Prosím o kontrolu,laguje skype přitom je internet vpořádku
Napsal: 04 led 2012 19:14
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jetyxx at 2012-01-04 19:12:04
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 103 GB (54%) free of 191 GB
Total RAM: 1023 MB (22% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-10 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2002-07-23 477184]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-01-20 77824]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-11-17 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-11-17 86016]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"HTC Sync Loader"=C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-11-01 593920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"Ipnunc"=C:\Documents and Settings\Jetyxx\Data aplikací\Ipnunc.exe [2012-01-03 252731]
"Microsoft DLL Registaation"=C:\Documents and Settings\Jetyxx\Data aplikací\regsrv33.exe [2012-01-03 8704]
C:\Documents and Settings\Jetyxx\Nabídka Start\Programy\Po spuštění
_uninst_64233572.lnk - C:\Documents and Settings\Jetyxx\Local Settings\temp\_uninst_64233572.bat
_uninst_95649398.lnk - C:\Documents and Settings\Jetyxx\Local Settings\temp\_uninst_95649398.bat
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
Windows Task Services - C:\Documents and Settings\Jetyxx\Data aplikací\2B0.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BitTorrent\BitTorrent.exe"="C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Garena Classic\Garena.exe"="C:\Program Files\Garena Classic\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Garena Plus\Room\garena_room.exe"="C:\Program Files\Garena Plus\Room\garena_room.exe:*:Enabled:Garena"
"C:\Program Files\Orcs Must Die!\Build\release\OrcsMustDie.exe"="C:\Program Files\Orcs Must Die!\Build\release\OrcsMustDie.exe:*:Enabled:Orcs Must Die!"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
======List of files/folders created in the last 1 month======
2012-01-04 19:10:05 ----A---- C:\Documents and Settings\Jetyxx\Data aplikací\A.exe
2012-01-04 19:09:56 ----A---- C:\Documents and Settings\Jetyxx\Data aplikací\5.exe
2012-01-03 20:04:41 ----A---- C:\Documents and Settings\Jetyxx\Data aplikací\Ipnunc.exe
2012-01-03 01:22:46 ----A---- C:\Documents and Settings\Jetyxx\Data aplikací\regsrv33.exe
2012-01-03 01:22:43 ----A---- C:\Documents and Settings\Jetyxx\Data aplikací\2B1.exe
2011-12-19 09:21:53 ----D---- C:\WINDOWS\Sun
2011-12-13 13:05:15 ----D---- C:\Program Files\Counter-Strike Source
2011-12-08 15:56:17 ----D---- C:\Program Files\Machinarium
2011-12-06 20:42:38 ----RD---- C:\Program Files\Skype
2011-12-06 20:42:38 ----D---- C:\Program Files\Common Files\Skype
2011-12-05 22:36:15 ----SHD---- C:\RECYCLER
2011-12-05 21:14:26 ----A---- C:\Documents and Settings\Jetyxx\Data aplikací\7.exe
2011-12-05 21:12:11 ----A---- C:\ComboFix.txt
======List of files/folders modified in the last 1 month======
2012-01-04 19:10:25 ----D---- C:\Documents and Settings\Jetyxx\Data aplikací\Skype
2012-01-04 19:09:59 ----D---- C:\WINDOWS\Temp
2012-01-04 19:09:58 ----D---- C:\Documents and Settings\Jetyxx\Data aplikací\skypePM
2012-01-04 19:09:51 ----D---- C:\WINDOWS
2012-01-04 19:09:23 ----D---- C:\WINDOWS\system32\drivers
2012-01-04 16:20:14 ----D---- C:\Program Files\Warcraft III Frozen Throne eSK
2012-01-04 14:52:07 ----D---- C:\Program Files\Garena Classic
2012-01-04 11:21:44 ----D---- C:\WINDOWS\Prefetch
2012-01-03 12:27:54 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-03 01:03:31 ----D---- C:\WINDOWS\system32
2012-01-03 01:03:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-02 22:07:57 ----D---- C:\Documents and Settings\Jetyxx\Data aplikací\GarenaPlus
2012-01-02 16:00:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\GarenaMessenger
2012-01-01 14:00:35 ----D---- C:\Documents and Settings\Jetyxx\Data aplikací\HTC
2011-12-29 08:40:44 ----HD---- C:\WINDOWS\inf
2011-12-29 08:39:47 ----SHD---- C:\WINDOWS\Installer
2011-12-29 08:39:44 ----D---- C:\Config.Msi
2011-12-29 08:31:54 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-12-29 08:31:40 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-12-29 08:05:15 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-12-29 08:01:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-27 11:47:25 ----RD---- C:\Program Files
2011-12-19 15:57:29 ----D---- C:\Program Files\Garena Plus
2011-12-19 14:06:00 ----D---- C:\Program Files\Java
2011-12-19 14:01:14 ----D---- C:\Documents and Settings\Jetyxx\Data aplikací\BitTorrent
2011-12-19 14:01:13 ----D---- C:\WINDOWS\SoftwareDistribution
2011-12-13 22:21:43 ----D---- C:\Documents and Settings\Jetyxx\Data aplikací\vlc
2011-12-06 20:42:38 ----D---- C:\Program Files\Common Files
2011-12-06 20:42:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-12-05 22:36:55 ----SHD---- C:\System Volume Information
2011-12-05 21:13:26 ----D---- C:\Qoobox
2011-12-05 21:10:04 ----A---- C:\WINDOWS\system.ini
2011-12-05 21:09:49 ----D---- C:\WINDOWS\system32\drivers\etc
2011-12-05 21:07:16 ----D---- C:\WINDOWS\AppPatch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2004-04-02 21760]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-18 61056]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-10-10 232512]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-01-28 2310272]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-11-17 3994688]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Classic\safedrv.sys []
S3 HTCAND32;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
S3 htcnprot;HTC NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [2010-06-22 21248]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2004-08-03 12672]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-01-19 503144]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-10 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-11-17 159811]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
předem děkuji
Run by Jetyxx at 2012-01-04 19:12:04
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 103 GB (54%) free of 191 GB
Total RAM: 1023 MB (22% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-10 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2002-07-23 477184]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-01-20 77824]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-11-17 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-11-17 86016]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"HTC Sync Loader"=C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-11-01 593920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"Ipnunc"=C:\Documents and Settings\Jetyxx\Data aplikací\Ipnunc.exe [2012-01-03 252731]
"Microsoft DLL Registaation"=C:\Documents and Settings\Jetyxx\Data aplikací\regsrv33.exe [2012-01-03 8704]
C:\Documents and Settings\Jetyxx\Nabídka Start\Programy\Po spuštění
_uninst_64233572.lnk - C:\Documents and Settings\Jetyxx\Local Settings\temp\_uninst_64233572.bat
_uninst_95649398.lnk - C:\Documents and Settings\Jetyxx\Local Settings\temp\_uninst_95649398.bat
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
Windows Task Services - C:\Documents and Settings\Jetyxx\Data aplikací\2B0.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BitTorrent\BitTorrent.exe"="C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Garena Classic\Garena.exe"="C:\Program Files\Garena Classic\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Garena Plus\Room\garena_room.exe"="C:\Program Files\Garena Plus\Room\garena_room.exe:*:Enabled:Garena"
"C:\Program Files\Orcs Must Die!\Build\release\OrcsMustDie.exe"="C:\Program Files\Orcs Must Die!\Build\release\OrcsMustDie.exe:*:Enabled:Orcs Must Die!"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
======List of files/folders created in the last 1 month======
2012-01-04 19:10:05 ----A---- C:\Documents and Settings\Jetyxx\Data aplikací\A.exe
2012-01-04 19:09:56 ----A---- C:\Documents and Settings\Jetyxx\Data aplikací\5.exe
2012-01-03 20:04:41 ----A---- C:\Documents and Settings\Jetyxx\Data aplikací\Ipnunc.exe
2012-01-03 01:22:46 ----A---- C:\Documents and Settings\Jetyxx\Data aplikací\regsrv33.exe
2012-01-03 01:22:43 ----A---- C:\Documents and Settings\Jetyxx\Data aplikací\2B1.exe
2011-12-19 09:21:53 ----D---- C:\WINDOWS\Sun
2011-12-13 13:05:15 ----D---- C:\Program Files\Counter-Strike Source
2011-12-08 15:56:17 ----D---- C:\Program Files\Machinarium
2011-12-06 20:42:38 ----RD---- C:\Program Files\Skype
2011-12-06 20:42:38 ----D---- C:\Program Files\Common Files\Skype
2011-12-05 22:36:15 ----SHD---- C:\RECYCLER
2011-12-05 21:14:26 ----A---- C:\Documents and Settings\Jetyxx\Data aplikací\7.exe
2011-12-05 21:12:11 ----A---- C:\ComboFix.txt
======List of files/folders modified in the last 1 month======
2012-01-04 19:10:25 ----D---- C:\Documents and Settings\Jetyxx\Data aplikací\Skype
2012-01-04 19:09:59 ----D---- C:\WINDOWS\Temp
2012-01-04 19:09:58 ----D---- C:\Documents and Settings\Jetyxx\Data aplikací\skypePM
2012-01-04 19:09:51 ----D---- C:\WINDOWS
2012-01-04 19:09:23 ----D---- C:\WINDOWS\system32\drivers
2012-01-04 16:20:14 ----D---- C:\Program Files\Warcraft III Frozen Throne eSK
2012-01-04 14:52:07 ----D---- C:\Program Files\Garena Classic
2012-01-04 11:21:44 ----D---- C:\WINDOWS\Prefetch
2012-01-03 12:27:54 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-03 01:03:31 ----D---- C:\WINDOWS\system32
2012-01-03 01:03:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-02 22:07:57 ----D---- C:\Documents and Settings\Jetyxx\Data aplikací\GarenaPlus
2012-01-02 16:00:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\GarenaMessenger
2012-01-01 14:00:35 ----D---- C:\Documents and Settings\Jetyxx\Data aplikací\HTC
2011-12-29 08:40:44 ----HD---- C:\WINDOWS\inf
2011-12-29 08:39:47 ----SHD---- C:\WINDOWS\Installer
2011-12-29 08:39:44 ----D---- C:\Config.Msi
2011-12-29 08:31:54 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-12-29 08:31:40 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-12-29 08:05:15 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-12-29 08:01:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-27 11:47:25 ----RD---- C:\Program Files
2011-12-19 15:57:29 ----D---- C:\Program Files\Garena Plus
2011-12-19 14:06:00 ----D---- C:\Program Files\Java
2011-12-19 14:01:14 ----D---- C:\Documents and Settings\Jetyxx\Data aplikací\BitTorrent
2011-12-19 14:01:13 ----D---- C:\WINDOWS\SoftwareDistribution
2011-12-13 22:21:43 ----D---- C:\Documents and Settings\Jetyxx\Data aplikací\vlc
2011-12-06 20:42:38 ----D---- C:\Program Files\Common Files
2011-12-06 20:42:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-12-05 22:36:55 ----SHD---- C:\System Volume Information
2011-12-05 21:13:26 ----D---- C:\Qoobox
2011-12-05 21:10:04 ----A---- C:\WINDOWS\system.ini
2011-12-05 21:09:49 ----D---- C:\WINDOWS\system32\drivers\etc
2011-12-05 21:07:16 ----D---- C:\WINDOWS\AppPatch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2004-04-02 21760]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-18 61056]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-10-10 232512]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-01-28 2310272]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-11-17 3994688]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Classic\safedrv.sys []
S3 HTCAND32;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
S3 htcnprot;HTC NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [2010-06-22 21248]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2004-08-03 12672]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-01-19 503144]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-10 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-11-17 159811]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2011-08-12 87040]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
předem děkuji
a pracuje se na nem 
.
Proc nepouzivate antivir? Pak to mate zaliskane jak jetel 
