VIRY.CZ

Ahoj,prosím o pomoc nemohu se dostat do místního disku C:...

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dušan at 2012-07-26 10:29:40
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 44 GB (58%) free of 76 GB
Total RAM: 2047 MB (62% free)


======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Express Files Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-2052111302-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-2052111302-682003330-1003UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Dušan\Data aplikací\Mozilla\Firefox\Profiles\raemwdsn.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.com"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... YYYYCZ&&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.265 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D1C757D-0F77-7DDD-6BD4-0E9E40B77319}]
Adobe PDF Link Helper - C:\WINDOWS\system32\rsshx32.dll [2004-08-17 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2007-10-25 8527872]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2007-10-25 81920]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2004-10-27 61952]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-18 925696]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2005-07-26 716800]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-12-15 49152]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"Mbot.exe"=C:\Program Files []
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]
"ExpressFiles"=C:\Program Files\ExpressFiles\ExpressFiles.exe [2012-06-11 476824]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-06-27 1996200]
""= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 40448]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
"Advanced SystemCare 5"=C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2011-11-12 1647448]
"Steam"=C:\Program Files\Steam\Steam.exe [2012-01-05 1242448]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]
"KBot control center"=C:\Program Files\KBot\KBot 6.23\KBotcc.exe [2012-04-28 198656]
"Google Update"=C:\Documents and Settings\Dušan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-07-21 116648]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

C:\Documents and Settings\Dušan\Nabídka Start\Programy\Po spuštění
ctfmon.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\SteamApps\common\mafia ii\pc\Mafia2.exe"="C:\Program Files\Steam\SteamApps\common\mafia ii\pc\Mafia2.exe:*:Enabled:Mafia II"
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe"="C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\KBot\KBot 6.23\KBotcc.exe"="C:\Program Files\KBot\KBot 6.23\KBotcc.exe:*:Enabled:KBot control center"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\ExpressFiles\ExpressFiles.exe"="C:\Program Files\ExpressFiles\ExpressFiles.exe:*:Enabled:ExpressFiles"
"C:\Program Files\ExpressFiles\ExpressDL.exe"="C:\Program Files\ExpressFiles\ExpressDL.exe:*:Enabled:ExpressFilesDL"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe"="C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll

======List of files/folders created in the last 1 month======

2012-07-26 10:17:51 ----D---- C:\rsit
2012-07-26 10:17:51 ----D---- C:\Program Files\trend micro
2012-07-25 12:32:08 ----A---- C:\WINDOWS\system32\javaws.exe
2012-07-25 12:32:00 ----A---- C:\WINDOWS\system32\javaw.exe
2012-07-25 12:32:00 ----A---- C:\WINDOWS\system32\java.exe
2012-07-25 12:08:32 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2012-07-22 19:34:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2012-07-22 19:34:30 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2012-07-22 17:46:27 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-07-22 17:46:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2012-07-17 09:26:05 ----D---- C:\Program Files\valve
2012-07-11 18:33:12 ----D---- C:\Program Files\HyperCam 2
2012-07-10 21:57:37 ----D---- C:\WINDOWS\system32\Adobe
2012-07-05 13:38:48 ----D---- C:\Program Files\Counter-Strike 1.6 Non-Steam
2012-07-04 22:42:13 ----SHD---- C:\WINDOWS\ftpcache
2012-07-04 22:40:37 ----A---- C:\WINDOWS\game.ini
2012-07-02 17:13:36 ----D---- C:\Program Files\Free Fire Screensaver
2012-07-02 17:13:26 ----D---- C:\Documents and Settings\Dušan\Data aplikací\Laconic Software
2012-07-01 13:49:51 ----A---- C:\WINDOWS\system32\drivers\lirsgt.sys
2012-07-01 13:49:51 ----A---- C:\WINDOWS\system32\drivers\atksgt.sys
2012-07-01 12:51:23 ----D---- C:\Program Files\JoWooD Entertainment AG
2012-06-29 22:19:46 ----D---- C:\Program Files\LogMeIn Hamachi
2012-06-27 19:45:50 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2012-06-27 19:45:38 ----D---- C:\Documents and Settings\Dušan\Data aplikací\MotionDSP

======List of files/folders modified in the last 1 month======

2012-07-26 10:30:20 ----D---- C:\Documents and Settings\Dušan\Data aplikací\Skype
2012-07-26 10:18:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-07-26 10:17:51 ----RD---- C:\Program Files
2012-07-26 00:21:01 ----D---- C:\Documents and Settings\Dušan\Data aplikací\vlc
2012-07-25 12:32:16 ----SHD---- C:\WINDOWS\Installer
2012-07-25 12:32:16 ----HD---- C:\Config.Msi
2012-07-25 12:32:08 ----D---- C:\WINDOWS\system32
2012-07-25 12:31:38 ----D---- C:\WINDOWS\Temp
2012-07-25 12:31:38 ----D---- C:\Program Files\Java
2012-07-25 12:31:36 ----D---- C:\WINDOWS\Prefetch
2012-07-25 12:10:39 ----D---- C:\WINDOWS\system32\CatRoot2
2012-07-25 12:09:03 ----D---- C:\WINDOWS
2012-07-25 12:09:02 ----D---- C:\Program Files\Steam
2012-07-25 11:56:58 ----D---- C:\WINDOWS\Minidump
2012-07-25 00:27:02 ----D---- C:\WINDOWS\system32\drivers
2012-07-25 00:09:21 ----HD---- C:\Program Files\InstallShield Installation Information
2012-07-24 20:47:46 ----A---- C:\WINDOWS\win.ini
2012-07-23 23:16:23 ----D---- C:\Program Files\McAfee Security Scan
2012-07-23 23:16:19 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-23 19:19:11 ----RSHD---- C:\Recycled
2012-07-23 18:19:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-07-23 12:35:15 ----D---- C:\Program Files\Opera
2012-07-22 20:28:35 ----D---- C:\WINDOWS\system32\config
2012-07-22 20:19:40 ----RSD---- C:\WINDOWS\assembly
2012-07-22 20:16:23 ----D---- C:\WINDOWS\Microsoft.NET
2012-07-22 20:05:39 ----D---- C:\Program Files\KBot
2012-07-22 20:00:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-07-22 20:00:17 ----D---- C:\WINDOWS\WinSxS
2012-07-22 19:35:01 ----HD---- C:\WINDOWS\inf
2012-07-22 19:34:59 ----D---- C:\WINDOWS\system32\CatRoot
2012-07-22 19:34:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-22 19:34:44 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-22 19:33:38 ----D---- C:\Documents and Settings\Dušan\Data aplikací\uTorrent
2012-07-22 17:57:48 ----D---- C:\Documents and Settings\Dušan\Data aplikací\PriceGong
2012-07-22 17:46:22 ----D---- C:\Program Files\Mozilla Firefox
2012-07-21 23:32:39 ----SD---- C:\WINDOWS\Tasks
2012-07-20 18:23:15 ----D---- C:\Program Files\DsNET Corp
2012-07-18 23:54:40 ----D---- C:\Documents and Settings\Dušan\Data aplikací\Mozilla
2012-07-18 21:33:20 ----D---- C:\WINDOWS\Logs
2012-07-18 17:33:54 ----A---- C:\WINDOWS\DUMP60ae.tmp
2012-07-17 23:40:44 ----D---- C:\Documents and Settings\Dušan\Data aplikací\TS3Client
2012-07-17 09:24:16 ----D---- C:\Program Files\TeamSpeak 3 Client
2012-07-15 19:22:44 ----D---- C:\Documents and Settings\Dušan\Data aplikací\gtk-2.0
2012-07-07 16:16:59 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2012-07-06 18:55:39 ----D---- C:\Documents and Settings\Dušan\Data aplikací\.minecraft
2012-07-04 22:48:00 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2012-07-04 22:42:06 ----D---- C:\WINDOWS\system32\DirectX
2012-07-04 11:19:10 ----D---- C:\Documents and Settings\Dušan\Data aplikací\TeamViewer
2012-07-04 08:44:35 ----D---- C:\Program Files\uTorrent
2012-07-03 09:11:43 ----D---- C:\Program Files\ScreenShots
2012-07-01 14:00:14 ----D---- C:\Documents and Settings\Dušan\Data aplikací\Toolbar4

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-09-03 115680]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2012-07-01 271360]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2012-07-01 18048]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-07-04 151552]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-12-19 92800]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-28 49664]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-28 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-28 21568]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-10-25 7426112]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2006-08-14 83200]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2005-06-07 393088]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-27 145920]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2011-11-10 490840]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 1385896]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-05-04 161664]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-10-25 155716]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-07-04 66872]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-23 250056]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe []
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Připojuji Fax a fleshku

a nesmaže mi to žádná data z mé fleshky ? jelikož sem si tam pár věcí zálohoval.

Prosímtě mě to blbne, Když to spustím tak se načte 14% a sekne se pc zmyzne líšta teda to zmyzne hned po spuštění deletion ale když dám research tak mi vyjelo toto..

############################## | UsbFix 7.059 | [Research]

User: Dušan (Administrator) # TEKNO [ ]
Updated 16/09/2011 by El Desaparecido
Started at 15:32:18 | 26/07/2012
Website: http://eldesaparecido.com
Submit your sample: http://eldesaparecido.com/support.php
Contact: contact@eldesaparecido.com

CPU: Intel(R) Pentium(R) D CPU 3.00GHz
CPU 2: Intel(R) Pentium(R) D CPU 3.00GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 6.0.2900.2180

Windows Firewall: Enabled
RAM -> 2047 Mb
C:\ (%systemdrive%) -> Fixed drive # 75 Gb (43 Mb free - 58%) [] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM
F:\ -> Removable drive # 4 Gb (3 Mb free - 69%) [KINGSTON] # FAT32

################## | Files # Infected Folders |

Found ! C:\Documents and Settings\Dušan\Data aplikací\Dušanlog.dat
Found ! C:\Documents and Settings\Dušan\Nabídka Start\Programy\Po spuštění\ctfmon.exe
Found ! C:\WINDOWS\system32\install
Found ! C:\autorun.inf
Found ! C:\RECYCLER\S-1-5-21-1220945662-2052111302-682003330-1003
Found ! F:\autorun.inf
Found ! F:\Recycled\ctfmon.exe

################## | Registry |

Found ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr

################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{3db7d794-83d1-11e1-a4d2-001a92459b1c}
Shell\AutoRun\Command = F:\LGAutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{42b80f57-240a-11e1-a48d-001a92459b1c}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Shell\Open(0)\Command = F:\Recycled\ctfmon.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{5711943b-280d-11e1-a48e-001a92459b1c}
Shell\AutoRun\Command = F:\Launcher.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{7b5812e9-3a1e-11e1-a49f-001a92459b1c}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Shell\Open(0)\Command = F:\Recycled\ctfmon.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{88ac6c13-7d8d-11e1-a4c8-001a92459b1c}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Shell\Open(0)\Command = F:\Recycled\ctfmon.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{a13d3477-50d9-11e1-a4a4-001a92459b1c}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Shell\Open(0)\Command = F:\Recycled\ctfmon.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{dde8b1b0-bf8d-11e1-a53b-001a92459b1c}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Shell\Open(0)\Command = F:\Recycled\ctfmon.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{e4b274f1-6499-11e1-a4b2-001a92459b1c}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Shell\Open(0)\Command = F:\Recycled\ctfmon.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{e7ae1624-b1b2-11e1-a523-001a92459b1c}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Shell\Open(0)\Command = F:\Recycled\ctfmon.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{e954eb95-1e83-11e1-a484-001a92459b1c}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Shell\Open(0)\Command = F:\Recycled\ctfmon.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{e954eb9f-1e83-11e1-a484-001a92459b1c}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Shell\Open(0)\Command = F:\Recycled\ctfmon.exe


################## | Vaccin |

(!) This computer is not vaccinated!

################## | E.O.F |

no trošku v registrech umím

Zde je log z CF

ComboFix 12-07-27.01 - Dušan 26.07.2012 16:14:34.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2047.1295 [GMT 2:00]
Spuštěný z: c:\documents and settings\DuÜan\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
c:\documents and settings\Dušan\Data aplikací\Microsoft\AANmkMeAdBIace.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\aGLrThT.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\AGrUqlkvIHSCrf.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\aNhSBhUJmQdveNagPtNVa.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\ANprHAEB.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\aQUiJdCNraXtdPAXexJohVkOIVcOaJ.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\AsPirjIUvhpDLtcRHDoiW.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\axMba.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\BDkeNxx.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\BneakJPxmeGVI.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\CtEMfPRekpPLsO.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\DShVxclvuBnIVcFkXoGlkLEpMSN.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\eldJgQsFwpLDIE.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\EqtueplUrxMBS.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\ewIgauswWbEWLJCqBbvkiIpLUWLA.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\FcMxXBkjfo.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\FLlUVcHtIfBQwwwguVDa.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\FoaLHSrARRStfMGHapbtcpBsAPVK.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\fXTohjUMqlhEhJJEKtBtFjisHHB.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\HgtScaMMJSscNwoXkbsUtFFIWPpIa.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\HGvGQOsuLLFcRniLPe.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\hLIAsTjrgiMGViBMmkLUFXNvQ.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\HnPlubOA.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\iktONvFsvWni.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\ipXonVeWopWEAmqqKtGtWagiUJsC.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\iuTDXHpqFDOkCCXeTLnDKHGV.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\ixRQodAtjwSNoXIxcSjXKvKXfpF.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\JJPoWPhRCdakfjXABDCOHjlL.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\KBtjcgWdignDefkVuoXkLsLCGlv.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\LPeiivAAjjewKXjvsAcmNXTpHQ.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\MCESneuLdibv.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\MGrUltJETBmiFpshKXhccvejuXUUED.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\mkeqgkNSQHAQWOGpB.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\NJajnpXfVGwgiSQGsgd.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\NjvckuFAilRXIVjBUDnWW.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\nuUhVncwARstV.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\OEHiiPOHVCL.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\oFRwgTbuEonXr.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\ojGXgpscml.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\PNjDFri.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\povkUXEwrRJTPCvtMBSnenGcDjOk.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\QaLLfCRJaXLQVRrEuw.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\QBoKhBhqXgempHavNAaiQfNO.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\qteCXmMBlqaaOB.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\RGvQfoddAoBuLhbwspSsNakm.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\rqOeBvaaELbheUPNTT.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\RWCOKLu.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\SEpDbh.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\SiuBVFDWQjs.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\smcRtvROoTF.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\TEcSbebIgtbCXXOlfIXTDnq.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\TiWSUTBrXBsVXeoNohhLfi.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\toXrgCxfCgNLiKK.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\uAiedDLjTBSDAHNLIj.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\ucgtLiMI.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\UeVOkQjgcTnnqUaX.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\UkeBteIatNNlHlSRxnKTaop.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\uPGjpAeXIXHfCaTQsJqug.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\vCpSIapsvKTcDwvan.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\VPgaVLpqXpkDIKo.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\VtKsBJBpGKABWvMHOAEiObrfoNhQWX.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\wlcbNErJvTevdpIrMHmNxDu.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\WxcqnaBRvbBBdI.exe
c:\documents and settings\Dušan\Data aplikací\Microsoft\XVLrIwo.exe
c:\recycled\Recycled
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000010_.tmp.dll
c:\windows\system32\_000011_.tmp.dll
c:\windows\system32\_000020_.tmp.dll
c:\windows\system32\_000021_.tmp.dll
c:\windows\system32\_000022_.tmp.dll
c:\windows\system32\_000023_.tmp.dll
c:\windows\system32\install
c:\windows\system32\SET117.tmp
c:\windows\system32\SET11F.tmp
c:\windows\system32\SET120.tmp
c:\windows\system32\SET121.tmp
c:\windows\system32\SET122.tmp
c:\windows\system32\SET123.tmp
c:\windows\system32\SET124.tmp
c:\windows\system32\SET125.tmp
c:\windows\system32\SET126.tmp
c:\windows\system32\SET127.tmp
c:\windows\system32\SET128.tmp
c:\windows\system32\SET129.tmp
c:\windows\system32\SET12A.tmp
c:\windows\system32\SET12B.tmp
c:\windows\system32\SET12C.tmp
c:\windows\system32\SET12D.tmp
c:\windows\system32\SET17D.tmp
c:\windows\system32\SET1A1.tmp
c:\windows\system32\SET1AC.tmp
c:\windows\system32\SET1B9.tmp
c:\windows\system32\SET1BF.tmp
c:\windows\system32\SET1CD.tmp
c:\windows\system32\SET1CE.tmp
c:\windows\system32\SET1D8.tmp
c:\windows\system32\SET21.tmp
c:\windows\system32\SET264.tmp
c:\windows\system32\SET28.tmp
c:\windows\system32\SET280.tmp
c:\windows\system32\SET281.tmp
c:\windows\system32\SET282.tmp
c:\windows\system32\SET283.tmp
c:\windows\system32\SET284.tmp
c:\windows\system32\SET29.tmp
c:\windows\system32\SET2C9.tmp
c:\windows\system32\SET30.tmp
c:\windows\system32\SET311.tmp
c:\windows\system32\SET312.tmp
c:\windows\system32\SET314.tmp
c:\windows\system32\SET315.tmp
c:\windows\system32\SET316.tmp
c:\windows\system32\SET319.tmp
c:\windows\system32\SET31A.tmp
c:\windows\system32\SET31D.tmp
c:\windows\system32\SET31E.tmp
c:\windows\system32\SET31F.tmp
c:\windows\system32\SET322.tmp
c:\windows\system32\SET324.tmp
c:\windows\system32\SET36.tmp
c:\windows\system32\SET39.tmp
c:\windows\system32\SET42.tmp
c:\windows\system32\SET4F.tmp
c:\windows\system32\SET6A.tmp
c:\windows\system32\SET96.tmp
c:\windows\system32\SET97.tmp
c:\windows\system32\SET98.tmp
c:\windows\system32\SETDD.tmp
c:\windows\system32\SETDF.tmp
c:\windows\system32\SETE1.tmp
c:\windows\system32\SETFF.tmp
c:\windows\system32\windows
c:\windows\system32\windows.\avast.exe
c:\windows\system32\windows\avast.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-26 do 2012-07-26 )))))))))))))))))))))))))))))))
.
.
2012-07-26 13:03 . 2012-07-26 13:36 -------- d-----w- C:\UsbFix
2012-07-26 10:51 . 2012-07-26 10:51 512 ----a-w- C:\PhysicalMBR.bin
2012-07-26 08:17 . 2012-07-26 08:30 -------- d-----w- C:\rsit
2012-07-26 08:17 . 2012-07-26 08:29 -------- d-----w- c:\program files\trend micro
2012-07-22 18:32 . 2012-07-22 18:32 -------- d-----w- c:\documents and settings\Dušan\Local Settings\Data aplikací\PCHealth
2012-07-22 17:34 . 2006-10-04 13:39 36352 -c----w- c:\windows\system32\dllcache\umandlg.dll
2012-07-22 17:34 . 2006-10-04 13:34 72704 -c----w- c:\windows\system32\dllcache\magnify.exe
2012-07-22 17:34 . 2006-10-04 13:34 216064 -c----w- c:\windows\system32\dllcache\osk.exe
2012-07-22 17:34 . 2006-10-04 13:34 50176 -c----w- c:\windows\system32\dllcache\utilman.exe
2012-07-22 17:34 . 2006-10-04 13:34 54784 -c----w- c:\windows\system32\dllcache\narrator.exe
2012-07-22 15:46 . 2012-07-22 15:46 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-07-22 15:46 . 2012-07-14 00:15 136672 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2012-07-22 15:46 . 2012-07-14 00:13 157608 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice_installer.exe
2012-07-22 15:46 . 2012-07-14 00:13 113120 ----a-w- c:\program files\Mozilla Firefox\maintenanceservice.exe
2012-07-22 15:46 . 2012-07-14 00:12 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-07-22 15:46 . 2012-07-14 00:12 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-07-20 16:23 . 2012-07-22 15:57 -------- d-----w- c:\documents and settings\Dušan\Local Settings\Data aplikací\AskToolbar
2012-07-17 07:26 . 2012-07-20 10:59 -------- d-----w- c:\program files\valve
2012-07-11 16:33 . 2012-07-11 16:33 -------- d-----w- c:\program files\HyperCam 2
2012-07-10 19:57 . 2012-07-10 19:57 -------- d-----w- c:\windows\system32\Adobe
2012-07-05 11:38 . 2012-07-22 18:06 -------- d-----w- c:\program files\Counter-Strike 1.6 Non-Steam
2012-07-04 20:42 . 2012-07-04 20:42 -------- d-sh--w- c:\windows\ftpcache
2012-07-02 15:13 . 2012-07-02 15:13 -------- d-----w- c:\program files\Free Fire Screensaver
2012-07-02 15:13 . 2012-07-02 15:13 -------- d-----w- c:\documents and settings\Dušan\Data aplikací\Laconic Software
2012-07-01 11:49 . 2012-07-01 11:49 271360 ----a-w- c:\windows\system32\drivers\atksgt.sys
2012-07-01 11:49 . 2012-07-01 11:49 18048 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2012-07-01 10:51 . 2012-07-01 11:42 -------- d-----w- c:\program files\JoWooD Entertainment AG
2012-06-29 20:19 . 2012-06-29 20:19 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-06-27 17:45 . 2012-07-01 11:59 -------- d-----w- c:\documents and settings\Dušan\Local Settings\Data aplikací\MotionDSP
2012-06-27 17:45 . 2012-06-27 17:51 -------- d---a-w- c:\documents and settings\All Users\Data aplikací\TEMP
2012-06-27 17:45 . 2012-07-01 11:59 -------- d-----w- c:\documents and settings\Dušan\Data aplikací\MotionDSP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-23 21:16 . 2012-04-09 11:43 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-23 21:16 . 2012-04-09 11:43 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-18 15:33 . 2002-01-01 00:38 90112 ----a-w- c:\windows\DUMP60ae.tmp
2012-07-07 14:17 . 2012-01-17 15:57 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-07-07 14:16 . 2012-01-17 15:57 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-07-04 20:48 . 2012-01-17 15:57 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-07-04 20:41 . 2012-06-18 11:47 22328 ----a-w- c:\documents and settings\Dušan\Data aplikací\PnkBstrK.sys
2012-07-03 11:46 . 2012-05-05 20:04 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-18 11:46 . 2012-06-18 11:46 682280 ----a-w- c:\windows\system32\pbsvc.exe
2012-05-04 17:29 . 2012-05-19 18:40 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-05-04 17:29 . 2012-05-19 18:40 772504 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-05-04 17:29 . 2011-12-16 17:21 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-25 13:18 . 2012-03-25 13:17 22259528 ----a-w- c:\program files\vlc-2.0.1-win32.exe
2012-07-14 00:15 . 2012-07-22 15:46 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2004-08-17 14:49 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . c:\windows\NiwradSoft Shell Pack\Backup\comres.dll
[-] 2004-08-17 14:49 . 0811E66E2C2D8CC151DCB10F3BF39106 . 1508864 . . [2001.12.4414.258] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2004-08-17 14:49 . 0811E66E2C2D8CC151DCB10F3BF39106 . 1508864 . . [2001.12.4414.258] . . c:\windows\system32\comres.dll
[-] 2001-10-25 12:00 . 7ED4531538DC4E894A402C2FEE7B6E1F . 806912 . . [2001.12.4414.42] . . c:\windows\$NtServicePackUninstall$\comres.dll
.
[7] 2004-08-17 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2004-08-17 . D1C758D6B44D3E7CD32822B6D59611C9 . 636928 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2004-08-17 . D1C758D6B44D3E7CD32822B6D59611C9 . 636928 . . [5.82] . . c:\windows\system32\comctl32.dll
[7] 2004-08-17 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[-] 2001-10-25 . 7AA773FE953F2992B33DD7B54FE7E381 . 557568 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[7] 2001-10-25 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[-] 2010-05-06 . 06B941C7749A9F071444B4C7563F36B5 . 5950976 . . [8.00.6001.18928] . . c:\windows\SoftwareDistribution\Download\4da92e2c99b7232d7106179052438045\SP3GDR\mshtml.dll
[-] 2010-05-06 . 3F88F981AA7BC20744E0D2C699F500EF . 5953024 . . [8.00.6001.23019] . . c:\windows\SoftwareDistribution\Download\4da92e2c99b7232d7106179052438045\SP3QFE\mshtml.dll
[7] 2010-04-16 . 3F79012C321EA541C458EFE797AFB822 . 3094528 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3QFE\mshtml.dll
[7] 2010-04-16 . A8FD7D41C70CE7AFFAAF00D586DEB2FE . 3094016 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3GDR\mshtml.dll
[7] 2010-04-16 . 084EF8D69026FFB75F93F00E67A66A8D . 3086336 . . [6.00.2900.3698] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2010-04-16 . 318204B433A0BD37FA6B5A56877B8FB7 . 3094016 . . [6.00.2900.3698] . . c:\windows\$hf_mig$\KB982381\SP2QFE\mshtml.dll
[-] 2004-08-17 . F524EA4402896285F7E3212CD1440A83 . 3331584 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB982381$\mshtml.dll
[7] 2004-08-17 . EF74351C9098210CC9C1A3679DB62041 . 3003392 . . [6.00.2900.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\mshtml.dll
[-] 2004-08-17 . F524EA4402896285F7E3212CD1440A83 . 3331584 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2004-08-17 . F524EA4402896285F7E3212CD1440A83 . 3331584 . . [6.00.2900.2180] . . c:\windows\system32\mshtml.dll
[-] 2001-10-25 . DCCB112F6AAD118138F810B088B4A626 . 2793984 . . [6.00.2600.0000] . . c:\windows\$NtServicePackUninstall$\mshtml.dll
.
[7] 2004-08-17 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2004-08-17 . CA2BE87B92496E69BC62EFD69F6084B1 . 577024 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2004-08-17 . CA2BE87B92496E69BC62EFD69F6084B1 . 577024 . . [5.1.2600.2180] . . c:\windows\system32\user32.dll
[-] 2001-10-25 . 7FB83E041A40B4D68BF27ABB4695988B . 561152 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2010-05-06 . B7ECEF0CCF63119356E174A78C185171 . 916480 . . [8.00.6001.18923] . . c:\windows\SoftwareDistribution\Download\4da92e2c99b7232d7106179052438045\SP3GDR\wininet.dll
[-] 2010-05-06 . 72064DA077E9D6912F39438D97CC0C60 . 919040 . . [8.00.6001.23014] . . c:\windows\SoftwareDistribution\Download\4da92e2c99b7232d7106179052438045\SP3QFE\wininet.dll
[7] 2010-04-16 . 9D7E8909D5A4A2EADD1154CA9E098AB2 . 668160 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3GDR\wininet.dll
[7] 2010-04-16 . 5429E4C33C10DA9A6BED641681B3D2BD . 669696 . . [6.00.2900.5969] . . c:\windows\$hf_mig$\KB982381\SP3QFE\wininet.dll
[7] 2010-04-16 . 8B1D8121326F8E35FE4190377277393C . 663040 . . [6.00.2900.3698] . . c:\windows\system32\dllcache\wininet.dll
[7] 2010-04-16 . 18EC32B0148FD4D0DECBEF71EF6DB626 . 669696 . . [6.00.2900.3698] . . c:\windows\$hf_mig$\KB982381\SP2QFE\wininet.dll
[-] 2004-08-17 . 71763CC465FCE35BA4DDDF2C23EA2CD5 . 767488 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB982381$\wininet.dll
[7] 2004-08-17 . 50D263E3454E8357D13BB598129185AD . 657408 . . [6.00.2900.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\wininet.dll
[-] 2004-08-17 . 71763CC465FCE35BA4DDDF2C23EA2CD5 . 767488 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2004-08-17 . 71763CC465FCE35BA4DDDF2C23EA2CD5 . 767488 . . [6.00.2900.2180] . . c:\windows\system32\wininet.dll
[-] 2001-10-25 . D9B2B3EDA5B393BB5383EBB1BF800AEC . 594944 . . [6.00.2600.0000] . . c:\windows\$NtServicePackUninstall$\wininet.dll
.
[-] 2004-08-17 . A5E2D7766A26A60F92C58163093E96F6 . 1539584 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[7] 2004-08-17 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2004-08-17 . A5E2D7766A26A60F92C58163093E96F6 . 1539584 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2001-10-25 . 0348A56A9E9A658AE3AD15B42026498E . 1001472 . . [6.00.2600.0000] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2004-08-17 . BBE39CEB7F468449FEA84ECC11666B9A . 277504 . . [5.1.2600.2180] . . c:\windows\regedit.exe
[7] 2004-08-17 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\regedit.exe
[-] 2004-08-17 . BBE39CEB7F468449FEA84ECC11666B9A . 277504 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\regedit.exe
[-] 2001-10-25 . 153FCEFCF334D87AF99874E9E72F8A93 . 135680 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\regedit.exe
.
[7] 2004-08-17 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2004-08-17 . 82B0ED1EE0F3552290749FB80C074835 . 40448 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2004-08-17 . 82B0ED1EE0F3552290749FB80C074835 . 40448 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
[-] 2001-10-25 . 84D2218F0F0DCADA9B580CF83122B4AD . 13312 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[7] 2004-08-17 . 63E527C26AC3059EAD766C6C11746D07 . 93184 . . [6.00.2900.2180] . . c:\windows\NiwradSoft Shell Pack\Backup\iexplore.exe
[-] 2004-08-17 . F4DB1A37131E852B2069615B9534BAC3 . 102912 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2001-10-25 . 4899F204D4FBE2D8058E6529475416C5 . 91136 . . [6.00.2600.0000] . . c:\windows\$NtServicePackUninstall$\iexplore.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5D1C757D-0F77-7DDD-6BD4-0E9E40B77319}]
2004-08-17 14:49 98304 ----a-w- c:\windows\system32\rsshx32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-11-12 1647448]
"Steam"="c:\program files\Steam\Steam.exe" [2012-01-05 1242448]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-29 17148552]
"KBot control center"="c:\program files\KBot\KBot 6.23\KBotcc.exe" [2012-04-28 198656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mbot.exe"="C:\Program Files" [X]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2007-10-25 8527872]
"nwiz"="nwiz.exe" [2007-10-25 1626112]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2007-10-25 81920]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-18 925696]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-12-15 49152]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"ExpressFiles"="c:\program files\ExpressFiles\ExpressFiles.exe" [2012-06-11 476824]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-06-27 1996200]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 40448]
.
c:\documents and settings\Dušan\Nabídka Start\Programy\Po spuštění\
ctfmon.exe [2006-6-27 20480]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-12-15 282624]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\mafia ii\\pc\\Mafia2.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"c:\\Program Files\\KBot\\KBot 6.23\\KBotcc.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\ExpressFiles\\ExpressFiles.exe"=
"c:\\Program Files\\ExpressFiles\\ExpressDL.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Opera\\pluginwrapper\\opera_plugin_wrapper.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57969:TCP"= 57969:TCP:Pando Media Booster
"57969:UDP"= 57969:UDP:Pando Media Booster
.
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [9.12.2011 13:01 490840]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [27.6.2012 12:29 1385896]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [5.5.2012 22:04 655944]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5.5.2012 22:04 22344]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [29.2.2012 9:50 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [9.4.2012 13:43 250056]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.207\McCHSvc.exe [17.6.2011 19:33 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [22.7.2012 17:46 113120]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [26.3.2012 14:15 27064]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 21:16]
.
2012-07-26 c:\windows\Tasks\Express Files Updater.job
- c:\program files\ExpressFiles\EFupdater.exe [2012-06-11 14:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com/?l=dis&o=14672
mStart Page = hxxp://www.bigseekpro.com/hypercam/{EBCE9DA1-2 ... 711A5A54BA}
uInternet Connection Wizard,ShellNext = hxxp://www.dlink.eu/
uInternet Settings,ProxyServer = 127.0.0.1:3128
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Dušan\Data aplikací\Mozilla\Firefox\Profiles\raemwdsn.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ATU2&o=14670&locale=en_EU&apn_uid=848e819d-7b7a-4208-8862-53466a88ed45&apn_ptnrs=T8&apn_sauid=2FAEED19-A999-40E9-BAE2-60A9BD4A6450&apn_dtid=YYYYYYYYCZ&&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
HKLM-RunOnce-<NO NAME> - (no file)
AddRemove-{1B2AC353-FEA2-47FA-A058-5C64E443FB80}}_is1 - c:\program files\Profibot\OpenStealth 1.28\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-26 16:19
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1220945662-2052111302-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1220945662-2052111302-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:8b,1d,02,94,e9,f7,70,37,75,42,1b,de,59,70,1b,12,c2,e5,3d,47,97,
13,28,a6,b2,d2,cc,fd,f3,7d,77,5f,85,9b,c2,d3,3a,66,8c,83,bc,dd,3a,fa,41,b5,\
"rkeysecu"=hex:92,af,cc,47,d0,f5,3b,7c,f2,95,8b,39,f2,2e,31,32
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(792)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(848)
c:\windows\system32\setupapi.dll
.
Celkový čas: 2012-07-26 16:21:08
ComboFix-quarantined-files.txt 2012-07-26 14:21
.
Před spuštěním: Volných bajtů: 46 603 972 608
Po spuštění: Volných bajtů: 46 610 001 920
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 62C43E0DDA5788AB99E1A3331AF336CE

Naughty ono to nejde pokud by ti to nevadilo já tu odedneška do zítřva večera nebudu.. mužeme se na to podívat v sobotu prosím i klidně zítra když tu budu. děkuji předem

no Naughty,já už tedka sem na notebooku a na to C jsem zapoměl já si již zvykl že se tam nemohu dostat.. tak mě nenapadlo to skusit do ted. Až mi kámoš poradil že mi zde pomužete tak v sobotu .. jinak ti děkuji že mi pomáháš s opravou

Tak jsem se vrátil dříve a C funguje
eště bych chtěl poprosit jestli by jsi mi Naughty nepomohl v sobotu vyčistit PC mám tam toho hodně a nevím si s tím rady.

zde je log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dušan at 2012-07-28 11:01:48
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 55 GB (72%) free of 76 GB
Total RAM: 2047 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:01:55, on 28.7.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ExpressFiles\EFupdater.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\ExpressFiles\ExpressFiles.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\KBot\KBot 6.23\KBotcc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Documents and Settings\Dušan\Nabídka Start\Programy\Po spuštění\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dark AutoLoginer\6.1\DarkAutoLoginer6.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dušan\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Dušan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{EBC ... 711A5A54BA}
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dlink.eu/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Adobe PDF Link Helper - {5D1C757D-0F77-7DDD-6BD4-0E9E40B77319} - C:\WINDOWS\system32\rsshx32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Mbot.exe] C:\Program Files
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [ExpressFiles] "C:\Program Files\ExpressFiles\ExpressFiles.exe" -tray
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [KBot control center] C:\Program Files\KBot\KBot 6.23\KBotcc.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7627 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Express Files Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Dušan\Data aplikací\Mozilla\Firefox\Profiles\raemwdsn.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.com"
prefs.js - "keyword.URL" - "http://websearch.ask.com/redirect?clien ... YYYYCZ&&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.268 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D1C757D-0F77-7DDD-6BD4-0E9E40B77319}]
Adobe PDF Link Helper - C:\WINDOWS\system32\rsshx32.dll [2004-08-17 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2007-10-25 8527872]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2007-10-25 81920]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2004-10-27 61952]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2005-05-18 925696]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-12-15 49152]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"Mbot.exe"=C:\Program Files []
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]
"ExpressFiles"=C:\Program Files\ExpressFiles\ExpressFiles.exe [2012-06-11 476824]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-06-27 1996200]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"=C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2011-11-12 1647448]
"Steam"=C:\Program Files\Steam\Steam.exe [2012-01-05 1242448]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]
"KBot control center"=C:\Program Files\KBot\KBot 6.23\KBotcc.exe [2012-04-28 198656]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.207\SSScheduler.exe

C:\Documents and Settings\Dušan\Nabídka Start\Programy\Po spuštění
ctfmon.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=3
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\SteamApps\common\mafia ii\pc\Mafia2.exe"="C:\Program Files\Steam\SteamApps\common\mafia ii\pc\Mafia2.exe:*:Enabled:Mafia II"
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe"="C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\KBot\KBot 6.23\KBotcc.exe"="C:\Program Files\KBot\KBot 6.23\KBotcc.exe:*:Enabled:KBot control center"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\ExpressFiles\ExpressFiles.exe"="C:\Program Files\ExpressFiles\ExpressFiles.exe:*:Enabled:ExpressFiles"
"C:\Program Files\ExpressFiles\ExpressDL.exe"="C:\Program Files\ExpressFiles\ExpressDL.exe:*:Enabled:ExpressFilesDL"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe"="C:\Program Files\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\valve\hl.exe"="C:\Program Files\valve\hl.exe:*:Enabled:Half-Life Launcher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\System32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll

======List of files/folders created in the last 1 month======

2012-07-27 21:20:36 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2012-07-27 10:07:43 ----SHD---- C:\RECYCLER
2012-07-26 17:14:15 ----RSHD---- C:\Recycled
2012-07-26 16:21:08 ----A---- C:\ComboFix.txt
2012-07-26 16:12:55 ----A---- C:\Boot.bak
2012-07-26 16:12:48 ----RASHD---- C:\cmdcons
2012-07-26 16:10:47 ----A---- C:\WINDOWS\zip.exe
2012-07-26 16:10:47 ----A---- C:\WINDOWS\SWXCACLS.exe
2012-07-26 16:10:47 ----A---- C:\WINDOWS\SWSC.exe
2012-07-26 16:10:47 ----A---- C:\WINDOWS\SWREG.exe
2012-07-26 16:10:47 ----A---- C:\WINDOWS\sed.exe
2012-07-26 16:10:47 ----A---- C:\WINDOWS\PEV.exe
2012-07-26 16:10:47 ----A---- C:\WINDOWS\NIRCMD.exe
2012-07-26 16:10:47 ----A---- C:\WINDOWS\MBR.exe
2012-07-26 16:10:47 ----A---- C:\WINDOWS\grep.exe
2012-07-26 16:10:36 ----D---- C:\Qoobox
2012-07-26 16:10:24 ----D---- C:\WINDOWS\erdnt
2012-07-26 15:03:26 ----A---- C:\UsbFix.txt
2012-07-26 15:03:25 ----D---- C:\UsbFix
2012-07-26 10:17:51 ----D---- C:\rsit
2012-07-26 10:17:51 ----D---- C:\Program Files\trend micro
2012-07-25 12:32:08 ----A---- C:\WINDOWS\system32\javaws.exe
2012-07-25 12:32:00 ----A---- C:\WINDOWS\system32\javaw.exe
2012-07-25 12:32:00 ----A---- C:\WINDOWS\system32\java.exe
2012-07-22 19:34:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2012-07-22 19:34:30 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2012-07-22 17:46:27 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-07-22 17:46:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2012-07-17 09:26:05 ----D---- C:\Program Files\valve
2012-07-11 18:33:12 ----D---- C:\Program Files\HyperCam 2
2012-07-10 21:57:37 ----D---- C:\WINDOWS\system32\Adobe
2012-07-05 13:38:48 ----D---- C:\Program Files\Counter-Strike 1.6 Non-Steam
2012-07-04 22:42:13 ----SHD---- C:\WINDOWS\ftpcache
2012-07-04 22:40:37 ----A---- C:\WINDOWS\game.ini
2012-07-02 17:13:36 ----D---- C:\Program Files\Free Fire Screensaver
2012-07-02 17:13:26 ----D---- C:\Documents and Settings\Dušan\Data aplikací\Laconic Software
2012-07-01 13:49:51 ----A---- C:\WINDOWS\system32\drivers\lirsgt.sys
2012-07-01 13:49:51 ----A---- C:\WINDOWS\system32\drivers\atksgt.sys
2012-07-01 12:51:23 ----D---- C:\Program Files\JoWooD Entertainment AG
2012-06-29 22:19:46 ----D---- C:\Program Files\LogMeIn Hamachi

======List of files/folders modified in the last 1 month======

2012-07-28 11:01:02 ----D---- C:\WINDOWS\Prefetch
2012-07-28 10:59:52 ----D---- C:\Documents and Settings\Dušan\Data aplikací\vlc
2012-07-28 10:32:05 ----D---- C:\Documents and Settings\Dušan\Data aplikací\Skype
2012-07-27 21:53:01 ----D---- C:\WINDOWS
2012-07-27 21:21:44 ----D---- C:\WINDOWS\system32\CatRoot2
2012-07-27 21:20:53 ----D---- C:\Program Files\Steam
2012-07-27 21:20:36 ----D---- C:\WINDOWS\system32
2012-07-27 20:07:47 ----D---- C:\WINDOWS\Temp
2012-07-27 20:07:46 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-27 10:07:43 ----D---- C:\WINDOWS\Minidump
2012-07-26 17:15:11 ----D---- C:\WINDOWS\system32\drivers
2012-07-26 17:13:11 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-07-26 16:28:23 ----A---- C:\WINDOWS\win.ini
2012-07-26 16:20:32 ----SD---- C:\WINDOWS\Tasks
2012-07-26 16:19:11 ----A---- C:\WINDOWS\system.ini
2012-07-26 16:19:03 ----D---- C:\WINDOWS\system32\drivers\etc
2012-07-26 16:18:30 ----SD---- C:\Documents and Settings\Dušan\Data aplikací\Microsoft
2012-07-26 16:16:44 ----D---- C:\WINDOWS\AppPatch
2012-07-26 16:16:40 ----D---- C:\Program Files\Common Files
2012-07-26 16:12:55 ----RASH---- C:\boot.ini
2012-07-26 13:46:11 ----RD---- C:\Program Files
2012-07-25 12:32:16 ----SHD---- C:\WINDOWS\Installer
2012-07-25 12:32:16 ----D---- C:\Config.Msi
2012-07-25 12:31:38 ----D---- C:\Program Files\Java
2012-07-25 00:09:21 ----HD---- C:\Program Files\InstallShield Installation Information
2012-07-23 23:16:23 ----D---- C:\Program Files\McAfee Security Scan
2012-07-23 19:20:17 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2012-07-23 18:19:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-07-23 12:35:15 ----D---- C:\Program Files\Opera
2012-07-22 20:28:35 ----D---- C:\WINDOWS\system32\config
2012-07-22 20:19:40 ----RSD---- C:\WINDOWS\assembly
2012-07-22 20:16:23 ----D---- C:\WINDOWS\Microsoft.NET
2012-07-22 20:05:39 ----D---- C:\Program Files\KBot
2012-07-22 20:00:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-07-22 20:00:17 ----D---- C:\WINDOWS\WinSxS
2012-07-22 19:35:01 ----HD---- C:\WINDOWS\inf
2012-07-22 19:34:59 ----D---- C:\WINDOWS\system32\CatRoot
2012-07-22 19:34:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-22 19:34:44 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-22 19:33:38 ----D---- C:\Documents and Settings\Dušan\Data aplikací\uTorrent
2012-07-22 17:57:48 ----D---- C:\Documents and Settings\Dušan\Data aplikací\PriceGong
2012-07-22 17:46:22 ----D---- C:\Program Files\Mozilla Firefox
2012-07-20 18:23:15 ----D---- C:\Program Files\DsNET Corp
2012-07-18 23:54:40 ----D---- C:\Documents and Settings\Dušan\Data aplikací\Mozilla
2012-07-18 21:33:20 ----D---- C:\WINDOWS\Logs
2012-07-18 17:33:54 ----A---- C:\WINDOWS\DUMP60ae.tmp
2012-07-17 23:40:44 ----D---- C:\Documents and Settings\Dušan\Data aplikací\TS3Client
2012-07-17 09:24:16 ----D---- C:\Program Files\TeamSpeak 3 Client
2012-07-15 19:22:44 ----D---- C:\Documents and Settings\Dušan\Data aplikací\gtk-2.0
2012-07-07 16:16:59 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2012-07-06 18:55:39 ----D---- C:\Documents and Settings\Dušan\Data aplikací\.minecraft
2012-07-04 22:48:00 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2012-07-04 22:42:06 ----D---- C:\WINDOWS\system32\DirectX
2012-07-04 11:19:10 ----D---- C:\Documents and Settings\Dušan\Data aplikací\TeamViewer
2012-07-04 08:44:35 ----D---- C:\Program Files\uTorrent
2012-07-03 09:11:43 ----D---- C:\Program Files\ScreenShots
2012-07-01 14:00:14 ----D---- C:\Documents and Settings\Dušan\Data aplikací\Toolbar4
2012-07-01 13:59:32 ----D---- C:\Documents and Settings\Dušan\Data aplikací\MotionDSP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-09-03 115680]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2012-07-01 271360]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2012-07-01 18048]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-07-04 151552]
R3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2005-12-19 92800]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-28 49664]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-28 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-28 21568]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-10-25 7426112]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2006-08-14 83200]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2005-06-07 393088]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S3 catchme;catchme; \??\C:\DOCUME~1\DUAN~1\LOCALS~1\Temp\catchme.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-27 145920]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2011-11-10 490840]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 1385896]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-05-04 161664]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-10-25 155716]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-07-04 66872]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe []
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Druhý log je zde:
C:\rsit\info.txt

zde je i info


info.txt logfile of random's system information tool 1.09 2012-07-26 10:30:41

======Uninstall list======

-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
7-Zip 9.21beta-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_265_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_265_Plugin.exe -maintain plugin
Adobe Reader X (10.1.0) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Adobe Shockwave Player 11.6-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Advanced SystemCare 5-->"C:\Program Files\IObit\Advanced SystemCare 5\unins000.exe"
Aktualizace systému Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9L$\spuninst\spuninst.exe"
Aktualizace zabezpečení produktu Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Aktualizace zabezpečení systému Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971032)-->"C:\WINDOWS\$NtUninstallKB971032$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981350)-->"C:\WINDOWS\$NtUninstallKB981350$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe"
Ashampoo Burning Studio 6 FREE v.6.80-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 6 FREE\unins000.exe"
aTube Catcher-->C:\Program Files\DsNET Corp\aTube Catcher 2.0\uninstall.exe
AutoClick-->"C:\Program Files\AutoClick3\unins000.exe"
Balíček zprostředkovatele služby Microsoft Base Smart Card Cryptographic Service-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Counter-Strike 1.6 Non-Steam 1.0-->C:\Program Files\Counter-Strike 1.6 Non-Steam\Uninstall.exe
Free Fire Screensaver-->C:\Program Files\Free Fire Screensaver\uninstall.exe
Game Booster 3-->"C:\Program Files\IObit\Game Booster 3\unins000.exe"
GhostMouse-->"C:\Program Files\GhostMouse\unins000.exe"
GIMP 2.6.12-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
High Definition Audio Driver Package - KB888111-->C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format SDK (KB902344)-->"C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
HP Extended Capabilities 6.1-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 6.1-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential-->MsiExec.exe /X{D7CAE58E-26DE-49B7-A75D-EAEDF76726BE}
HP PSC & OfficeJet 6.1.A-->"C:\Program Files\HP\Digital Imaging\{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}\setup\hpzscr01.exe" -datfile hposcr08.dat
HP Software Update-->MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}
HP Solution Center and Imaging Support Tools 6.1-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Java(TM) 6 Update 32-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216032FF}
Java(TM) 7 Update 4-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217004F0}
Java(TM) 7 Update 5-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217005FF}
JavaFX 2.1.1-->MsiExec.exe /X{1111706F-666A-4037-7777-211328764D10}
LG USB Modem Drivers-->MsiExec.exe /X{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}
LogMeIn Hamachi-->C:\WINDOWS\system32\\msiexec.exe /i {7FB413C8-3CAD-49F7-A67C-6EFEB4B04050} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}
Malwarebytes Anti-Malware verze 1.62.0.1300-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe"
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended CSY Language Pack-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\ExtendedLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ExtendedLP
Microsoft .NET Framework 4 Extended CSY Language Pack-->MsiExec.exe /X{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}
Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft XNA Framework Redistributable 3.1-->MsiExec.exe /I{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}
Mozilla Firefox 11.0 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mp3 Knife 3.2-->"C:\Program Files\Mp3 Knife\unins000.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
NVIDIA Drivers-->C:\WINDOWS\System32\nvudisp.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
Óäŕëĺíčĺ Dark AutoLoginer 6.1-->C:\Program Files\Dark AutoLoginer\6.1\Uninstall.exe
OpenStealth 1.28-->"C:\Program Files\Profibot\OpenStealth 1.28\unins000.exe"
Opera 12.00-->"C:\Program Files\Opera\Opera.exe" /uninstall
Oprava Hotfix systému Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\Setup.exe" -l0x5 -removeonly
Revo Uninstaller Pro 2.5.7-->"C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe"
Seven Remix XP 2.0-->C:\WINDOWS\NiwradSoft Shell Pack\uninst.exe
Skype™ 5.8-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
TeamViewer 7-->C:\Program Files\TeamViewer\Version7\uninstall.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VLC media player 1.1.11-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======System event log======

Computer Name: TEKNO
Event Code: 7036
Message: Stav služby Kompatibilita pro rychlé přepínání uživatelů byl změněn na: Spuštěno

Record Number: 5953
Source Name: Service Control Manager
Time Written: 20120701123312.000000+120
Event Type: Informace
User:

Computer Name: TEKNO
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Služba inteligentního přenosu na pozadí (BITS) úspěšně odeslán.

Record Number: 5952
Source Name: Service Control Manager
Time Written: 20120701123312.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: TEKNO
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Kompatibilita pro rychlé přepínání uživatelů úspěšně odeslán.

Record Number: 5951
Source Name: Service Control Manager
Time Written: 20120701123312.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: TEKNO
Event Code: 7036
Message: Stav služby Terminálová služba byl změněn na: Spuštěno

Record Number: 5950
Source Name: Service Control Manager
Time Written: 20120701123312.000000+120
Event Type: Informace
User:

Computer Name: TEKNO
Event Code: 6005
Message: Služba Event Log byla spuštěna.

Record Number: 5949
Source Name: EventLog
Time Written: 20120701123231.000000+120
Event Type: Informace
User:

=====Application event log=====

Computer Name: TEKNO
Event Code: 100
Message: Service started.

Record Number: 5
Source Name: SkypeUpdate
Time Written: 20120603061712.000000+120
Event Type: Informace
User:

Computer Name: TEKNO
Event Code: 101
Message: Service stopped.

Record Number: 4
Source Name: SkypeUpdate
Time Written: 20120603060532.000000+120
Event Type: Informace
User:

Computer Name: TEKNO
Event Code: 103
Message: SkypeUpdate service is shutting down due to idle timeout.

Record Number: 3
Source Name: SkypeUpdate
Time Written: 20120603060531.000000+120
Event Type: Informace
User:

Computer Name: TEKNO
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 2
Source Name: SecurityCenter
Time Written: 20120603060315.000000+120
Event Type: Informace
User:

Computer Name: TEKNO
Event Code: 100
Message: Service started.

Record Number: 1
Source Name: SkypeUpdate
Time Written: 20120603060315.000000+120
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=c:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 5, GenuineIntel
"PROCESSOR_REVISION"=0605
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------

omlouvám se omylem tu byly 2x info