Prosím o preventivní kontrolu, občas nelze ukončit IE8

[miloš]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Miloš at 2012-01-10 22:55:32
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 282 GB (59%) free of 477 GB
Total RAM: 3326 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:35, on 10.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\USB Safely Remove\USBSRService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SYMANT~1\vptray.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\WINDOWS\system32\RAMAsst.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Programy\RSIT.exe
C:\Program Files\trend micro\Miloš.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: RewardsArcade - {597A9974-8CB0-4f41-B61F-ED065738A397} - C:\Program Files\RewardsArcade\RewardsArcade.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\\vptray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Movie_Edit_Pro_15_silver\TrayServer.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMAsst.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Miloš\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Miloš\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.autocont.cz
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} (Ovi maps browser plugin) - http://static.s2g.gate5.de/ovi_maps/Ovi ... .12.11.cab
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5424585265
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-be ... canner.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://62.168.0.189/activex/AMC.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: AVerUpdateServer - AVerMedia TECHNOLOGIES, Inc. - C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SnugTV Service - AVerMedia Technologies, Inc. - C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: SecretZone Assist Service (SZASSIST) - Clarus, Inc. - C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files\USB Safely Remove\USBSRService.exe

--
End of file - 12491 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-4036164967-4113303836-1484400983-1005.job
C:\WINDOWS\tasks\expressburnShakeIcon.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-4036164967-4113303836-1484400983-1005.job
C:\WINDOWS\tasks\Norton Security Scan for Miloš.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-11-12 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{597A9974-8CB0-4f41-B61F-ED065738A397}]
RewardsArcade - C:\Program Files\RewardsArcade\RewardsArcade.dll [2011-11-03 528216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-26 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-03-26 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\prxtbVuze.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2011-03-26 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-26 256112]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\prxtbVuze.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"vptray"=C:\PROGRA~1\SYMANT~1\\vptray.exe [2006-07-17 125072]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-12-09 18063872]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-03-24 53408]
"TrayServer"=C:\Program Files\MAGIX\Movie_Edit_Pro_15_silver\TrayServer.exe [2008-11-13 90112]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2011-07-05 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"USB Safely Remove"=C:\Program Files\USB Safely Remove\USBSafelyRemove.exe [2010-12-25 1794392]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
RAMASST.lnk - C:\WINDOWS\system32\RAMAsst.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-08-01 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2006-07-17 43664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Foxit Software\PDF Editor\PDFEdit.exe"="C:\Program Files\Foxit Software\PDF Editor\PDFEdit.exe:*:Enabled:Foxit PDF Editor, the first REAL editor for PDF files!"
"C:\Program Files\Real\RealPlayer\RecordingManager.exe"="C:\Program Files\Real\RealPlayer\RecordingManager.exe:*:Enabled:RealNetworks Download and Record Manager"
"C:\Program Files\Java\JRE6\BIN\java.exe"="C:\Program Files\Java\JRE6\BIN\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\SnugTV\SnugTV Station\ConfigMaster.exe"="C:\Program Files\SnugTV\SnugTV Station\ConfigMaster.exe:*:Enabled:SnugTV Configuration Master"
"C:\Program Files\SnugTV\SnugTV Station\ConfigWizard.exe"="C:\Program Files\SnugTV\SnugTV Station\ConfigWizard.exe:*:Enabled:SnugTV Configuration Wizard"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\EPLAN\Electric P8\1.9.11\BIN\W3u.exe"="C:\Program Files\EPLAN\Electric P8\1.9.11\BIN\W3u.exe:*:Enabled:EPLAN W3"
"C:\WINDOWS\System32\hasplms.exe"="C:\WINDOWS\System32\hasplms.exe:*:Enabled:HASP License Manager"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
"C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe"="C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe:*:Enabled:SnugTV Service"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"

======File associations======

.scr - open - "C:\WINDOWS\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2012-01-09 22:01:20 ----D---- C:\rsit
2012-01-08 16:28:52 ----D---- C:\Program Files\RewardsArcade
2012-01-08 16:27:46 ----D---- C:\Program Files\Conduit
2012-01-08 16:27:45 ----D---- C:\Program Files\Vuze_Remote
2012-01-08 09:14:25 ----D---- C:\Program Files\cGPSmapper
2012-01-05 22:26:17 ----D---- C:\Nová složka
2012-01-02 19:47:18 ----D---- C:\Program Files\Amazon
2011-12-15 23:41:21 ----HD---- C:\WINDOWS\$NtUninstallKB2639417$
2011-12-15 23:41:16 ----HD---- C:\WINDOWS\$NtUninstallKB2624667$
2011-12-15 23:34:32 ----HD---- C:\WINDOWS\$NtUninstallKB2633952$
2011-12-15 23:34:29 ----HD---- C:\WINDOWS\$NtUninstallKB2619339$
2011-12-15 23:34:25 ----HD---- C:\WINDOWS\$NtUninstallKB2618451$
2011-12-15 23:34:17 ----HD---- C:\WINDOWS\$NtUninstallKB2620712$
2011-12-15 23:34:10 ----HD---- C:\WINDOWS\$NtUninstallKB2633171$
2011-12-15 21:13:56 ----SHD---- C:\Recycled
2011-12-15 20:43:38 ----A---- C:\DeQuarantine.txt
2011-12-14 18:05:40 ----ASH---- C:\hiberfil.sys
2011-12-14 18:02:53 ----D---- C:\WINDOWS\temp
2011-12-14 17:49:57 ----A---- C:\WINDOWS\ntbtlog.txt

======List of files/folders modified in the last 1 months======

2012-01-10 10:07:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-08 08:07:04 ----A---- C:\WINDOWS\NeroDigital.ini
2011-12-15 23:41:20 ----A---- C:\WINDOWS\imsins.BAK
2011-12-15 23:34:44 ----A---- C:\WINDOWS\system32\MRT.exe
2011-12-15 20:56:02 ----A---- C:\WINDOWS\system.ini
2011-12-14 23:05:24 ----A---- C:\WINDOWS\wincmd.ini
2011-12-14 23:05:04 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-12-14 17:37:00 ----RASH---- C:\boot.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 AmgHips;AmgHips; \??\C:\WINDOWS\system32\Drivers\AmgHips.sys []
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2005-05-11 32256]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2006-09-20 113488]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []
R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []
R1 StarOpen;StarBurn StarOpen Driver; \??\C:\WINDOWS\system32\drivers\StarOpen.sys []
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2006-01-24 195776]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-08-01 3266560]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-05-21 93696]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-12-11 4959232]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-01-28 171008]
R3 mdf15;mdf15; \??\C:\Program Files\Clarus\Samsung SecretZone\mdf15.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 mvd21;mvd21; \??\C:\Program Files\Clarus\Samsung SecretZone\mvd21.sys []
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120109.002\naveng.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120109.002\navex15.sys []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-02-25 47360]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 AVerAF35;AVerMedia A867 USB DVB-T; C:\WINDOWS\System32\Drivers\AVerAF35.sys [2010-01-29 477312]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2010-05-28 14896]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2004-12-08 42752]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2006-01-24 24768]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-12-30 7936]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S3 XHASP;XHASP; \??\c:\windows\system32\drivers\XHASP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-08-01 573440]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2006-09-22 118784]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2006-03-24 192160]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2006-03-24 169632]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2006-07-17 31376]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\System32\DVDRAMSV.exe [2006-09-20 110592]
R2 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-13 651720]
R2 hasplms;Sentinel HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2010-09-27 4180576]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-06-01 2045632]
R2 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2009-11-29 244904]
R2 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2006-01-24 214720]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2006-07-17 1817744]
R2 SZASSIST;SecretZone Assist Service; C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe [2010-07-30 90112]
R2 USBSafelyRemoveService;USB Safely Remove Assistant; C:\Program Files\USB Safely Remove\USBSRService.exe [2010-12-25 246616]
R2 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 IISADMIN;Správa služby IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-07-31 593920]
S3 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-02-19 74360]
S3 AVerRemote;AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2010-04-27 348160]
S3 AVerScheduleService;AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-06 397312]
S3 AVerUpdateServer;AVerUpdateServer; C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [2011-01-06 168448]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2011-01-25 2336072]
S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2006-07-17 118928]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S3 SnugTV Service;SnugTV Service; C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe [2011-01-05 570880]
S3 SPBBCSvc;SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2006-04-11 1160848]
S3 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
S3 W3SVC;Publikování na webu; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]

-----------------EOF-----------------

[Roli]

Zdravím, tohle fixni v HJT :

R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

HJT najdeš zde :

C:\Program Files\trend micro\Miloš.exe

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

Cyberlink RichVideo Service

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

[miloš]

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12.1.2012 23:53:14
mbam-log-2012-01-12 (23-53-14).txt

Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 486620
Uplynulý čas: 1 hodin, 8 minut, 9 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[Roli]

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

[miloš]

ComboFix 12-01-12.02 - Miloš 12.01.2012 20:39:40.8.4 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2573 [GMT 1:00]
Spuštěný z: c:\documents and settings\Miloš\Plocha\ComboFix.exe
Použité ovládací přepínače :: /u
AV: Symantec AntiVirus Corporate Edition *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\RewardsArcade
c:\program files\RewardsArcade\appAPIinternalWrapper.js
c:\program files\RewardsArcade\fb.js
c:\program files\RewardsArcade\jquery.js
c:\program files\RewardsArcade\json.js
c:\program files\RewardsArcade\RewardsArcade.dll
c:\program files\RewardsArcade\RewardsArcade.exe
c:\program files\RewardsArcade\Uninstall.exe
c:\program files\RewardsArcade\UserConfirmation.exe
c:\windows\msmqinst.log
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-12 do 2012-01-12 )))))))))))))))))))))))))))))))
.
.
2012-01-12 19:26 . 2012-01-12 19:26 -------- d-----w- C:\FOUND.001
2012-01-12 17:53 . 2012-01-12 17:53 -------- d-----w- C:\FOUND.000
2012-01-11 20:29 . 2012-01-11 20:29 -------- d-----w- c:\program files\Ask.com
2012-01-11 20:29 . 2012-01-11 20:29 -------- d-----w- c:\documents and settings\Miloš\Local Settings\Data aplikací\AskToolbar
2012-01-11 20:29 . 2012-01-11 20:29 -------- d-----w- c:\documents and settings\Miloš\Local Settings\Data aplikací\APN
2012-01-09 21:01 . 2012-01-09 21:01 -------- d-----w- C:\rsit
2012-01-08 15:28 . 2012-01-08 15:28 -------- d-----w- c:\documents and settings\Miloš\Local Settings\Data aplikací\RewardsArcade
2012-01-08 15:27 . 2012-01-08 15:27 -------- d-----w- c:\program files\Conduit
2012-01-08 15:27 . 2012-01-08 15:27 -------- d-----w- c:\documents and settings\Miloš\Local Settings\Data aplikací\Vuze_Remote
2012-01-08 15:27 . 2012-01-08 15:27 -------- d-----w- c:\program files\Vuze_Remote
2012-01-08 08:14 . 2012-01-08 08:14 -------- d-----w- c:\program files\cGPSmapper
2012-01-05 21:26 . 2012-01-05 21:26 -------- d-----w- C:\Nová složka
2012-01-02 18:47 . 2012-01-02 18:47 -------- d-----w- c:\documents and settings\Miloš\Local Settings\Data aplikací\Amazon
2012-01-02 18:47 . 2012-01-02 18:47 -------- d-----w- c:\program files\Amazon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-25 21:57 . 1979-12-31 23:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 1980-01-01 00:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 1979-12-31 23:00 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-04 19:13 . 1979-12-31 23:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 1979-12-31 23:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 1979-12-31 23:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:24 . 1979-12-31 23:00 385024 ------w- c:\windows\system32\html.iec
2011-11-03 15:29 . 1979-12-31 23:00 386560 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:29 . 1979-12-31 23:00 1294848 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07 . 1979-12-31 23:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 07:31 . 2011-10-28 07:31 25248 ----a-w- c:\windows\system32\drivers\AmgHips.sys
2011-10-28 05:32 . 1979-12-31 23:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2008-04-14 08:06 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 10:50 . 2008-04-14 08:06 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-18 11:13 . 1979-12-31 23:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-03-18 17:55 . 2011-03-23 20:23 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-05-09 08:49 176936 ----a-w- c:\program files\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-08-23 20:20 1515688 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-05-09 176936]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-08-23 1515688]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB Safely Remove"="c:\program files\USB Safely Remove\USBSafelyRemove.exe" [2010-12-25 1794392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vptray"="c:\progra~1\SYMANT~1\\vptray.exe" [2006-07-17 125072]
"RTHDCPL"="RTHDCPL.EXE" [2008-12-09 18063872]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-03-24 53408]
"TrayServer"="c:\program files\MAGIX\Movie_Edit_Pro_15_silver\TrayServer.exe" [2008-11-13 90112]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-07-05 421888]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-08-23 887976]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
RAMASST.lnk - c:\windows\system32\RAMAsst.exe [2009-2-26 167936]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Foxit Software\\PDF Editor\\PDFEdit.exe"=
"c:\\Program Files\\Real\\RealPlayer\\RecordingManager.exe"=
"c:\\Program Files\\Java\\JRE6\\BIN\\java.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\SnugTV\\SnugTV Station\\ConfigMaster.exe"=
"c:\\Program Files\\SnugTV\\SnugTV Station\\ConfigWizard.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\EPLAN\\Electric P8\\1.9.11\\BIN\\W3u.exe"=
"c:\\WINDOWS\\System32\\hasplms.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"c:\\Program Files\\SnugTV\\SnugTV Station\\AMAServer.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 AmgHips;AmgHips;c:\windows\system32\drivers\AmgHips.sys [28.10.2011 8:31 25248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
R2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
R2 SZASSIST;SecretZone Assist Service;c:\program files\Clarus\Samsung SecretZone\SZAssistSVC.exe [16.1.2011 23:29 90112]
R2 USBSafelyRemoveService;USB Safely Remove Assistant;c:\program files\USB Safely Remove\USBSRService.exe [27.8.2011 22:31 246616]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys [19.2.2009 19:01 106104]
R3 mdf15;mdf15;c:\program files\Clarus\Samsung SecretZone\mdf15.sys [16.1.2011 23:29 12288]
R3 mvd21;mvd21;c:\program files\Clarus\Samsung SecretZone\mvd21.sys [16.1.2011 23:29 64512]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [25.2.2009 20:49 47360]
S3 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 21:03 660768]
S3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\drivers\AVerAF35.sys [9.11.2010 22:03 477312]
S3 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [9.11.2010 22:04 348160]
S3 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [9.11.2010 22:04 397312]
S3 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [6.1.2011 13:42 168448]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [3.9.2011 15:34 1527900]
S3 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [25.1.2011 11:41 2336072]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [28.5.2010 13:04 14896]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [17.7.2006 17:38 118928]
S3 SnugTV Service;SnugTV Service;c:\program files\SnugTV\SnugTV Station\AMAServer.exe [5.1.2011 3:31 570880]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S3 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [28.5.2011 15:25 259584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 18:02 114688 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-12 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-02-23 16:58]
.
2012-01-12 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-4036164967-4113303836-1484400983-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40]
.
2012-01-12 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-4036164967-4113303836-1484400983-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40]
.
2012-01-12 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-08-23 20:20]
.
2012-01-11 c:\windows\Tasks\Norton Security Scan for Miloš.job
- c:\progra~1\NORTON~2\Engine\301~1.8\Nss.exe [2011-01-17 22:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Free YouTube Download - c:\documents and settings\Miloš\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Miloš\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} - hxxp://static.s2g.gate5.de/ovi_maps/OviMapsPlugin_4.0.12.11.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://62.168.0.189/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\Miloš\Data aplikací\Mozilla\Firefox\Profiles\0fzox30t.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.2&q=
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-RewardsArcade - c:\program files\RewardsArcade\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-12 20:49
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4036164967-4113303836-1484400983-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1360)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2012-01-12 20:51:30
ComboFix-quarantined-files.txt 2012-01-12 19:51
.
Před spuštěním: Volných bajtů: 294 120 882 176
Po spuštění: Volných bajtů: 294 284 328 960
.
- - End Of File - - DD74523D25D538945766F75E52867AA2

[Roli]

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File::
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

Folder::
C:\FOUND.001
C:\FOUND.000
c:\program files\Ask.com
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
c:\documents and settings\Miloš\Local Settings\Data aplikací\AskToolbar
c:\documents and settings\Miloš\Local Settings\Data aplikací\APN
c:\documents and settings\Miloš\Local Settings\Data aplikací\RewardsArcade
c:\program files\Conduit
c:\documents and settings\Miloš\Local Settings\Data aplikací\Vuze_Remote
c:\program files\Vuze_Remote

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"=-
[-HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BA14329E-9550-4989-B3F2-9732E92D17CC}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ApnUpdater"=-

FireFox::
FF - ProfilePath - c:\documents and settings\Miloš\Data aplikací\Mozilla\Firefox\Profiles\0fzox30t.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... r=1.4.2&q=

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[miloš]

Provedl jsem vše dle pokynů, log se však žádný nevytvořil.

Problémy s WinIE8 zmizely. Díky za pomoc

[Roli]

Provedl jsem vše dle pokynů, log se však žádný nevytvořil.

Problémy s WinIE8 zmizely. Díky za pomoc

No počkej, počkej ten log bych přeci jen rád viděl.

Pokud se nezobrazil automaticky najdeš ho na C:/Combofix.txt

[miloš]

Log se vygeneroval až po druhé aplikaci ComboFix, tady je:

ComboFix 12-01-15.01 - Miloš 15.01.2012 10:38:13.10.4 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2577 [GMT 1:00]
Spuštěný z: c:\documents and settings\Miloš\Plocha\ComboFix.exe
Použité ovládací přepínače :: /u
AV: Symantec AntiVirus Corporate Edition *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msmqinst.log
c:\windows\WindowsUpdate.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-15 do 2012-01-15 )))))))))))))))))))))))))))))))
.
.
2012-01-15 09:27 . 2012-01-15 09:27 -------- d-----w- C:\FOUND.004
2012-01-13 22:02 . 2012-01-13 22:02 -------- d-----w- C:\FOUND.003
2012-01-13 21:23 . 2012-01-13 21:23 -------- d-----w- c:\program files\GoldWave
2012-01-13 20:35 . 2012-01-13 20:35 -------- d--h--w- c:\windows\ie8
2012-01-13 20:12 . 2012-01-13 20:12 -------- d-----w- C:\FOUND.002
2012-01-13 16:54 . 2012-01-13 16:54 512 ----a-w- C:\PhysicalMBR.bin
2012-01-12 20:51 . 2012-01-12 20:51 -------- d-----w- c:\documents and settings\Miloš\Local Settings\Data aplikací\Linkury
2012-01-12 20:51 . 2012-01-12 20:51 -------- d-----w- c:\program files\CrystalDiskInfo
2012-01-12 20:51 . 2012-01-12 20:51 -------- d-----w- c:\documents and settings\Miloš\Data aplikací\OpenCandy
2012-01-12 19:26 . 2012-01-12 19:26 -------- d-----w- C:\FOUND.001
2012-01-12 17:53 . 2012-01-12 17:53 -------- d-----w- C:\FOUND.000
2012-01-11 20:29 . 2012-01-11 20:29 -------- d-----w- c:\program files\Ask.com
2012-01-11 20:29 . 2012-01-11 20:29 -------- d-----w- c:\documents and settings\Miloš\Local Settings\Data aplikací\AskToolbar
2012-01-11 20:29 . 2012-01-11 20:29 -------- d-----w- c:\documents and settings\Miloš\Local Settings\Data aplikací\APN
2012-01-09 21:01 . 2012-01-09 21:01 -------- d-----w- C:\rsit
2012-01-08 15:28 . 2012-01-08 15:28 -------- d-----w- c:\documents and settings\Miloš\Local Settings\Data aplikací\RewardsArcade
2012-01-08 15:27 . 2012-01-08 15:27 -------- d-----w- c:\program files\Conduit
2012-01-08 15:27 . 2012-01-08 15:27 -------- d-----w- c:\documents and settings\Miloš\Local Settings\Data aplikací\Vuze_Remote
2012-01-08 15:27 . 2012-01-08 15:27 -------- d-----w- c:\program files\Vuze_Remote
2012-01-08 08:14 . 2012-01-08 08:14 -------- d-----w- c:\program files\cGPSmapper
2012-01-05 21:26 . 2012-01-05 21:26 -------- d-----w- C:\Nová složka
2012-01-02 18:47 . 2012-01-02 18:47 -------- d-----w- c:\documents and settings\Miloš\Local Settings\Data aplikací\Amazon
2012-01-02 18:47 . 2012-01-02 18:47 -------- d-----w- c:\program files\Amazon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-25 21:57 . 1979-12-31 23:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 1980-01-01 00:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 1979-12-31 23:00 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-04 19:13 . 1979-12-31 23:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 1979-12-31 23:00 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 1979-12-31 23:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:24 . 1979-12-31 23:00 385024 ------w- c:\windows\system32\html.iec
2011-11-03 15:29 . 1979-12-31 23:00 386560 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:29 . 1979-12-31 23:00 1294848 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07 . 1979-12-31 23:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 07:31 . 2011-10-28 07:31 25248 ----a-w- c:\windows\system32\drivers\AmgHips.sys
2011-10-28 05:32 . 1979-12-31 23:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2008-04-14 08:06 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 10:50 . 2008-04-14 08:06 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-18 11:13 . 1979-12-31 23:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-03-18 17:55 . 2011-03-23 20:23 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-12_19.49.32 )))))))))))))))))))))))))))))))))))))))))
.
- 2011-11-25 16:57 . 2009-03-08 03:33 12288 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2012-01-13 20:37 . 2009-03-08 03:33 12288 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2012-01-13 20:37 . 2008-07-08 12:59 18296 c:\windows\ie8updates\KB982381-IE8\spmsg.dll
- 2011-11-25 16:57 . 2008-07-08 13:59 18296 c:\windows\ie8updates\KB982381-IE8\spmsg.dll
- 2011-11-25 16:57 . 2008-07-08 13:59 26488 c:\windows\ie8updates\KB982381-IE8\spcustom.dll
+ 2012-01-13 20:37 . 2008-07-08 12:59 26488 c:\windows\ie8updates\KB982381-IE8\spcustom.dll
+ 2012-01-13 20:37 . 2009-03-08 03:31 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
- 2011-11-25 16:57 . 2009-03-08 03:31 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2012-01-13 20:37 . 2009-03-08 03:33 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
- 2011-11-25 16:57 . 2009-03-08 03:33 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
- 2011-12-15 22:41 . 2011-08-22 23:41 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll
+ 2012-01-13 20:37 . 2010-05-06 10:35 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll
+ 2012-01-13 20:37 . 2010-07-05 13:13 18296 c:\windows\ie8updates\KB2618444-IE8\spmsg.dll
+ 2012-01-13 20:37 . 2010-07-05 13:13 26488 c:\windows\ie8updates\KB2618444-IE8\spcustom.dll
+ 2012-01-13 20:37 . 2009-03-08 03:31 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll
- 2011-12-15 22:41 . 2011-08-22 23:41 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll
+ 2012-01-13 20:37 . 2010-05-06 10:35 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll
- 2011-12-15 22:41 . 2011-08-22 23:41 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll
+ 2012-01-13 20:37 . 2009-03-08 03:34 43008 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll
- 2011-12-15 22:41 . 2011-08-22 23:41 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll
+ 2012-01-13 20:37 . 2010-05-06 10:35 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll
+ 2012-01-13 20:37 . 2010-02-22 14:21 18296 c:\windows\ie8updates\KB2598845-IE8\spmsg.dll
+ 2012-01-13 20:37 . 2010-02-22 14:20 26488 c:\windows\ie8updates\KB2598845-IE8\spcustom.dll
- 2011-11-25 17:20 . 2010-07-05 14:13 18296 c:\windows\ie8updates\KB2544521-IE8\spmsg.dll
+ 2012-01-13 22:07 . 2010-07-05 13:13 18296 c:\windows\ie8updates\KB2544521-IE8\spmsg.dll
- 2011-11-25 17:20 . 2010-07-05 14:13 26488 c:\windows\ie8updates\KB2544521-IE8\spcustom.dll
+ 2012-01-13 22:07 . 2010-07-05 13:13 26488 c:\windows\ie8updates\KB2544521-IE8\spcustom.dll
+ 2012-01-13 22:07 . 2010-07-05 13:13 18296 c:\windows\ie8updates\KB2510531-IE8\spmsg.dll
- 2011-11-25 17:20 . 2010-07-05 14:13 18296 c:\windows\ie8updates\KB2510531-IE8\spmsg.dll
+ 2012-01-13 22:07 . 2010-07-05 13:13 26488 c:\windows\ie8updates\KB2510531-IE8\spcustom.dll
- 2011-11-25 17:20 . 2010-07-05 14:13 26488 c:\windows\ie8updates\KB2510531-IE8\spcustom.dll
+ 2012-01-13 20:36 . 2009-03-08 15:57 58448 c:\windows\ie8\spuninst\iecustom.dll
- 2011-11-25 16:57 . 2009-03-08 15:57 58448 c:\windows\ie8\spuninst\iecustom.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 44544 c:\windows\ie8\pngfilt.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 44544 c:\windows\ie8\pngfilt.dll
- 2011-11-25 16:55 . 2007-08-13 17:01 48128 c:\windows\ie8\mshtmler.dll
+ 2012-01-13 20:35 . 2007-08-13 17:01 48128 c:\windows\ie8\mshtmler.dll
+ 2012-01-13 20:35 . 2007-08-13 17:32 45568 c:\windows\ie8\mshta.exe
- 2011-11-25 16:55 . 2007-08-13 17:32 45568 c:\windows\ie8\mshta.exe
+ 2012-01-13 20:35 . 2007-08-13 17:36 12288 c:\windows\ie8\msfeedssync.exe
- 2011-11-25 16:55 . 2007-08-13 17:36 12288 c:\windows\ie8\msfeedssync.exe
- 2011-11-25 16:55 . 2009-04-29 05:47 52224 c:\windows\ie8\msfeedsbs.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 52224 c:\windows\ie8\msfeedsbs.dll
+ 2012-01-13 20:35 . 2007-08-13 17:44 40960 c:\windows\ie8\licmgr10.dll
- 2011-11-25 16:55 . 2007-08-13 17:44 40960 c:\windows\ie8\licmgr10.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 27648 c:\windows\ie8\jsproxy.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 27648 c:\windows\ie8\jsproxy.dll
- 2011-11-25 16:55 . 2007-08-13 17:39 92672 c:\windows\ie8\inseng.dll
+ 2012-01-13 20:35 . 2007-08-13 17:39 92672 c:\windows\ie8\inseng.dll
+ 2012-01-13 20:35 . 2007-08-13 17:36 36352 c:\windows\ie8\imgutil.dll
- 2011-11-25 16:55 . 2007-08-13 17:36 36352 c:\windows\ie8\imgutil.dll
- 2011-11-25 16:55 . 2007-08-13 17:39 55296 c:\windows\ie8\iesetup.dll
+ 2012-01-13 20:35 . 2007-08-13 17:39 55296 c:\windows\ie8\iesetup.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 44544 c:\windows\ie8\iernonce.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 44544 c:\windows\ie8\iernonce.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 78336 c:\windows\ie8\ieencode.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 78336 c:\windows\ie8\ieencode.dll
- 2011-11-25 16:55 . 2009-04-28 10:04 70656 c:\windows\ie8\ie4uinit.exe
+ 2012-01-13 20:35 . 2009-04-28 10:04 70656 c:\windows\ie8\ie4uinit.exe
- 2011-11-25 16:55 . 2009-04-29 05:47 63488 c:\windows\ie8\icardie.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 63488 c:\windows\ie8\icardie.dll
+ 2012-01-13 20:35 . 2007-08-13 17:18 60416 c:\windows\ie8\hmmapi.dll
- 2011-11-25 16:55 . 2007-08-13 17:18 60416 c:\windows\ie8\hmmapi.dll
- 2011-11-25 16:55 . 2008-04-14 13:00 35328 c:\windows\ie8\corpol.dll
+ 2012-01-13 20:35 . 2008-04-14 13:00 35328 c:\windows\ie8\corpol.dll
+ 2012-01-13 20:35 . 2007-08-13 17:39 71680 c:\windows\ie8\admparse.dll
- 2011-11-25 16:55 . 2007-08-13 17:39 71680 c:\windows\ie8\admparse.dll
+ 2012-01-13 20:37 . 2009-03-08 03:35 2048 c:\windows\ie8updates\KB2598845-IE8\iecompat.dll
- 2011-11-25 16:58 . 2009-03-08 03:35 2048 c:\windows\ie8updates\KB2598845-IE8\iecompat.dll
+ 2009-04-07 05:12 . 2012-01-15 09:30 217615 c:\windows\system32\inetsrv\MetaBase.bin
+ 2012-01-12 20:51 . 2012-01-12 20:51 986624 c:\windows\Installer\54db1a.msi
- 2011-11-25 16:57 . 2009-03-08 03:34 914944 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2012-01-13 20:37 . 2009-03-08 03:34 914944 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2012-01-13 20:37 . 2010-02-22 14:21 391032 c:\windows\ie8updates\KB982381-IE8\updspapi.dll
- 2011-11-25 16:57 . 2010-02-22 15:21 391032 c:\windows\ie8updates\KB982381-IE8\updspapi.dll
- 2011-11-25 16:57 . 2009-05-26 12:40 759160 c:\windows\ie8updates\KB982381-IE8\update.exe
+ 2012-01-13 20:37 . 2009-05-26 11:40 759160 c:\windows\ie8updates\KB982381-IE8\update.exe
- 2011-11-25 16:57 . 2010-02-22 14:21 391032 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2012-01-13 20:37 . 2010-02-22 14:21 391032 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
- 2011-11-25 16:57 . 2008-07-08 12:59 233848 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2012-01-13 20:37 . 2008-07-08 12:59 233848 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
- 2011-11-25 16:57 . 2008-07-08 13:59 233848 c:\windows\ie8updates\KB982381-IE8\spuninst.exe
+ 2012-01-13 20:37 . 2008-07-08 12:59 233848 c:\windows\ie8updates\KB982381-IE8\spuninst.exe
+ 2012-01-13 20:37 . 2009-03-08 03:34 109568 c:\windows\ie8updates\KB982381-IE8\occache.dll
- 2011-11-25 16:57 . 2009-03-08 03:34 109568 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2012-01-13 20:37 . 2009-03-08 03:32 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
- 2011-11-25 16:57 . 2009-03-08 03:32 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
- 2011-11-25 16:57 . 2009-03-08 03:32 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2012-01-13 20:37 . 2009-03-08 03:32 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
- 2011-11-25 16:57 . 2009-03-08 03:33 246784 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2012-01-13 20:37 . 2009-03-08 03:33 246784 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2012-01-13 20:37 . 2009-03-08 03:31 183808 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
- 2011-11-25 16:57 . 2009-03-08 03:31 183808 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2012-01-13 20:37 . 2009-03-08 03:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
- 2011-11-25 16:57 . 2009-03-08 03:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
- 2011-11-25 16:57 . 2009-03-08 13:09 391536 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2012-01-13 20:37 . 2009-03-08 13:09 391536 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2012-01-13 20:37 . 2009-03-08 03:32 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
- 2011-11-25 16:57 . 2009-03-08 03:32 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2012-01-13 20:37 . 2010-05-06 10:35 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
- 2011-12-15 22:41 . 2011-08-22 23:41 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
+ 2012-01-13 20:37 . 2009-03-08 03:34 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
- 2011-12-15 22:41 . 2011-08-22 23:41 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
+ 2012-01-13 20:37 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2618444-IE8\updspapi.dll
+ 2012-01-13 20:37 . 2010-07-05 13:13 759160 c:\windows\ie8updates\KB2618444-IE8\update.exe
+ 2012-01-13 20:37 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
- 2011-12-15 22:41 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
+ 2012-01-13 20:37 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
- 2011-12-15 22:41 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
+ 2012-01-13 20:37 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2618444-IE8\spuninst.exe
- 2011-12-15 22:41 . 2011-08-22 23:41 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
+ 2012-01-13 20:37 . 2010-05-06 10:35 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
+ 2012-01-13 20:37 . 2010-05-06 10:35 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
- 2011-12-15 22:41 . 2011-08-22 23:41 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
+ 2012-01-13 20:37 . 2010-05-06 10:35 599040 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll
+ 2012-01-13 20:37 . 2010-05-06 10:35 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
- 2011-12-15 22:41 . 2011-08-22 23:41 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
+ 2012-01-13 20:37 . 2010-05-06 10:35 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
- 2011-12-15 22:41 . 2011-08-22 23:41 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
- 2011-12-15 22:41 . 2011-08-22 23:41 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
+ 2012-01-13 20:37 . 2010-05-06 10:35 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
- 2011-12-15 22:41 . 2011-08-22 23:41 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
+ 2012-01-13 20:37 . 2010-05-06 10:35 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
+ 2012-01-13 20:37 . 2010-05-05 13:30 173056 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe
+ 2012-01-13 20:37 . 2010-02-22 14:21 391032 c:\windows\ie8updates\KB2598845-IE8\updspapi.dll
+ 2012-01-13 20:37 . 2010-02-22 14:21 759160 c:\windows\ie8updates\KB2598845-IE8\update.exe
- 2011-11-25 16:58 . 2010-02-22 14:21 391032 c:\windows\ie8updates\KB2598845-IE8\spuninst\updspapi.dll
+ 2012-01-13 20:37 . 2010-02-22 14:21 391032 c:\windows\ie8updates\KB2598845-IE8\spuninst\updspapi.dll
+ 2012-01-13 20:37 . 2010-02-22 14:21 233848 c:\windows\ie8updates\KB2598845-IE8\spuninst\spuninst.exe
- 2011-11-25 16:58 . 2010-02-22 14:21 233848 c:\windows\ie8updates\KB2598845-IE8\spuninst\spuninst.exe
+ 2012-01-13 20:37 . 2010-02-22 14:21 233848 c:\windows\ie8updates\KB2598845-IE8\spuninst.exe
+ 2012-01-13 22:07 . 2009-03-08 03:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll
- 2011-11-25 17:20 . 2009-03-08 03:33 759296 c:\windows\ie8updates\KB2544521-IE8\vgx.dll
- 2011-11-25 17:20 . 2010-07-05 14:13 391032 c:\windows\ie8updates\KB2544521-IE8\updspapi.dll
+ 2012-01-13 22:07 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2544521-IE8\updspapi.dll
+ 2012-01-13 22:07 . 2010-07-05 13:13 759160 c:\windows\ie8updates\KB2544521-IE8\update.exe
- 2011-11-25 17:20 . 2010-07-05 14:13 759160 c:\windows\ie8updates\KB2544521-IE8\update.exe
+ 2012-01-13 22:07 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll
- 2011-11-25 17:20 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2544521-IE8\spuninst\updspapi.dll
+ 2012-01-13 22:07 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe
- 2011-11-25 17:20 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2544521-IE8\spuninst\spuninst.exe
+ 2012-01-13 22:07 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2544521-IE8\spuninst.exe
- 2011-11-25 17:20 . 2010-07-05 14:13 233848 c:\windows\ie8updates\KB2544521-IE8\spuninst.exe
- 2011-11-25 17:20 . 2009-03-08 03:33 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll
+ 2012-01-13 22:07 . 2009-03-08 03:33 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll
- 2011-11-25 17:20 . 2010-07-05 14:13 391032 c:\windows\ie8updates\KB2510531-IE8\updspapi.dll
+ 2012-01-13 22:07 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2510531-IE8\updspapi.dll
+ 2012-01-13 22:07 . 2010-07-05 13:13 759160 c:\windows\ie8updates\KB2510531-IE8\update.exe
- 2011-11-25 17:20 . 2010-07-05 14:13 759160 c:\windows\ie8updates\KB2510531-IE8\update.exe
+ 2012-01-13 22:07 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll
- 2011-11-25 17:20 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll
+ 2012-01-13 22:07 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe
- 2011-11-25 17:20 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe
- 2011-11-25 17:20 . 2010-07-05 14:13 233848 c:\windows\ie8updates\KB2510531-IE8\spuninst.exe
+ 2012-01-13 22:07 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2510531-IE8\spuninst.exe
+ 2012-01-13 22:07 . 2009-03-08 03:33 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll
- 2011-11-25 17:20 . 2009-03-08 03:33 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 827392 c:\windows\ie8\wininet.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 827392 c:\windows\ie8\wininet.dll
- 2011-11-25 16:55 . 2007-08-13 17:45 206336 c:\windows\ie8\winfxdocobj.exe
+ 2012-01-13 20:35 . 2007-08-13 17:45 206336 c:\windows\ie8\winfxdocobj.exe
+ 2012-01-13 20:35 . 2009-04-29 05:47 233472 c:\windows\ie8\webcheck.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 233472 c:\windows\ie8\webcheck.dll
- 2011-11-25 16:55 . 2008-05-27 17:26 765952 c:\windows\ie8\vgx.dll
+ 2012-01-13 20:35 . 2008-05-27 17:26 765952 c:\windows\ie8\vgx.dll
- 2011-11-25 16:55 . 2008-05-09 10:56 430080 c:\windows\ie8\vbscript.dll
+ 2012-01-13 20:35 . 2008-05-09 10:56 430080 c:\windows\ie8\vbscript.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 105984 c:\windows\ie8\url.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 105984 c:\windows\ie8\url.dll
- 2011-11-25 16:57 . 2009-01-07 17:20 390688 c:\windows\ie8\spuninst\updspapi.dll
+ 2012-01-13 20:36 . 2009-01-07 17:20 390688 c:\windows\ie8\spuninst\updspapi.dll
- 2011-11-25 16:57 . 2009-01-07 17:20 234016 c:\windows\ie8\spuninst\spuninst.exe
+ 2012-01-13 20:36 . 2009-01-07 17:20 234016 c:\windows\ie8\spuninst\spuninst.exe
+ 2012-01-13 20:35 . 2006-09-06 16:42 215776 c:\windows\ie8\spuninst.exe
- 2011-11-25 16:55 . 2006-09-06 16:42 215776 c:\windows\ie8\spuninst.exe
+ 2012-01-13 20:35 . 2009-04-29 05:47 102912 c:\windows\ie8\occache.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 102912 c:\windows\ie8\occache.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 671232 c:\windows\ie8\mstime.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 671232 c:\windows\ie8\mstime.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 193024 c:\windows\ie8\msrating.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 193024 c:\windows\ie8\msrating.dll
- 2011-11-25 16:55 . 2007-08-13 17:54 156160 c:\windows\ie8\msls31.dll
+ 2012-01-13 20:35 . 2007-08-13 17:54 156160 c:\windows\ie8\msls31.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 477696 c:\windows\ie8\mshtmled.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 477696 c:\windows\ie8\mshtmled.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 459264 c:\windows\ie8\msfeeds.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 459264 c:\windows\ie8\msfeeds.dll
- 2011-11-25 16:55 . 2008-05-09 10:56 512000 c:\windows\ie8\jscript.dll
+ 2012-01-13 20:35 . 2008-05-09 10:56 512000 c:\windows\ie8\jscript.dll
+ 2012-01-13 20:35 . 2009-04-25 06:27 636088 c:\windows\ie8\iexplore.exe
- 2011-11-25 16:55 . 2009-04-25 06:27 636088 c:\windows\ie8\iexplore.exe
- 2011-11-25 16:55 . 2007-08-13 17:54 180736 c:\windows\ie8\ieui.dll
+ 2012-01-13 20:35 . 2007-08-13 17:54 180736 c:\windows\ie8\ieui.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 268288 c:\windows\ie8\iertutil.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 268288 c:\windows\ie8\iertutil.dll
+ 2012-01-13 20:35 . 2007-08-13 17:54 287744 c:\windows\ie8\ieproxy.dll
- 2011-11-25 16:55 . 2007-08-13 17:54 287744 c:\windows\ie8\ieproxy.dll
+ 2012-01-13 20:35 . 2007-08-13 17:54 191488 c:\windows\ie8\iepeers.dll
- 2011-11-25 16:55 . 2007-08-13 17:54 191488 c:\windows\ie8\iepeers.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 385024 c:\windows\ie8\iedkcs32.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 385024 c:\windows\ie8\iedkcs32.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 383488 c:\windows\ie8\ieapfltr.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 383488 c:\windows\ie8\ieapfltr.dll
- 2011-11-25 16:55 . 2009-04-25 06:26 161792 c:\windows\ie8\ieakui.dll
+ 2012-01-13 20:35 . 2009-04-25 06:26 161792 c:\windows\ie8\ieakui.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 230400 c:\windows\ie8\ieaksie.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 230400 c:\windows\ie8\ieaksie.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 153088 c:\windows\ie8\ieakeng.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 153088 c:\windows\ie8\ieakeng.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 214528 c:\windows\ie8\dxtrans.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 214528 c:\windows\ie8\dxtrans.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 347136 c:\windows\ie8\dxtmsft.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 347136 c:\windows\ie8\dxtmsft.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 124928 c:\windows\ie8\advpack.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 124928 c:\windows\ie8\advpack.dll
+ 2012-01-12 20:51 . 2012-01-12 20:51 145208 c:\windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll
+ 2012-01-12 20:51 . 2012-01-12 20:51 910648 c:\windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
+ 2012-01-12 20:51 . 2012-01-12 20:51 124728 c:\windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll
+ 2012-01-13 20:37 . 2009-03-08 03:34 1206784 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
- 2011-11-25 16:57 . 2009-03-08 03:34 1206784 c:\windows\ie8updates\KB982381-IE8\urlmon.dll
+ 2012-01-13 20:37 . 2009-03-08 03:41 5937152 c:\windows\ie8updates\KB982381-IE8\mshtml.dll
- 2011-11-25 16:57 . 2009-03-08 03:41 5937152 c:\windows\ie8updates\KB982381-IE8\mshtml.dll
+ 2012-01-13 20:37 . 2009-03-08 03:32 1985024 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
- 2011-11-25 16:57 . 2009-03-08 03:32 1985024 c:\windows\ie8updates\KB982381-IE8\iertutil.dll
+ 2012-01-13 20:37 . 2010-05-06 10:35 1209344 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll
+ 2012-01-13 20:37 . 2010-05-06 10:35 5950976 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
+ 2012-01-13 20:37 . 2010-05-06 10:35 1985536 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 1159680 c:\windows\ie8\urlmon.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 1159680 c:\windows\ie8\urlmon.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 3596288 c:\windows\ie8\mshtml.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 3596288 c:\windows\ie8\mshtml.dll
+ 2012-01-13 20:35 . 2009-04-29 05:47 6066176 c:\windows\ie8\ieframe.dll
- 2011-11-25 16:55 . 2009-04-29 05:47 6066176 c:\windows\ie8\ieframe.dll
+ 2012-01-13 20:35 . 2008-07-09 15:25 2455488 c:\windows\ie8\ieapfltr.dat
- 2011-11-25 16:55 . 2008-07-09 15:25 2455488 c:\windows\ie8\ieapfltr.dat
+ 2012-01-12 20:51 . 2012-01-12 20:51 8013664 c:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
- 2011-11-25 16:57 . 2009-03-08 03:39 11063808 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
+ 2012-01-13 20:37 . 2009-03-08 03:39 11063808 c:\windows\ie8updates\KB982381-IE8\ieframe.dll
+ 2012-01-13 20:37 . 2010-05-06 10:35 11076096 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2009-11-07 00:07 297808 ----a-w- c:\windows\system32\mscoree.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB Safely Remove"="c:\program files\USB Safely Remove\USBSafelyRemove.exe" [2010-12-25 1794392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vptray"="c:\progra~1\SYMANT~1\\vptray.exe" [2006-07-17 125072]
"RTHDCPL"="RTHDCPL.EXE" [2008-12-09 18063872]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-03-24 53408]
"TrayServer"="c:\program files\MAGIX\Movie_Edit_Pro_15_silver\TrayServer.exe" [2008-11-13 90112]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-07-05 421888]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-11-12 273528]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
RAMASST.lnk - c:\windows\system32\RAMAsst.exe [2009-2-26 167936]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Foxit Software\\PDF Editor\\PDFEdit.exe"=
"c:\\Program Files\\Real\\RealPlayer\\RecordingManager.exe"=
"c:\\Program Files\\Java\\JRE6\\BIN\\java.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\SnugTV\\SnugTV Station\\ConfigMaster.exe"=
"c:\\Program Files\\SnugTV\\SnugTV Station\\ConfigWizard.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\EPLAN\\Electric P8\\1.9.11\\BIN\\W3u.exe"=
"c:\\WINDOWS\\System32\\hasplms.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"c:\\Program Files\\SnugTV\\SnugTV Station\\AMAServer.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R?2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
R1 AmgHips;AmgHips;c:\windows\system32\drivers\AmgHips.sys [28.10.2011 8:31 25248]
R2 hasplms;Sentinel HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
R2 SZASSIST;SecretZone Assist Service;c:\program files\Clarus\Samsung SecretZone\SZAssistSVC.exe [16.1.2011 23:29 90112]
R2 USBSafelyRemoveService;USB Safely Remove Assistant;c:\program files\USB Safely Remove\USBSRService.exe [27.8.2011 22:31 246616]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\eengine\EraserUtilRebootDrv.sys [19.2.2009 19:01 106104]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [25.2.2009 20:49 47360]
S3 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 21:03 660768]
S3 AVerAF35;AVerMedia A867 USB DVB-T;c:\windows\system32\drivers\AVerAF35.sys [9.11.2010 22:03 477312]
S3 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [9.11.2010 22:04 348160]
S3 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [9.11.2010 22:04 397312]
S3 AVerUpdateServer;AVerUpdateServer;c:\program files\AVerMedia\AVerUpdate\AVerUpdateServer.exe [6.1.2011 13:42 168448]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [3.9.2011 15:34 1527900]
S3 mdf15;mdf15;c:\program files\Clarus\Samsung SecretZone\mdf15.sys [16.1.2011 23:29 12288]
S3 mvd21;mvd21;c:\program files\Clarus\Samsung SecretZone\mvd21.sys [16.1.2011 23:29 64512]
S3 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [25.1.2011 11:41 2336072]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [28.5.2010 13:04 14896]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [17.7.2006 17:38 118928]
S3 SnugTV Service;SnugTV Service;c:\program files\SnugTV\SnugTV Station\AMAServer.exe [5.1.2011 3:31 570880]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S3 XHASP;XHASP;c:\windows\system32\drivers\XHASP.sys [28.5.2011 15:25 259584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 18:02 114688 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-15 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2009-02-23 16:58]
.
2012-01-15 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-4036164967-4113303836-1484400983-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40]
.
2012-01-15 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-4036164967-4113303836-1484400983-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 12:40]
.
2012-01-15 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-08-23 20:20]
.
2012-01-14 c:\windows\Tasks\Norton Security Scan for Miloš.job
- c:\progra~1\NORTON~2\Engine\301~1.8\Nss.exe [2011-01-17 22:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Free YouTube Download - c:\documents and settings\Miloš\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\Miloš\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} - hxxp://static.s2g.gate5.de/ovi_maps/OviMapsPlugin_4.0.12.11.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://62.168.0.189/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\Miloš\Data aplikací\Mozilla\Firefox\Profiles\0fzox30t.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.linkury.com
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-15 10:52
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4036164967-4113303836-1484400983-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1028)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(6904)
c:\program files\ScanSoft\OmniPageSE4\OpHookSE4.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\Common Files\Symantec Shared\SNDSrvc.exe
c:\windows\system32\bgsvcgen.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\progra~1\SYMANT~1\vptray.exe
c:\program files\Symantec AntiVirus\DefWatch.exe
c:\windows\System32\DVDRAMSV.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\windows\system32\hasplms.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\RTHDCPL.EXE
c:\progra~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
c:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Symantec AntiVirus\Rtvscan.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2012-01-15 10:53:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-15 09:53
.
Před spuštěním: Volných bajtů: 292 671 717 376
Po spuštění: Volných bajtů: 292 745 281 536
.
- - End Of File - - C9F941A194C4CF7B08EA22F4CF064A7E

[Roli]

Řekl bych že jsi správně nepoužil ten skript, protože nedošlo ke smazání.

Proveď to ještě jednou a třeba i v Nouzovém režimu.