\muzaf1.dll
2011-11-29 15:38 . 2011-11-29 15:38 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2011-11-29 15:38 . 2011-11-29 15:38 122880 ----a-w- c:\windows\system32\muzeffect.ax
2011-11-29 15:38 . 2011-11-29 15:38 118784 ----a-w- c:\windows\system32\MaDRM.dll
2011-11-29 15:38 . 2011-11-29 15:38 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2011-11-28 18:01 . 2011-03-05 11:22 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-03-05 11:22 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-03-05 11:22 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-03-05 11:22 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-03-05 11:22 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-03-05 11:22 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-03-05 11:22 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-03-05 11:22 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-03-05 11:22 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-03-05 11:22 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-23 14:40 . 2008-04-14 05:45 1859584 ------w- c:\windows\system32\win32k.sys
2011-11-01 16:07 . 2008-04-14 06:51 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-31 23:37 . 2008-05-18 21:06 832512 ----a-w- c:\windows\system32\wininet.dll
2011-10-31 23:37 . 2008-05-18 21:05 1830912 ------w- c:\windows\system32\inetcpl.cpl
2011-10-31 23:37 . 2008-05-18 21:05 78336 ------w- c:\windows\system32\ieencode.dll
2011-10-31 23:37 . 2008-05-18 21:05 17408 ------w- c:\windows\system32\corpol.dll
2011-10-28 05:32 . 2008-04-14 06:51 33280 ------w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2008-04-14 08:06 2071552 ------w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 10:50 . 2008-04-14 06:07 2194944 ------w- c:\windows\system32\ntoskrnl.exe
2011-10-18 11:13 . 2008-04-14 06:51 186880 ------w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2009-06-06 13:50 692736 ------w- c:\windows\system32\inetcomm.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" [2011-04-05 119608]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-11-29 935312]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-11-29 21392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2005-04-26 589824]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"PWRISOVM.EXE"="d:\štěpa\programy\power iso\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-11-29 3508624]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2011-10-31 124928]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
Rychlé spuštění aplikace HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-28 53248]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\VUGames\\SWAT 4\\Content\\System\\Swat4DedicatedServer.exe"=
"c:\\Program Files\\ATI Technologies\\ATI.ACE\\CLI.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [5.3.2011 12:22 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [5.3.2011 12:22 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5.3.2011 12:22 20568]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 PAC207;PC Camera;c:\windows\system32\drivers\PFC027.SYS [29.5.2007 12:30 508160]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [25.12.2011 20:21 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [25.12.2011 20:21 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [25.12.2011 20:21 123648]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyServer = http=127.0.0.1:53798
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\p475vrlv.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=971163&p=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-31 17:00
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OOSAFEERASE03.00.00.01MSWINDOWS"="D2DF06E18AAD372FF58051A255B4350AAF307CEF8F04AE5205A81576ADC777EFA7A46CA4AE1CEC35D5CA6CB48555178F4ADC7A018D1C4A083CBCE42E11D9E817E7426CA7E0FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452FEBC9E127BECC74C9DB7CE019D40AA5C5F43E7773EF8214B9964C28AF00F6F588ACDDFA28E92BBADAE81B068085989AA247D4EE9B7CCB0858EF2C52735EFD3E55A8E38AB7A6CA783C4D9CDC4573910E13A1F77B7384C859903E4F918B8D9CAA7BEFBD2A188ACFB5833186727200260BE65F88793440499B507A6B9F25EC2157EB63ADD989950DBDF86BAA0C7DF5A23E05D05B77418E4BB0EA0C9710FBC0547CFB2929CE9C2BA41CF3DE3B01F48CCD572CEDE529421428F5BC883A309A1DB488399F46432CB317760495BE16BBF49CA1CD94539F481D48A576CAB64410A6AD38545729FD3315F22CF140C95AFDEA3288B911E60581039F8426BBFDD5B2B3679480340CCF2A45233DF7604BC31F392E7757E6F50C458EF77609DE04DBF6C271DBE17B87DF789FDF556C0F65F7A003157109D662486975E7B7949538399680B7763B4D9D911783805FCB5BC1A5A38FE17155D528E2C41CAC958AC0166DAEE94933108451A30BEBA51218BCD9BE186619FC2A32751097BE2FECD7876EDB50458D1A82E418D09DA2521936E4AA5E6889C385EC67DC5B421B7872DD1E3A824DE4FE350B8B7169505788C2BFC76118510DE7FAB13105889C03B28CC529FB7E06B57D4AFAEB5AA92229B0042C9B6C8992135E677C8BE88A71BC8F5090620506D4932FDD20A6F5481D0D93CB4DC184C47F715B58F9C0EEB70299BDD42ED053B0DCA0510CAB8B733A66060566530C8AD737E558345B527A98C14D29CDB800ED54879D88DAD1B0B778DD5C2363A331A96C75AB0BF7130537E673B74463DA51F91EA8E9AD0928905E800EAF59A1B4906BF345DC5ABED1D05BAAFB0E8C0D13AC274057B9C0395CDE961110A5592F64925F9E8931A5D19FE4DC2573A7B48890F25176B6215A5D8A31D4E96D420833F7D3728DEB914BED5CEE60E9753DD69586A17A6351B9B0C00BF2BB3A7A076A66AA59EC0CC41FE0C8A78ACA96AAA2309B4840EE43FB22FDDB5C6C026A374E00870F4E251B2CF0A5822DB1EB50FA2445C1C0B2226AAE6301723532FD0AA8D4909D0122E7653BE4A890BCC5E6608D11E6F8D9E9054D92B63867B736C72A0DC7C5D8B98CFE4341BB4D83813B7051F0271200C53BAECF4A7F3D173A8135B31062F8E27173B649EA726D4A06C146CDB32E0219FB2A581E9B86EEE43696174C7E176F92E10864E21D8DCDD3E07040D1094F57AD33BF8B5E76DC329269E3836167D4D4F2CFAED148E587E2B1008BC6BCD119D85B85C0245"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(784)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2948)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\wpdshserviceobj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\rundll32.exe
d:\c:\Program Files\AVAST Software\Avast\avastUI.exe
c:\program files\HP\Digital Imaging\bin\hpqgalry.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Celkový čas: 2011-12-31 17:08:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-31 16:07
.
Před spuštěním: Volných bajtů: 47 189 438 464
Po spuštění: Volných bajtů: 47 731 392 512
.
- - End Of File - - F056CAB516C43F09E451B32301B5E75D

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File::  
c:\windows\DUMP857b.tmp

Folder::
c:\Program Files\AVG

FireFox::
FF - ProfilePath - c:\documents and settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\p475vrlv.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

ComboFix 11-12-31.02 - uzivatel 01.01.2012 0:13.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.600 [GMT 1:00]
Spuštěný z: c:\documents and settings\uzivatel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\uzivatel\Plocha\CFScript.txt
.
FILE ::
"c:\windows\DUMP857b.tmp"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\uzivatel\LOCALS~1\Temp\8aefdf3f-82dc-462e-be91-2ca1c43911cf\CliSecureRT.dll
c:\documents and settings\uzivatel\Local Settings\Temp\8aefdf3f-82dc-462e-be91-2ca1c43911cf\CliSecureRT.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-28 do 2011-12-31 )))))))))))))))))))))))))))))))
.
.
2011-12-31 15:23 . 2011-12-31 15:23 -------- d-----w- c:\program files\CCleaner
2011-12-30 12:34 . 2011-12-30 12:34 -------- d-----w- C:\rsit
2011-12-25 20:17 . 2011-12-25 20:17 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Temp
2011-12-25 19:29 . 2011-12-25 19:29 -------- d-----w- c:\program files\MyFree Codec
2011-12-25 19:26 . 2011-12-25 19:26 -------- d-----w- c:\documents and settings\uzivatel\Local Settings\Data aplikací\Samsung
2011-12-25 19:26 . 2011-12-25 19:26 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Samsung
2011-12-25 19:21 . 2011-10-27 01:25 14848 ----a-w- c:\windows\system32\drivers\sscemdfl.sys
2011-12-25 19:21 . 2011-10-27 01:25 12416 ----a-w- c:\windows\system32\drivers\sscecmnt.sys
2011-12-25 19:21 . 2011-10-27 01:25 12416 ----a-w- c:\windows\system32\drivers\sscecm.sys
2011-12-25 19:21 . 2011-10-27 01:25 123648 ----a-w- c:\windows\system32\drivers\sscemdm.sys
2011-12-25 19:21 . 2011-10-27 01:25 98560 ----a-w- c:\windows\system32\drivers\sscebus.sys
2011-12-25 19:21 . 2011-10-27 01:25 12288 ----a-w- c:\windows\system32\drivers\sscewhnt.sys
2011-12-25 19:21 . 2011-10-27 01:25 12288 ----a-w- c:\windows\system32\drivers\sscewh.sys
2011-12-25 19:18 . 2011-11-29 15:39 4659712 ----a-w- c:\windows\system32\Redemption.dll
2011-12-25 19:16 . 2011-12-25 19:16 -------- d-----w- c:\program files\MarkAny
2011-12-25 19:16 . 2011-11-29 15:38 821824 ----a-w- c:\windows\system32\dgderapi.dll
2011-12-25 19:16 . 2011-11-29 15:38 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2011-12-25 19:16 . 2011-11-29 15:38 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2011-12-25 19:13 . 2011-12-25 19:20 -------- d-----w- c:\program files\Samsung
2011-12-25 19:13 . 2011-12-25 19:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Samsung
2011-12-13 21:22 . 2011-12-13 21:22 -------- d-----w- C:\b0e315a4bc22c9da9f
2011-12-07 16:40 . 2011-12-12 21:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\tmp
2011-12-07 16:27 . 2011-12-07 16:27 -------- d-----w- c:\program files\Fotolab
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-24 13:39 . 2011-05-14 05:32 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-07 15:32 . 2009-06-06 15:38 90112 ----a-w- c:\windows\DUMP857b.tmp
2011-11-29 15:38 . 2011-11-29 15:38 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-11-29 15:38 . 2011-11-29 15:38 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-11-29 15:38 . 2011-11-29 15:38 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-11-29 15:38 . 2011-11-29 15:38 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2011-11-29 15:38 . 2011-11-29 15:38 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2011-11-29 15:38 . 2011-11-29 15:38 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2011-11-29 15:38 . 2011-11-29 15:38 569344 ----a-w- c:\windows\system32\muzdecode.ax
2011-11-29 15:38 . 2011-11-29 15:38 491520 ----a-w- c:\windows\system32\muzapp.dll
2011-11-29 15:38 . 2011-11-29 15:38 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2011-11-29 15:38 . 2011-11-29 15:38 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2011-11-29 15:38 . 2011-11-29 15:38 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2011-11-29 15:38 . 2011-11-29 15:38 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2011-11-29 15:38 . 2011-11-29 15:38 40960 ----a-w- c:\windows\system32\MAMACExtract.dll
2011-11-29 15:38 . 2011-11-29 15:38 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2011-11-29 15:38 . 2011-11-29 15:38 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2011-11-29 15:38 . 2011-11-29 15:38 245760 ----a-w- c:\windows\system32\MSCLib.dll
2011-11-29 15:38 . 2011-11-29 15:38 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe
2011-11-29 15:38 . 2011-11-29 15:38 200704 ----a-w- c:\windows\system32\muzwmts.dll
2011-11-29 15:38 . 2011-11-29 15:38 155648 ----a-w- c:\windows\system32\MSFLib.dll
2011-11-29 15:38 . 2011-11-29 15:38 143360 ----a-w- c:\windows\system32\3DAudio.ax
2011-11-29 15:38 . 2011-11-29 15:38 14336 ----a-w- c:\windows\system32\avrt.dll
2011-11-29 15:38 . 2011-11-29 15:38 135168 ----a-w- c:\windows\system32\muzaf1.dll
2011-11-29 15:38 . 2011-11-29 15:38 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2011-11-29 15:38 . 2011-11-29 15:38 122880 ----a-w- c:\windows\system32\muzeffect.ax
2011-11-29 15:38 . 2011-11-29 15:38 118784 ----a-w- c:\windows\system32\MaDRM.dll
2011-11-29 15:38 . 2011-11-29 15:38 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2011-11-28 18:01 . 2011-03-05 11:22 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-03-05 11:22 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-03-05 11:22 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-03-05 11:22 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-03-05 11:22 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-03-05 11:22 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-03-05 11:22 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-03-05 11:22 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-03-05 11:22 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-03-05 11:22 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-23 14:40 . 2008-04-14 05:45 1859584 ------w- c:\windows\system32\win32k.sys
2011-11-01 16:07 . 2008-04-14 06:51 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-31 23:37 . 2008-05-18 21:06 832512 ----a-w- c:\windows\system32\wininet.dll
2011-10-31 23:37 . 2008-05-18 21:05 1830912 ------w- c:\windows\system32\inetcpl.cpl
2011-10-31 23:37 . 2008-05-18 21:05 78336 ------w- c:\windows\system32\ieencode.dll
2011-10-31 23:37 . 2008-05-18 21:05 17408 ------w- c:\windows\system32\corpol.dll
2011-10-28 05:32 . 2008-04-14 06:51 33280 ------w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2008-04-14 08:06 2071552 ------w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 10:50 . 2008-04-14 06:07 2194944 ------w- c:\windows\system32\ntoskrnl.exe
2011-10-18 11:13 . 2008-04-14 06:51 186880 ------w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2009-06-06 13:50 692736 ------w- c:\windows\system32\inetcomm.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-31_16.01.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-31 23:28 . 2011-12-31 23:28 16384 c:\windows\Temp\Perflib_Perfdata_a4.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" [2011-04-05 119608]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-11-29 935312]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-11-29 21392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2005-04-26 589824]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"PWRISOVM.EXE"="d:\štěpa\programy\power iso\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-11-29 3508624]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2011-10-31 124928]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-5-28 241664]
Rychlé spuštění aplikace HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-28 53248]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\VUGames\\SWAT 4\\Content\\System\\Swat4DedicatedServer.exe"=
"c:\\Program Files\\ATI Technologies\\ATI.ACE\\CLI.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [5.3.2011 12:22 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [5.3.2011 12:22 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5.3.2011 12:22 20568]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 PAC207;PC Camera;c:\windows\system32\drivers\PFC027.SYS [29.5.2007 12:30 508160]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [25.12.2011 20:21 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [25.12.2011 20:21 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [25.12.2011 20:21 123648]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyServer = http=127.0.0.1:53798
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\p475vrlv.default\
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=971163&p=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-01 00:35
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OOSAFEERASE03.00.00.01MSWINDOWS"="D2DF06E18AAD372FF58051A255B4350AAF307CEF8F04AE5205A81576ADC777EFA7A46CA4AE1CEC35D5CA6CB48555178F4ADC7A018D1C4A083CBCE42E11D9E817E7426CA7E0FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452FEBC9E127BECC74C9DB7CE019D40AA5C5F43E7773EF8214B9964C28AF00F6F588ACDDFA28E92BBADAE81B068085989AA247D4EE9B7CCB0858EF2C52735EFD3E55A8E38AB7A6CA783C4D9CDC4573910E13A1F77B7384C859903E4F918B8D9CAA7BEFBD2A188ACFB5833186727200260BE65F88793440499B507A6B9F25EC2157EB63ADD989950DBDF86BAA0C7DF5A23E05D05B77418E4BB0EA0C9710FBC0547CFB2929CE9C2BA41CF3DE3B01F48CCD572CEDE529421428F5BC883A309A1DB488399F46432CB317760495BE16BBF49CA1CD94539F481D48A576CAB64410A6AD38545729FD3315F22CF140C95AFDEA3288B911E60581039F8426BBFDD5B2B3679480340CCF2A45233DF7604BC31F392E7757E6F50C458EF77609DE04DBF6C271DBE17B87DF789FDF556C0F65F7A003157109D662486975E7B7949538399680B7763B4D9D911783805FCB5BC1A5A38FE17155D528E2C41CAC958AC0166DAEE94933108451A30BEBA51218BCD9BE186619FC2A32751097BE2FECD7876EDB50458D1A82E418D09DA2521936E4AA5E6889C385EC67DC5B421B7872DD1E3A824DE4FE350B8B7169505788C2BFC76118510DE7FAB13105889C03B28CC529FB7E06B57D4AFAEB5AA92229B0042C9B6C8992135E677C8BE88A71BC8F5090620506D4932FDD20A6F5481D0D93CB4DC184C47F715B58F9C0EEB70299BDD42ED053B0DCA0510CAB8B733A66060566530C8AD737E558345B527A98C14D29CDB800ED54879D88DAD1B0B778DD5C2363A331A96C75AB0BF7130537E673B74463DA51F91EA8E9AD0928905E800EAF59A1B4906BF345DC5ABED1D05BAAFB0E8C0D13AC274057B9C0395CDE961110A5592F64925F9E8931A5D19FE4DC2573A7B48890F25176B6215A5D8A31D4E96D420833F7D3728DEB914BED5CEE60E9753DD69586A17A6351B9B0C00BF2BB3A7A076A66AA59EC0CC41FE0C8A78ACA96AAA2309B4840EE43FB22FDDB5C6C026A374E00870F4E251B2CF0A5822DB1EB50FA2445C1C0B2226AAE6301723532FD0AA8D4909D0122E7653BE4A890BCC5E6608D11E6F8D9E9054D92B63867B736C72A0DC7C5D8B98CFE4341BB4D83813B7051F0271200C53BAECF4A7F3D173A8135B31062F8E27173B649EA726D4A06C146CDB32E0219FB2A581E9B86EEE43696174C7E176F92E10864E21D8DCDD3E07040D1094F57AD33BF8B5E76DC329269E3836167D4D4F2CFAED148E587E2B1008BC6BCD119D85B85C0245"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(780)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2428)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\wpdshserviceobj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\rundll32.exe
d:\c:\Program Files\AVAST Software\Avast\avastUI.exe
c:\program files\HP\Digital Imaging\bin\hpqgalry.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Celkový čas: 2012-01-01 00:40:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-31 23:40
ComboFix2.txt 2011-12-31 16:08
.
Před spuštěním: Volných bajtů: 47 492 915 200
Po spuštění: Volných bajtů: 47 471 124 480
.
- - End Of File - - 02086FAC972D6BE642E9F83394E87023

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

V Nouzovém režimu protáhni PC přes AVG Remover

Pak dej vědět jaký je stav PC.

VIRY.CZ

Pop_Up_okno

Pop_Up_okno

Re: Pop_Up_okno

Re: Pop_Up_okno

Re: Pop_Up_okno

Re: Pop_Up_okno

Re: Pop_Up_okno

Re: Pop_Up_okno