VIRY.CZ

Zdravím,
mám problém s ntb, všechno nabíhá pomalu, zamrzá.. přikládám RSIT log. Předem děkuju za pomoc.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Petr at 2010-01-24 02:53:27
Microsoft Windows XP Home Edition Service Pack 3
System drive D: has 46 GB (67%) free of 69 GB
Total RAM: 1919 MB (62% free)

HijackThis download failed

======Scheduled tasks folder======

D:\WINDOWS\tasks\Defraggler Volume C Task.job
D:\WINDOWS\tasks\Defraggler Volume D Task.job
D:\WINDOWS\tasks\Defraggler Volume G Task.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}]
IE Developer Toolbar BHO - D:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll [2007-03-01 623992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=D:\WINDOWS\ATK0100\HControl.exe [2006-10-14 110592]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2008-03-26 16859136]
"SMSERIAL"=D:\WINDOWS\sm56hlpr.exe [2006-03-21 544768]
"SynTPEnh"=D:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"ACU"=D:\Program Files\Atheros\ACU.exe [2006-07-04 336001]
"ASUS Live Update"=D:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30 51768]
"StatusClient"=D:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=D:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"WD Drive Manager"=D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [2009-05-27 450560]
"SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"COMODO Internet Security"=D:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2009-11-18 1800464]
"avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"FLMOFFICE4DMOUSE"=D:\Program Files\Labtec\Mouse\2.1\moffice.exe [2009-12-10 958464]
"NWEReboot"= []
"NeroFilterCheck"=D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"InCD"=D:\Program Files\Nero\Nero 7\InCD\InCD.exe [2006-07-25 1043968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DetectTray"=C:\Program Files\Genius\TVGo DVB-T02PRO\DetectTray.exe [2007-09-21 131072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 []

D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Nastavení myši Labtec.lnk - D:\Program Files\Software laserové myši Labtec\MulMouse.exe
WDDMStatus.lnk - D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2007-01-16 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="D:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\WINDOWS\system32\mmc.exe"="D:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console"
"D:\Documents and Settings\Petr\Data aplikací\uTorrent\utorrent.exe"="D:\Documents and Settings\Petr\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.scr - open - D:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-01-24 02:53:28 ----D---- D:\Program Files\trend micro
2010-01-24 02:53:27 ----D---- D:\rsit
2010-01-24 02:18:18 ----A---- D:\WINDOWS\ntbtlog.txt
2010-01-24 01:58:54 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-01-24 00:22:34 ----D---- D:\WINDOWS\setup.pss
2010-01-23 10:54:51 ----SHD---- D:\RECYCLER
2010-01-23 05:06:07 ----A---- D:\ComboFix.txt
2010-01-22 23:51:49 ----D---- D:\Program Files\Common Files\ParallelGraphics
2010-01-22 23:46:55 ----D---- D:\Program Files\PlotSoft
2010-01-22 23:46:55 ----D---- D:\Documents and Settings\All Users\Data aplikací\PlotSoft
2010-01-22 23:44:45 ----D---- D:\Program Files\HTTP Debugger Pro
2010-01-22 17:20:15 ----D---- D:\Documents and Settings\Petr\Data aplikací\Greenshot
2010-01-22 00:24:31 ----D---- D:\WINDOWS\pss
2010-01-21 09:18:44 ----D---- D:\Program Files\GRISOFT
2010-01-21 08:58:58 ----A---- D:\WINDOWS\system32\tmp.txt
2010-01-21 08:58:30 ----A---- D:\rapport.txt
2010-01-20 23:22:29 ----D---- D:\Program Files\Microsoft WSE
2010-01-20 22:55:01 ----N---- D:\WINDOWS\system32\dbmsqlgc.dll
2010-01-20 22:55:01 ----N---- D:\WINDOWS\system32\dbmsgnet.dll
2010-01-20 22:53:53 ----D---- D:\Program Files\Microsoft SQL Server
2010-01-20 22:24:59 ----HDC---- D:\WINDOWS\$NtUninstallKB970430$
2010-01-20 22:24:50 ----HDC---- D:\WINDOWS\$NtUninstallKB976098-v2$
2010-01-20 22:24:41 ----HDC---- D:\WINDOWS\$NtUninstallKB955759$
2010-01-20 22:24:30 ----HDC---- D:\WINDOWS\$NtUninstallKB974318$
2010-01-20 22:24:02 ----HDC---- D:\WINDOWS\$NtUninstallKB972270$
2010-01-20 22:23:16 ----HDC---- D:\WINDOWS\$NtUninstallKB976325$
2010-01-20 22:08:46 ----D---- D:\Program Files\MSXML 4.0
2010-01-20 22:08:15 ----HDC---- D:\WINDOWS\$NtUninstallKB973687$
2010-01-20 22:07:56 ----HDC---- D:\WINDOWS\$NtUninstallKB973904$
2010-01-20 22:06:49 ----HDC---- D:\WINDOWS\$NtUninstallKB974392$
2010-01-20 22:05:03 ----HDC---- D:\WINDOWS\$NtUninstallKB971737$
2010-01-20 21:41:38 ----D---- D:\Documents and Settings\Petr\Data aplikací\Ahead
2010-01-20 21:38:18 ----D---- D:\Program Files\Nero
2010-01-20 21:25:00 ----A---- D:\WINDOWS\UPGRADE.TXT
2010-01-20 03:21:36 ----A---- D:\WINDOWS\NIRCMD.exe
2010-01-20 03:21:36 ----A---- D:\WINDOWS\MBR.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\zip.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWXCACLS.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWSC.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWREG.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\sed.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\PEV.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\grep.exe
2010-01-13 22:46:23 ----A---- D:\WINDOWS\ROZPOCTY.INI
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\xfontman.dll
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\xaradocg.dll
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\BMPImporter.dll
2010-01-11 21:27:33 ----A---- D:\WINDOWS\system32\templop.dll
2010-01-11 21:27:33 ----A---- D:\WINDOWS\system32\templman.dll
2010-01-04 13:25:20 ----D---- D:\Program Files\Common Files\Ahead
2010-01-04 13:22:24 ----A---- D:\WINDOWS\system32\d3dx9_28.dll
2010-01-04 00:04:54 ----D---- D:\Documents and Settings\All Users\Data aplikací\Musicnotes
2010-01-03 15:38:35 ----D---- D:\Program Files\Musicnotes
2010-01-03 02:26:50 ----D---- D:\Program Files\Advanced PDF to IMAGE converter
2010-01-02 22:28:43 ----D---- D:\Documents and Settings\Petr\Data aplikací\Foxit Software
2009-12-28 22:27:01 ----D---- D:\Program Files\Software602

======List of files/folders modified in the last 1 months======

2010-01-24 02:53:28 ----RD---- D:\Program Files
2010-01-24 02:53:14 ----D---- D:\WINDOWS\Prefetch
2010-01-24 02:50:21 ----D---- D:\WINDOWS\Temp
2010-01-24 02:43:33 ----D---- D:\WINDOWS\system32\CatRoot2
2010-01-24 02:43:32 ----D---- D:\WINDOWS
2010-01-24 00:54:30 ----D---- D:\WINDOWS\system32\LogFiles
2010-01-23 22:23:56 ----HD---- D:\WINDOWS\inf
2010-01-23 22:23:51 ----D---- D:\Documents and Settings
2010-01-23 17:37:32 ----D---- D:\WINDOWS\system32\drivers
2010-01-23 10:54:35 ----D---- D:\WINDOWS\system32
2010-01-23 05:06:12 ----AD---- D:\Qoobox
2010-01-23 05:00:18 ----A---- D:\WINDOWS\system.ini
2010-01-23 04:54:04 ----D---- D:\WINDOWS\AppPatch
2010-01-23 04:53:59 ----AD---- D:\Program Files\Common Files
2010-01-23 02:44:27 ----D---- D:\WINDOWS\system32\config
2010-01-23 02:44:00 ----D---- D:\WINDOWS\ERDNT
2010-01-23 00:58:29 ----A---- D:\WINDOWS\WINCMD.INI
2010-01-23 00:48:39 ----D---- D:\Documents and Settings\Petr\Data aplikací\Skype
2010-01-22 23:52:08 ----SHD---- D:\WINDOWS\Installer
2010-01-22 23:52:08 ----D---- D:\Config.Msi
2010-01-22 18:58:50 ----D---- D:\Program Files\Mozilla Thunderbird
2010-01-22 17:50:39 ----D---- D:\Program Files\Mozilla Firefox
2010-01-22 17:19:17 ----A---- D:\WINDOWS\win.ini
2010-01-21 22:51:20 ----D---- D:\Documents and Settings\Petr\Data aplikací\Autodesk
2010-01-21 22:44:15 ----D---- D:\Program Files\Autodesk
2010-01-21 22:36:13 ----D---- D:\Documents and Settings\All Users\Data aplikací\Autodesk
2010-01-21 22:33:38 ----D---- D:\Program Files\Common Files\Autodesk Shared
2010-01-21 22:20:38 ----RSD---- D:\WINDOWS\Fonts
2010-01-21 10:19:42 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-01-21 03:50:36 ----HDC---- D:\WINDOWS\$NtUninstallKB973525$
2010-01-21 02:57:35 ----D---- D:\WINDOWS\Registration
2010-01-21 02:51:23 ----D---- D:\WINDOWS\Debug
2010-01-21 02:47:13 ----RSD---- D:\WINDOWS\assembly
2010-01-20 23:03:40 ----SD---- D:\WINDOWS\Downloaded Program Files
2010-01-20 22:25:02 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-01-20 22:24:39 ----HD---- D:\WINDOWS\$hf_mig$
2010-01-20 22:08:48 ----D---- D:\WINDOWS\WinSxS
2010-01-20 22:07:49 ----D---- D:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-01-20 02:30:08 ----D---- D:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-01-20 02:30:01 ----D---- D:\WINDOWS\Minidump
2010-01-20 02:25:08 ----D---- D:\Program Files\Microsoft Office
2010-01-20 02:23:26 ----D---- D:\Program Files\Common Files\Bluebeam Software
2010-01-20 02:22:43 ----D---- D:\Program Files\Common Files\SolidWorks Shared
2010-01-20 02:18:18 ----D---- D:\WINDOWS\system32\ShellExt
2010-01-19 00:59:47 ----D---- D:\Documents and Settings\Petr\Data aplikací\Alibre Design
2010-01-18 17:35:20 ----D---- D:\Documents and Settings\Petr\Data aplikací\gtk-2.0
2010-01-15 01:10:47 ----A---- D:\WINDOWS\wcx_ftp.ini
2010-01-14 11:57:16 ----D---- D:\UniScan
2010-01-11 20:43:15 ----D---- D:\Documents and Settings\Petr\Data aplikací\ColorImpact3
2010-01-09 21:12:17 ----D---- D:\WINDOWS\system32\NtmsData
2010-01-05 12:04:38 ----D---- D:\Documents and Settings\Petr\Data aplikací\Microsoft
2010-01-05 02:34:58 ----SD---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-01-05 02:30:57 ----D---- D:\Program Files\Defraggler
2010-01-05 02:30:56 ----SD---- D:\WINDOWS\Tasks
2010-01-04 16:17:48 ----A---- D:\WINDOWS\system32\MRT.exe
2010-01-04 13:20:48 ----D---- D:\WINDOWS\system32\DirectX
2010-01-01 08:03:39 ----D---- D:\Documents and Settings\Petr\Data aplikací\skypePM
2009-12-27 02:03:15 ----D---- D:\Program Files\Google
2009-12-26 01:55:02 ----D---- D:\Documents and Settings\Petr\Data aplikací\avidemux
2009-12-25 12:12:56 ----DC---- D:\WINDOWS\system32\DRVSTORE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; D:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; D:\WINDOWS\System32\DRIVERS\cmdguard.sys [2009-11-26 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver; D:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2009-11-18 25160]
R1 InCDPass;InCDPass; D:\WINDOWS\system32\drivers\InCDPass.sys [2006-07-25 31488]
R1 incdrm;InCD Reader; D:\WINDOWS\system32\drivers\InCDRm.sys [2006-07-25 33792]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tosrfcom;Bluetooth RFCOMM; D:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; D:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-09-07 21275]
R2 Aspi32;Aspi32; D:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 Sentinel;Sentinel; D:\WINDOWS\System32\Drivers\SENTINEL.SYS [2002-12-17 76288]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; D:\WINDOWS\system32\DRIVERS\athw.sys [2009-06-03 1570240]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter; D:\WINDOWS\system32\DRIVERS\atl02_xp.sys [2006-08-14 27776]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-01-16 1957376]
R3 BthEnum;Ovladač pro Bluetooth Request Block; D:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); D:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; D:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 CmBatt;Microsoft AC Adapter Driver; D:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-03-26 4713472]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; D:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 MODEMCSA;Unimodem Streaming Filter Device; D:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 moufiltr;Labtec Wireless Laser Mouse; D:\WINDOWS\system32\DRIVERS\moufiltr.sys [2007-05-07 13824]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); D:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; D:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 RTSTOR;USB Mass Stroage Device; D:\WINDOWS\system32\drivers\RTSTOR.SYS [2006-06-09 27520]
R3 smserial;smserial; D:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; D:\WINDOWS\System32\Drivers\StkCMini.sys [2007-06-06 1260672]
R3 tosporte;Bluetooth COM Port; D:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 WDC_SAM;WD SCSI Pass Thru driver; D:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
R4 InCDfs;InCD File System; D:\WINDOWS\system32\drivers\InCDFs.sys [2006-07-25 102912]
S3 41011;41011; \??\D:\WINDOWS\system32\41011.sys []
S3 apqt56rn;apqt56rn; D:\WINDOWS\system32\drivers\apqt56rn.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; D:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-07-17 494080]
S3 BTHPORT;Ovladač portu Bluetooth; D:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 catchme;catchme; \??\D:\DOCUME~1\Petr\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Dot4;Ovladač MS IEEE-1284.4; D:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; D:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; D:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 EC168BDA;TVGo DVB-T02PRO; D:\WINDOWS\system32\DRIVERS\EC168BDA.sys [2007-05-18 67968]
S3 ivusb;Initio Driver for USB Default Controller; D:\WINDOWS\system32\DRIVERS\ivusb.sys []
S3 MPE;Filtr MPE BDA; D:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; D:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; D:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; D:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; D:\WINDOWS\system32\drivers\StarOpen.sys [2009-09-28 7168]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SynTP;Synaptics TouchPad Driver; D:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; D:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS; D:\WINDOWS\System32\Drivers\tosrfbd.sys [2007-04-24 113920]
S3 Tosrfbnp;Bluetooth RFBNEP; D:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; D:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; D:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; D:\WINDOWS\system32\drivers\TosRfSnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; D:\WINDOWS\System32\Drivers\tosrfusb.sys [2007-06-11 41856]
S3 TVICHW32;TVICHW32; \??\D:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 upperdev;upperdev; D:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 USB_RNDIS;USB Remote NDIS Network Device Driver; D:\WINDOWS\system32\DRIVERS\usb8023k.sys [2002-08-12 11136]
S3 usbser;USB Modem Driver; D:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 Wdf01000;Kernel Mode Driver Frameworks service; D:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; D:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; D:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-07 723632]
R2 InCDsrv;InCD Helper; D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-07-25 849408]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; D:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 7520337]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; D:\WINDOWS\System32\StkCSrv.exe [2007-04-19 24576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service; D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2009-05-27 102400]
R2 WDDMService;WD SmartWare Drive Manager; D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-05 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ACS;Atheros Configuration Service; D:\WINDOWS\system32\acs.exe [2009-11-12 278613]
S2 gupdate;Služba Google Update (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-13 133104]
S2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe []
S2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager; D:\Flexlm\lmgrd.exe []
S3 aspnet_state;Stavová služba ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; D:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-09-11 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-03 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 hetbipqvewfg;hetbipqvewfg; D:\WINDOWS\system32\drivers\hetbipqvewfg.sys [2010-01-23 8576]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; D:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 NBService;NBService; D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-08-23 724992]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; D:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 ServiceLayer;ServiceLayer; D:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; D:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]
S3 UDGY;UDGY; D:\DOCUME~1\Petr\LOCALS~1\Temp\UDGY.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WXXLRUX;WXXLRUX; D:\DOCUME~1\Petr\LOCALS~1\Temp\WXXLRUX.exe []
S4 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2007-01-16 438272]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

20.1. jste dělal sken ComboFix. Dejte z něj log.

Test proběhl 2x. Přikládám oba dva výpisy:
1.:

ComboFix 10-01-19.03 - Petr 20.01.2010 10:15:53.6.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1273 [GMT 1:00]
Spuštěný z: c:\tp02\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100120-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-12-20 do 2010-01-20 )))))))))))))))))))))))))))))))
.

2010-01-11 20:27 . 2002-08-23 12:37 880694 ----a-w- d:\windows\system32\xaradocg.dll
2010-01-11 20:27 . 2002-06-28 08:24 23552 ----a-w- d:\windows\system32\xfontman.dll
2010-01-11 20:27 . 2002-06-28 08:24 139264 ----a-w- d:\windows\system32\BMPImporter.dll
2010-01-11 20:27 . 2002-08-22 15:56 126976 ----a-w- d:\windows\system32\templman.dll
2010-01-11 20:27 . 2002-06-28 08:24 253952 ----a-w- d:\windows\system32\templop.dll
2010-01-04 12:25 . 2010-01-05 01:40 -------- d-----w- d:\program files\Common Files\Ahead
2010-01-04 12:25 . 2010-01-04 12:25 -------- d-----w- d:\program files\Nero
2010-01-03 15:20 . 2010-01-14 11:18 -------- d-----w- D:\VueScan
2010-01-03 14:38 . 2010-01-03 14:39 -------- d-----w- d:\program files\Musicnotes
2010-01-03 01:26 . 2010-01-03 01:40 -------- d-----w- d:\program files\Advanced PDF to IMAGE converter
2010-01-03 01:08 . 2010-01-03 01:37 -------- d-----w- d:\program files\office Convert Pdf to Jpg Jpeg Tiff Free
2009-12-28 21:27 . 2009-12-28 21:27 -------- d-----w- d:\program files\Software602

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-20 09:01 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2010-01-20 01:23 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\Bluebeam Software
2010-01-20 01:22 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\SolidWorks Shared
2010-01-05 01:30 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2010-01-03 22:54 . 2009-11-11 00:09 -------- d-----w- d:\program files\Rhinoceros 4.0
2009-12-28 02:02 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-12-27 01:03 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-12-18 21:25 . 2009-10-28 21:07 -------- d-----w- d:\program files\Western Digital
2009-12-18 09:34 . 2009-12-18 09:34 -------- d-----w- d:\program files\Guitar Pro 5
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\PCSuite
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\Nokia
2009-12-16 02:10 . 2009-12-16 02:04 -------- d-----w- d:\program files\Nokia
2009-12-16 02:07 . 2009-12-16 02:06 -------- d-----w- d:\program files\PC Connectivity Solution
2009-12-10 12:03 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-12-10 12:03 . 2009-12-10 12:02 -------- d-----w- d:\program files\Software laserové myši Labtec
2009-12-10 12:02 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-12-10 12:01 . 2009-12-10 12:01 -------- d-----w- d:\program files\Labtec
2009-12-05 22:47 . 2009-12-05 22:47 -------- d-----w- d:\program files\VisualLightBox
2009-12-05 22:41 . 2009-12-05 22:41 -------- d-----w- d:\program files\Microsoft
2009-12-03 18:55 . 2009-12-03 18:55 -------- d-----w- d:\program files\Any DWF to DWG Converter
2009-12-03 18:30 . 2009-09-13 08:04 -------- d-----w- d:\program files\Autodesk
2009-11-29 08:57 . 2009-11-29 08:56 -------- d-----w- d:\program files\SunnyDesign
2009-11-29 08:55 . 2009-11-29 08:55 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-11-26 09:00 . 2009-11-12 14:06 171552 ----a-w- d:\windows\system32\guard32.dll
2009-11-26 09:00 . 2009-11-12 13:33 133064 ----a-w- d:\windows\system32\drivers\cmdguard.sys
2009-11-25 16:42 . 2009-11-25 16:42 -------- d-----w- d:\program files\RealWorld Icon Editor
2009-11-24 23:54 . 2009-11-23 01:40 1280480 ----a-w- d:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-23 01:41 93424 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-11-23 01:41 48560 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-23 01:41 23120 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-23 01:41 27408 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-23 01:41 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-11-21 10:13 . 2009-11-19 20:27 -------- d-----w- d:\program files\WinSnap
2009-11-18 09:00 . 2009-11-12 13:33 87104 ----a-w- d:\windows\system32\drivers\inspect.sys
2009-11-18 09:00 . 2009-11-12 13:33 25160 ----a-w- d:\windows\system32\drivers\cmdhlp.sys
2009-11-12 18:04 . 2009-11-12 13:37 339872 ----a-w- d:\windows\system32\drivers\sfi.dat
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-11-12 01:47 . 2006-03-02 12:00 98024 ----a-w- d:\windows\system32\perfc005.dat
2009-11-12 01:47 . 2006-03-02 12:00 466418 ----a-w- d:\windows\system32\perfh005.dat
2009-10-24 09:52 . 2009-09-12 22:28 108024 ---ha-w- d:\windows\system32\mlfcache.dat
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
.

((((((((((((((((((((((((((((( SnapShot_2010-01-20_02.35.06 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-20 09:12 . 2010-01-20 09:12 16384 d:\windows\Temp\Perflib_Perfdata_770.dat
+ 2010-01-20 09:13 . 2010-01-20 09:13 16384 d:\windows\Temp\Perflib_Perfdata_264.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Mozilla Thunderbird.lnk - d:\program files\Mozilla Thunderbird\thunderbird.exe [2009-9-7 8318056]
Nastavenˇ myçi Labtec.lnk - d:\program files\Software laserov‚ myçi Labtec\MulMouse.exe [2009-12-10 352256]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-5 2057536]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-5 9116480]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=d:\windows\system32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 [X]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [23.11.2009 2:41 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [12.11.2009 14:33 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [12.11.2009 14:33 25160]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [23.11.2009 2:41 20560]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [5.11.2009 8:44 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [22.9.2009 23:26 721904]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe --> d:\flexlm\lmgrd.exe [?]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 ivusb;Initio Driver for USB Default Controller;d:\windows\system32\DRIVERS\ivusb.sys --> d:\windows\system32\DRIVERS\ivusb.sys [?]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S3 UDGY;UDGY;d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe --> d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe [?]
S3 WXXLRUX;WXXLRUX;d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe --> d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-01-17 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]

2010-01-17 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]

2010-01-09 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]

2010-01-20 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]

2010-01-20 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/
uInternet Settings,ProxyOverride = <local>;*.local
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - http:/atlas.centrum.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\RadioWMPCore.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}\library\WINNT-32\MinimizeToTrayPlus.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: d:\program files\Musicnotes\npmusicn.dll
FF - plugin: d:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 10:27
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NET CLR Data]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NET CLR Networking]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NET Data Provider for Oracle]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NET Data Provider for SqlServer]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\.NETFramework]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Aavmker4]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ABBYY.Licensing.FineReader.Professional.9.0]
"ImagePath"="\"d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe\" -service"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Abiosdsk]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\abp480n5]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ACPI]
"ImagePath"="system32\DRIVERS\ACPI.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ACPIEC]
"ImagePath"="system32\DRIVERS\ACPIEC.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ACS]
"ImagePath"="d:\windows\system32\acs.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\adpu160m]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aec]
"ImagePath"="system32\drivers\aec.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AegisP]
"ImagePath"="system32\DRIVERS\AegisP.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AFD]
"ImagePath"="\SystemRoot\System32\drivers\afd.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Aha154x]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aic78u2]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aic78xx]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Alerter]
"ServiceDll"="%SystemRoot%\system32\alrsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AliIde]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\amsint]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AR5211]
"ImagePath"="system32\DRIVERS\ar5211.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AR5416]
"ImagePath"="system32\DRIVERS\athw.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\asc]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\asc3350p]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\asc3550]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ASP.NET]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ASP.NET_1.1.4322]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ASP.NET_2.0.50727]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Aspi32]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aspnet_state]
"ImagePath"="%SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswFsBlk]
"ImagePath"="system32\DRIVERS\aswFsBlk.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswMon2]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswRdr]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswSP]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswTdi]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\aswUpdSv]
"ImagePath"="\"d:\program files\Alwil Software\Avast4\aswUpdSv.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\atapi]
"ImagePath"="system32\DRIVERS\atapi.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AtcL002]
"ImagePath"="system32\DRIVERS\atl02_xp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Atdisk]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ati HotKey Poller]
"ImagePath"="%SystemRoot%\system32\Ati2evxx.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ati2mtag]
"ImagePath"="system32\DRIVERS\ati2mtag.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Atierecord]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Atmarpc]
"ImagePath"="system32\DRIVERS\atmarpc.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\audiosrv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\audstub]
"ImagePath"="system32\DRIVERS\audstub.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Autodesk Licensing Service]
"ImagePath"="\"d:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\avast! Antivirus]
"ImagePath"="\"d:\program files\Alwil Software\Avast4\ashServ.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\avast! Mail Scanner]
"ImagePath"="\"d:\program files\Alwil Software\Avast4\ashMaiSv.exe\" /service"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\avast! Web Scanner]
"ImagePath"="\"d:\program files\Alwil Software\Avast4\ashWebSv.exe\" /service"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BattC]
"MofImagePath"="System32\Drivers\battc.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Beep]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BITS]
"ServiceDll"="%systemroot%\system32\qmgr.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Bonjour Service]
"ImagePath"="\"d:\program files\Bonjour\mDNSResponder.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BthEnum]
"ImagePath"="system32\DRIVERS\BthEnum.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BthPan]
"ImagePath"="system32\DRIVERS\bthpan.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BTHPORT]
"ImagePath"="System32\Drivers\BTHport.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BthServ]
"ServiceDll"="%SystemRoot%\System32\bthserv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\BTHUSB]
"ImagePath"="System32\Drivers\BTHUSB.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\catchme]
"ImagePath"="\??\d:\docume~1\Petr\LOCALS~1\Temp\catchme.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cbidf2k]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CCDECODE]
"ImagePath"="system32\DRIVERS\CCDECODE.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cd20xrnt]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Cdaudio]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Cdfs]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Changer]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CiSvc]
"ImagePath"="%SystemRoot%\system32\cisvc.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ClipSrv]
"ImagePath"="%SystemRoot%\system32\clipsrv.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\clr_optimization_v2.0.50727_32]
"ImagePath"="d:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CmBatt]
"ImagePath"="system32\DRIVERS\CmBatt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cmdAgent]
"ImagePath"="\"d:\program files\COMODO\COMODO Internet Security\cmdagent.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cmdGuard]
"ImagePath"="System32\DRIVERS\cmdguard.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\cmdHlp]
"ImagePath"="System32\DRIVERS\cmdhlp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CmdIde]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Compbatt]
"ImagePath"="system32\DRIVERS\compbatt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\COMSysApp]
"ImagePath"="d:\windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ContentFilter]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ContentIndex]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Cpqarray]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\System32\cryptsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dac2w2k]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dac960nt]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dhcp]
"ServiceDll"="%SystemRoot%\System32\dhcpcsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Disk]
"ImagePath"="system32\DRIVERS\disk.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmadmin]
"ImagePath"="%SystemRoot%\System32\dmadmin.exe /com"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmboot]
"ImagePath"="System32\drivers\dmboot.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmio]
"ImagePath"="System32\drivers\dmio.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmload]
"ImagePath"="System32\drivers\dmload.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dmserver]
"ServiceDll"="%SystemRoot%\System32\dmserver.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\DMusic]
"ImagePath"="system32\drivers\DMusic.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dot4]
"ImagePath"="system32\DRIVERS\Dot4.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Dot4Print]
"ImagePath"="system32\DRIVERS\Dot4Prt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dot4usb]
"ImagePath"="system32\DRIVERS\dot4usb.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\dpti2o]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\EC168BDA]
"ImagePath"="system32\DRIVERS\EC168BDA.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ERSvc]
"ServiceDll"="%SystemRoot%\System32\ersvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Eventlog]
"ImagePath"="%SystemRoot%\system32\services.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\EventSystem]
"ServiceDll"="d:\windows\system32\es.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Fastfat]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\FastUserSwitchingCompatibility]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Fdc]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Fips]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\FLEXnet Licensing Service]
"ImagePath"="\"d:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Flpydisk]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\FltMgr]
"ImagePath"="system32\drivers\fltmgr.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\FontCache3.0.0.0]
"ImagePath"="d:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Fs_Rec]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ftdisk]
"ImagePath"="system32\DRIVERS\ftdisk.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Gpc]
"ImagePath"="system32\DRIVERS\msgpc.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\gupdate]
"ImagePath"="\"d:\program files\Google\Update\GoogleUpdate.exe\" /svc"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\gusvc]
"ImagePath"="\"d:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\helpsvc]
"ServiceDll"="%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HidServ]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HidUsb]
"ImagePath"="system32\DRIVERS\hidusb.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\hkmsvc]
"ServiceDll"="%SystemRoot%\System32\kmsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\hpn]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HTTP]
"ImagePath"="System32\Drivers\HTTP.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\HTTPFilter]
"ServiceDll"="%SystemRoot%\System32\w3ssl.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\i2omgmt]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\i2omp]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IDriverT]
"ImagePath"="\"d:\program files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\idsvc]
"ImagePath"="\"d:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Imapi]
"ImagePath"="system32\DRIVERS\imapi.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ImapiService]
"ImagePath"="%systemroot%\system32\imapi.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\inetaccs]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ini910u]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Inport]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Inspect]
"ImagePath"="System32\DRIVERS\inspect.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IntcAzAudAddService]
"ImagePath"="system32\drivers\RtkHDAud.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IntelIde]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\intelppm]
"ImagePath"="system32\DRIVERS\intelppm.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ip6Fw]
"ImagePath"="system32\drivers\ip6fw.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IpInIp]
"ImagePath"="system32\DRIVERS\ipinip.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IpNat]
"ImagePath"="system32\DRIVERS\ipnat.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IPSec]
"ImagePath"="system32\DRIVERS\ipsec.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\IRENUM]
"ImagePath"="system32\DRIVERS\irenum.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ISAPISearch]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\isapnp]
"ImagePath"="system32\DRIVERS\isapnp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ivusb]
"ImagePath"="system32\DRIVERS\ivusb.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\JavaQuickStarterService]
"ImagePath"="\"d:\program files\Java\jre6\bin\jqs.exe\" -service -config \"d:\program files\Java\jre6\lib\deploy\jqs\jqs.conf\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\kbdhid]
"ImagePath"="system32\DRIVERS\kbdhid.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\kmixer]
"ImagePath"="system32\drivers\kmixer.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\KSecDD]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\lanmanserver]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\lanmanworkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\lbrtfdc]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ldap]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\LicenseService]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\LmHosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mcdbus]
"ImagePath"="system32\DRIVERS\mcdbus.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Messenger]
"ServiceDll"="%SystemRoot%\System32\msgsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mnmdd]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mnmsrvc]
"ImagePath"="d:\windows\system32\mnmsrvc.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Modem]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MODEMCSA]
"ImagePath"="system32\drivers\MODEMCSA.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\moufiltr]
"ImagePath"="system32\DRIVERS\moufiltr.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mouhid]
"ImagePath"="system32\DRIVERS\mouhid.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MountMgr]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MPE]
"ImagePath"="system32\DRIVERS\MPE.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mraid35x]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MRxDAV]
"ImagePath"="system32\DRIVERS\mrxdav.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MRxSmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSDTC]
"ImagePath"="d:\windows\system32\msdtc.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSDTC Bridge 3.0.0.0]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Msfs]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSIServer]
"ImagePath"="%systemroot%\system32\msiexec.exe /V"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\mssmbios]
"ImagePath"="system32\DRIVERS\mssmbios.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\MTsensor]
"ImagePath"="system32\DRIVERS\ATKACPI.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Mup]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NABTSFEC]
"ImagePath"="system32\DRIVERS\NABTSFEC.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\napagent]
"ServiceDll"="%SystemRoot%\System32\qagentrt.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NDIS]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NdisIP]
"ImagePath"="system32\DRIVERS\NdisIP.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NDProxy]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetBT]
"ImagePath"="system32\DRIVERS\netbt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetDDE]
"ImagePath"="%SystemRoot%\system32\netdde.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetDDEdsdm]
"ImagePath"="%SystemRoot%\system32\netdde.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NetTcpPortSharing]
"ImagePath"="\"d:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Nla]
"ServiceDll"="%SystemRoot%\System32\mswsock.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NMSAccess]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NMSAccessU]
"ImagePath"="c:\program files\CDBurnerXP\NMSAccessU.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\nmwcd]
"ImagePath"="system32\drivers\ccdcmb.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\nmwcdc]
"ImagePath"="system32\drivers\ccdcmbo.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Npfs]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ntfs]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NtLmSsp]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NtmsSvc]
"ServiceDll"="%SystemRoot%\system32\ntmssvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Null]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NwlnkFlt]
"ImagePath"="system32\DRIVERS\nwlnkflt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\NwlnkFwd]
"ImagePath"="system32\DRIVERS\nwlnkfwd.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\odserv]
"ImagePath"="\"d:\program files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ose]
"ImagePath"="\"d:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Parport]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PartMgr]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ParVdm]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\pccsmcfd]
"ImagePath"="system32\DRIVERS\pccsmcfd.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PCI]
"ImagePath"="system32\DRIVERS\pci.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PCIDump]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PCIIde]
"ImagePath"="system32\DRIVERS\pciide.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Pcmcia]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PDCOMP]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PDFRAME]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PDRELI]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PDRFRAME]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\perc2]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\perc2hib]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PerfDisk]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PerfNet]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PerfOS]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PerfProc]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PlugPlay]
"ImagePath"="%SystemRoot%\system32\services.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Pml Driver HPZ12]
"ImagePath"="d:\windows\system32\HPZipm12.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PolicyAgent]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PSched]
"ImagePath"="system32\DRIVERS\psched.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ptilink]
"ImagePath"="system32\DRIVERS\ptilink.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\PxHelp20]
"ImagePath"="System32\Drivers\PxHelp20.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ql1080]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Ql10wnt]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ql12160]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ql1240]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ql1280]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RasAcd]
"ImagePath"="system32\DRIVERS\rasacd.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Raspti]
"ImagePath"="system32\DRIVERS\raspti.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDPDD]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDPNP]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDPWD]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RDSessMgr]
"ImagePath"="d:\windows\system32\sessmgr.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\redbook]
"ImagePath"="system32\DRIVERS\redbook.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RemoteAccess]
"ServiceDll"="%SystemRoot%\System32\mprdim.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RFCOMM]
"ImagePath"="system32\DRIVERS\rfcomm.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ROOTMODEM]
"ImagePath"="System32\Drivers\RootMdm.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RpcSs]
"ServiceDll"="%SystemRoot%\System32\rpcss.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RSVP]
"ImagePath"="%SystemRoot%\system32\rsvp.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\RTSTOR]
"ImagePath"="system32\drivers\RTSTOR.SYS"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SCardSvr]
"ImagePath"="%SystemRoot%\System32\SCardSvr.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Schedule]
"ServiceDll"="%SystemRoot%\system32\schedsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ScsiPort]
"ImagePath"="%SystemRoot%\system32\drivers\scsiport.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Secdrv]
"ImagePath"="system32\DRIVERS\secdrv.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\seclogon]
"ServiceDll"="%SystemRoot%\System32\seclogon.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Sentinel]
"ImagePath"="\SystemRoot\System32\Drivers\SENTINEL.SYS"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Serial]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ServiceLayer]
"ImagePath"="\"d:\program files\PC Connectivity Solution\ServiceLayer.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ServiceModelEndpoint 3.0.0.0]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ServiceModelOperation 3.0.0.0]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ServiceModelService 3.0.0.0]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Sfloppy]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Simbad]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SLIP]
"ImagePath"="system32\DRIVERS\SLIP.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\smserial]
"ImagePath"="system32\DRIVERS\smserial.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SMSvcHost 3.0.0.0]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SolidWorks SolidNetWork License Manager]
"ImagePath"="d:\flexlm\lmgrd.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Sparrow]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\splitter]
"ImagePath"="system32\drivers\splitter.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Spooler]
"ImagePath"="%SystemRoot%\system32\spoolsv.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sptd]
"ImagePath"="System32\Drivers\sptd.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sr]
"ImagePath"="system32\DRIVERS\sr.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\srservice]
"ServiceDll"="%SystemRoot%\system32\srsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Srv]
"ImagePath"="system32\DRIVERS\srv.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\StarOpen]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\stisvc]
"ServiceDll"="%SystemRoot%\system32\wiaservc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\StkCMini]
"ImagePath"="System32\Drivers\StkCMini.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\StkSSrv]
"ImagePath"="%SystemRoot%\System32\StkCSrv.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\streamip]
"ImagePath"="system32\DRIVERS\StreamIP.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\swmidi]
"ImagePath"="system32\drivers\swmidi.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SwPrv]
"ImagePath"="d:\windows\system32\dllhost.exe /Processid:{B831D5FD-0681-4EAB-9657-3ED99606C662}"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\swwd]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\symc810]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\symc8xx]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sym_hi]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sym_u3]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SynTP]
"ImagePath"="system32\DRIVERS\SynTP.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\sysaudio]
"ImagePath"="system32\drivers\sysaudio.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\SysmonLog]
"ImagePath"="%SystemRoot%\system32\smlogsvc.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tcpip]
"ImagePath"="system32\DRIVERS\tcpip.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TDPIPE]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TDTCP]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Themes]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TOSHIBA Bluetooth Service]
"ImagePath"="d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\toshidpt]
"ImagePath"="system32\drivers\Toshidpt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TosIde]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\tosporte]
"ImagePath"="system32\DRIVERS\tosporte.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfbd]
"ImagePath"="System32\Drivers\tosrfbd.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfbnp]
"ImagePath"="System32\Drivers\tosrfbnp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfcom]
"ImagePath"="System32\Drivers\tosrfcom.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfhid]
"ImagePath"="system32\DRIVERS\Tosrfhid.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\tosrfnds]
"ImagePath"="system32\DRIVERS\tosrfnds.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TosRfSnd]
"ImagePath"="system32\drivers\TosRfSnd.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Tosrfusb]
"ImagePath"="System32\Drivers\tosrfusb.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TrkWks]
"ServiceDll"="%SystemRoot%\system32\trkwks.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TSDDD]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\TVICHW32]
"ImagePath"="\??\d:\windows\system32\DRIVERS\TVICHW32.SYS"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Udfs]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\UDGY]
"ImagePath"="d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ultra]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Update]
"ImagePath"="system32\DRIVERS\update.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\upperdev]
"ImagePath"="system32\DRIVERS\usbser_lowerflt.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\UPS]
"ImagePath"="%SystemRoot%\System32\ups.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbohci]
"ImagePath"="system32\DRIVERS\usbohci.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbprint]
"ImagePath"="system32\DRIVERS\usbprint.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbscan]
"ImagePath"="system32\DRIVERS\usbscan.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbser]
"ImagePath"="system32\DRIVERS\usbser.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\usbstor]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\USB_RNDIS]
"ImagePath"="system32\DRIVERS\usb8023k.sys"
--

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\ViaIde]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\VolSnap]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\VSS]
"ImagePath"="%SystemRoot%\System32\vssvc.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\W3SVC]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Wanarp]
"ImagePath"="system32\DRIVERS\wanarp.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDBtnMgrSvc.exe]
"ImagePath"="\"d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDC_SAM]
"ImagePath"="system32\DRIVERS\wdcsam.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDDMService]
"ImagePath"="\"d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Wdf01000]
"ImagePath"="System32\Drivers\wdf01000.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDICA]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\wdmaud]
"ImagePath"="system32\drivers\wdmaud.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WDSmartWareBackgroundService]
"ImagePath"="\"d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Windows Workflow Foundation 3.0.0.0]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Winsock]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WinSock2]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WinTrust]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WmdmPmSN]
"ServiceDll"="d:\windows\system32\MsPMSNSv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\Wmi]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WmiApRpl]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WmiApSrv]
"ImagePath"="d:\windows\system32\wbem\wmiapsrv.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WMPNetworkSvc]
"ImagePath"="\"d:\program files\Windows Media Player\WMPNetwk.exe\""

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WS2IFSL]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WSTCODEC]
"ImagePath"="system32\DRIVERS\WSTCODEC.SYS"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\wuauserv]
"ServiceDll"="c:\windows\system32\wuauserv.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WudfPf]
"ImagePath"="system32\DRIVERS\WudfPf.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WudfRd]
"ImagePath"="system32\DRIVERS\wudfrd.sys"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WudfSvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WXXLRUX]
"ImagePath"="d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\WZCSVC]
"ServiceDll"="%SystemRoot%\System32\wzcsvc.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\xmlprov]
"ServiceDll"="%SystemRoot%\System32\xmlprov.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{07F34542-5134-4B77-A62F-64BC9CA6F6F9}]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{6587D45A-4C75-463D-9E83-8844BB8E9C3A}]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{921C2F14-C2CD-4FBE-A925-E771AE7F7CD1}]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{D7D4A8A8-0901-4D1F-BA83-502CE2D3E811}]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{E4E15F59-17E0-4758-AF52-928A8D274B5A}]

[HKEY_LOCAL_MACHINE\System\ControlSet013\Services\{FD2D259D-D4BE-46CB-B65A-530E6DE6B9FC}]
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(840)
d:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-01-20 10:32:42
ComboFix-quarantined-files.txt 2010-01-20 09:32
ComboFix2.txt 2010-01-20 02:40
ComboFix3.txt 2009-11-23 01:27
ComboFix4.txt 2009-11-23 00:55
ComboFix5.txt 2010-01-20 09:14

Před spuštěním: Volných bajtů: 50 278 645 760
Po spuštění: Volných bajtů: 50 228 142 080

Current=13 Default=13 Failed=12 LastKnownGood=14 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14
- - End Of File - - 7FE3972FF62C30F2B0A49175F63719FB

a tady je 2.:

ComboFix 10-01-19.03 - Petr 20.01.2010 3:23.5.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1302 [GMT 1:00]
Spuštěný z: c:\tp02\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100119-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\windows\a3kebook.ini
d:\windows\akebook.ini
d:\windows\ANS2000.INI
d:\windows\system32\Winacprd0.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-20 do 2010-01-20 )))))))))))))))))))))))))))))))
.

2010-01-11 20:27 . 2002-08-23 12:37 880694 ----a-w- d:\windows\system32\xaradocg.dll
2010-01-11 20:27 . 2002-06-28 08:24 23552 ----a-w- d:\windows\system32\xfontman.dll
2010-01-11 20:27 . 2002-06-28 08:24 139264 ----a-w- d:\windows\system32\BMPImporter.dll
2010-01-11 20:27 . 2002-08-22 15:56 126976 ----a-w- d:\windows\system32\templman.dll
2010-01-11 20:27 . 2002-06-28 08:24 253952 ----a-w- d:\windows\system32\templop.dll
2010-01-04 12:25 . 2010-01-05 01:40 -------- d-----w- d:\program files\Common Files\Ahead
2010-01-04 12:25 . 2010-01-04 12:25 -------- d-----w- d:\program files\Nero
2010-01-03 15:20 . 2010-01-14 11:18 -------- d-----w- D:\VueScan
2010-01-03 14:38 . 2010-01-03 14:39 -------- d-----w- d:\program files\Musicnotes
2010-01-03 01:26 . 2010-01-03 01:40 -------- d-----w- d:\program files\Advanced PDF to IMAGE converter
2010-01-03 01:08 . 2010-01-03 01:37 -------- d-----w- d:\program files\office Convert Pdf to Jpg Jpeg Tiff Free
2009-12-28 21:27 . 2009-12-28 21:27 -------- d-----w- d:\program files\Software602

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-20 01:49 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2010-01-20 01:26 . 2009-11-10 22:48 -------- d-----w- d:\program files\SolidWorks
2010-01-20 01:23 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\Bluebeam Software
2010-01-20 01:22 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\SolidWorks Shared
2010-01-20 01:03 . 2009-11-10 22:58 -------- d-----w- d:\program files\SolidWorks Explorer
2010-01-05 01:30 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2010-01-03 22:54 . 2009-11-11 00:09 -------- d-----w- d:\program files\Rhinoceros 4.0
2009-12-28 02:02 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-12-27 01:03 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-12-18 21:25 . 2009-10-28 21:07 -------- d-----w- d:\program files\Western Digital
2009-12-18 09:34 . 2009-12-18 09:34 -------- d-----w- d:\program files\Guitar Pro 5
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\PCSuite
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\Nokia
2009-12-16 02:10 . 2009-12-16 02:04 -------- d-----w- d:\program files\Nokia
2009-12-16 02:07 . 2009-12-16 02:06 -------- d-----w- d:\program files\PC Connectivity Solution
2009-12-10 12:03 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-12-10 12:03 . 2009-12-10 12:02 -------- d-----w- d:\program files\Software laserové myši Labtec
2009-12-10 12:02 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-12-10 12:01 . 2009-12-10 12:01 -------- d-----w- d:\program files\Labtec
2009-12-05 22:47 . 2009-12-05 22:47 -------- d-----w- d:\program files\VisualLightBox
2009-12-05 22:41 . 2009-12-05 22:41 -------- d-----w- d:\program files\Microsoft
2009-12-03 18:55 . 2009-12-03 18:55 -------- d-----w- d:\program files\Any DWF to DWG Converter
2009-12-03 18:30 . 2009-09-13 08:04 -------- d-----w- d:\program files\Autodesk
2009-11-29 08:57 . 2009-11-29 08:56 -------- d-----w- d:\program files\SunnyDesign
2009-11-29 08:55 . 2009-11-29 08:55 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-11-26 09:00 . 2009-11-12 14:06 171552 ----a-w- d:\windows\system32\guard32.dll
2009-11-26 09:00 . 2009-11-12 13:33 133064 ----a-w- d:\windows\system32\drivers\cmdguard.sys
2009-11-25 16:42 . 2009-11-25 16:42 -------- d-----w- d:\program files\RealWorld Icon Editor
2009-11-24 23:54 . 2009-11-23 01:40 1280480 ----a-w- d:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-23 01:41 93424 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-11-23 01:41 48560 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-23 01:41 23120 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-23 01:41 27408 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-23 01:41 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-11-21 10:13 . 2009-11-19 20:27 -------- d-----w- d:\program files\WinSnap
2009-11-18 09:00 . 2009-11-12 13:33 87104 ----a-w- d:\windows\system32\drivers\inspect.sys
2009-11-18 09:00 . 2009-11-12 13:33 25160 ----a-w- d:\windows\system32\drivers\cmdhlp.sys
2009-11-12 18:04 . 2009-11-12 13:37 339872 ----a-w- d:\windows\system32\drivers\sfi.dat
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-11-12 01:47 . 2006-03-02 12:00 98024 ----a-w- d:\windows\system32\perfc005.dat
2009-11-12 01:47 . 2006-03-02 12:00 466418 ----a-w- d:\windows\system32\perfh005.dat
2009-10-24 09:52 . 2009-09-12 22:28 108024 ---ha-w- d:\windows\system32\mlfcache.dat
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
.

((((((((((((((((((((((((((((( SnapShot@2009-11-12_13.16.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-20 02:20 . 2010-01-20 02:20 16384 d:\windows\Temp\Perflib_Perfdata_76c.dat
+ 2010-01-20 02:20 . 2010-01-20 02:20 16384 d:\windows\Temp\Perflib_Perfdata_71c.dat
+ 2006-09-28 16:56 . 2008-01-18 23:37 55296 d:\windows\system32\WudfSvc.dll
+ 2006-09-28 18:13 . 2008-01-18 23:37 87552 d:\windows\system32\WUDFCoinstaller.dll
+ 2009-11-19 21:05 . 2004-05-17 19:59 36864 d:\windows\system32\VectorizeForm.dll
+ 2009-11-19 21:05 . 2000-06-25 23:16 24576 d:\windows\system32\SysInfoServer.dll
+ 2009-11-19 21:05 . 1998-10-14 18:41 27648 d:\windows\system32\SSubTmr.dll
+ 2010-01-03 01:09 . 2007-09-14 09:42 90624 d:\windows\system32\spool\drivers\w32x86\3\tinypdf2.dll
+ 2010-01-03 01:09 . 2007-09-14 09:41 36352 d:\windows\system32\spool\drivers\w32x86\3\tinypdf.dll
+ 2009-12-10 12:03 . 2006-05-25 18:03 86105 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPLpr.exe
+ 2009-12-10 12:03 . 2006-05-25 18:03 69721 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPFcs.dll
+ 2009-12-10 12:03 . 2006-05-25 17:46 41062 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPCOM.dll
+ 2009-12-10 12:03 . 2006-05-25 18:06 81920 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPCo2.dll
+ 2009-12-10 12:03 . 2006-05-25 17:46 94297 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPAPI.dll
+ 2009-12-10 12:03 . 2006-05-25 17:45 82012 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynCOM.dll
+ 2009-12-10 12:03 . 2006-05-25 18:06 81920 d:\windows\system32\ReinstallBackups\0007\DriverFiles\InstNT.exe
+ 2009-12-10 12:03 . 2008-04-14 02:06 23040 d:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\mouclass.sys
+ 2009-12-10 12:03 . 2008-04-14 02:21 52096 d:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\i8042prt.sys
+ 2009-11-19 21:05 . 2000-06-25 23:14 24576 d:\windows\system32\RegServer.dll
+ 2009-09-16 23:15 . 2009-10-06 10:52 91136 d:\windows\system32\nmwcdcls.dll
- 2009-09-16 23:15 . 2009-02-09 06:37 91136 d:\windows\system32\nmwcdcls.dll
+ 2009-11-19 21:05 . 2002-02-16 09:48 24576 d:\windows\system32\N3DTypeLib.dll
+ 2009-01-22 03:16 . 2009-01-22 03:16 88904 d:\windows\system32\msxml4r.dll
+ 2009-03-25 10:43 . 2009-03-25 10:43 44544 d:\windows\system32\msxml4a.dll
+ 2009-09-11 21:47 . 2009-12-18 13:40 84661 d:\windows\system32\Macromed\Flash\uninstall_plugin.exe
- 2009-09-11 21:47 . 2009-10-06 21:23 84661 d:\windows\system32\Macromed\Flash\uninstall_plugin.exe
+ 2009-12-16 02:07 . 2008-08-26 08:26 18816 d:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
- 2009-09-16 23:16 . 2008-08-26 08:26 18816 d:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2009-12-10 12:03 . 2007-05-07 10:49 13824 d:\windows\system32\DRVSTORE\moufiltr_8BC4FD94BD9C7DB1EC017BFDD34FE86096300CB6\moufiltr.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 22016 d:\windows\system32\DRVSTORE\ccdcmbo_10FA6A921E353BE9BB700451FBD26A6E839F5860\ccdcmbo.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 91136 d:\windows\system32\DRVSTORE\ccdcmb_10FA6A921E353BE9BB700451FBD26A6E839F5860\nmwcdcls.dll
+ 2009-12-16 02:05 . 2009-10-06 10:52 17664 d:\windows\system32\DRVSTORE\ccdcmb_10FA6A921E353BE9BB700451FBD26A6E839F5860\ccdcmb.sys
+ 2006-09-28 17:00 . 2008-01-18 21:53 83328 d:\windows\system32\drivers\WudfRd.sys
+ 2006-09-28 16:55 . 2008-01-18 21:52 77696 d:\windows\system32\drivers\WudfPf.sys
- 2009-09-16 23:16 . 2008-08-26 08:26 18816 d:\windows\system32\drivers\pccsmcfd.sys
+ 2009-12-16 02:07 . 2008-08-26 08:26 18816 d:\windows\system32\drivers\pccsmcfd.sys
+ 2009-12-10 12:03 . 2007-05-07 10:49 13824 d:\windows\system32\drivers\moufiltr.sys
+ 2004-08-17 15:43 . 2008-04-14 03:06 23040 d:\windows\system32\drivers\mouclass.sys
- 2004-08-17 15:43 . 2008-04-14 02:06 23040 d:\windows\system32\drivers\mouclass.sys
- 2006-03-02 12:00 . 2008-04-14 02:21 52096 d:\windows\system32\drivers\i8042prt.sys
+ 2006-03-02 12:00 . 2008-04-14 03:21 52096 d:\windows\system32\drivers\i8042prt.sys
- 2009-09-16 23:15 . 2009-02-09 06:37 22016 d:\windows\system32\drivers\ccdcmbo.sys
+ 2009-09-16 23:15 . 2009-10-06 10:52 22016 d:\windows\system32\drivers\ccdcmbo.sys
+ 2009-09-16 23:15 . 2009-10-06 10:52 17664 d:\windows\system32\drivers\ccdcmb.sys
- 2009-09-16 23:15 . 2009-02-09 06:37 17664 d:\windows\system32\drivers\ccdcmb.sys
+ 2009-11-23 01:41 . 2009-09-15 11:56 94160 d:\windows\system32\drivers\aswmon2.sys
+ 2009-11-23 01:41 . 2009-09-15 11:55 20560 d:\windows\system32\drivers\aswFsBlk.sys
+ 2004-08-17 15:43 . 2008-04-14 03:06 23040 d:\windows\system32\dllcache\mouclass.sys
+ 2006-03-02 12:00 . 2008-04-14 03:21 52096 d:\windows\system32\dllcache\i8042prt.sys
+ 2009-11-19 21:05 . 2006-03-28 07:23 49152 d:\windows\N3DScreenSaver.scr
+ 2009-12-05 22:41 . 2009-12-05 22:41 29926 d:\windows\Installer\{E7081891-BC7F-43F9-9CE6-B5DD2F497156}\_6FEFF9B68218417F98F549.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\googleearth.exe1_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\googleearth.exe_F6A848FB884248E6A4CDCBDCF41F6A74.exe
+ 2009-12-27 01:03 . 2009-12-27 01:03 25214 d:\windows\Installer\{C084BC61-E537-11DE-8616-005056806466}\ARPPRODUCTICON.exe
+ 2009-12-16 02:11 . 2009-12-16 02:11 15086 d:\windows\Installer\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\ARPPRODUCTICON.exe
+ 2009-12-04 23:03 . 2009-12-04 23:03 25214 d:\windows\Installer\{9074AFC0-CFDA-11DE-B484-005056806466}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe
+ 2009-12-16 02:07 . 2009-12-16 02:07 10134 d:\windows\Installer\{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}\ARPPRODUCTICON.exe
- 2009-09-16 20:04 . 2009-09-16 20:04 11264 d:\windows\Installer\{682ABE6A-2CCE-4C6C-AA82-0FE5AB8033F3}\Icon682ABE6A.exe
+ 2009-11-29 08:57 . 2009-11-29 08:57 11264 d:\windows\Installer\{682ABE6A-2CCE-4C6C-AA82-0FE5AB8033F3}\Icon682ABE6A.exe
+ 2009-11-13 00:27 . 2009-11-13 00:27 79712 d:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.SimpleProviders\2.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.SimpleProviders.dll
+ 2009-11-13 00:27 . 2009-11-13 00:27 87904 d:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.MetadataStorage\2.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.MetadataStorage.dll
+ 2009-11-13 00:27 . 2009-11-13 00:27 63328 d:\windows\assembly\GAC_MSIL\Microsoft.Synchronization.Files\2.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.Files.dll
+ 2009-12-16 02:15 . 2006-09-28 16:56 55808 d:\windows\$NtUninstallWudf01007$\wudfsvc.dll
+ 2009-12-16 02:15 . 2006-09-28 17:00 82944 d:\windows\$NtUninstallWudf01007$\wudfrd.sys
+ 2009-12-16 02:15 . 2006-09-28 16:55 77568 d:\windows\$NtUninstallWudf01007$\wudfpf.sys
+ 2009-12-16 02:15 . 2006-09-28 18:13 95344 d:\windows\$NtUninstallWudf01007$\wudfcoinstaller.dll
+ 2009-12-16 02:15 . 2008-01-18 21:53 72704 d:\windows\$NtUninstallWudf01007$\spuninst\WudfCustom.dll
+ 2009-10-29 10:01 . 2006-07-31 10:56 4096 d:\windows\system32\HUCoInstaller.dll
- 2009-10-29 10:01 . 2006-07-31 03:56 4096 d:\windows\system32\HUCoInstaller.dll
+ 2009-12-16 02:05 . 2009-10-06 10:56 8320 d:\windows\system32\DRVSTORE\nmwcdnsuc_10FA6A921E353BE9BB700451FBD26A6E839F5860\nmwcdnsuc.sys
+ 2009-12-10 12:03 . 2007-03-22 08:09 9600 d:\windows\system32\DRVSTORE\musbfltr_FCBE6EF47F1D2F77FED7F99727CE93012BFA5A10\MUsbFltr.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 7936 d:\windows\system32\DRVSTORE\ccdcmbm_10FA6A921E353BE9BB700451FBD26A6E839F5860\usbser_lowerflt.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 7936 d:\windows\system32\DRVSTORE\ccdcmbcj_10FA6A921E353BE9BB700451FBD26A6E839F5860\usbser_lowerfltj.sys
+ 2009-09-16 23:15 . 2009-10-06 10:52 7936 d:\windows\system32\drivers\usbser_lowerflt.sys
+ 2009-11-13 00:27 . 2009-11-13 00:27 9454 d:\windows\Installer\{A066194B-DC8F-449A-8E0F-B57BDD3A2072}\_6FEFF9B68218417F98F549.exe
+ 2009-12-16 02:05 . 2009-12-16 02:05 3262 d:\windows\Installer\{6869591A-7DD8-46D2-837F-57CBF7358955}\ARPPRODUCTICON.exe
+ 2006-09-28 16:56 . 2008-01-18 23:37 305152 d:\windows\system32\WUDFx.dll
+ 2006-09-28 16:56 . 2008-01-18 21:52 163840 d:\windows\system32\WudfPlatform.dll
+ 2006-09-28 16:56 . 2008-01-18 23:33 142336 d:\windows\system32\WudfHost.exe
+ 2009-11-16 09:09 . 2007-09-14 07:06 139264 d:\windows\system32\uniflexsup.dll
+ 2009-11-13 00:26 . 2003-06-25 15:05 266360 d:\windows\system32\TweakUI.exe
+ 2010-01-03 01:09 . 2007-09-14 09:41 405504 d:\windows\system32\spool\drivers\w32x86\3\tinypdf1.dll
+ 2009-12-10 12:03 . 2006-05-25 18:03 225280 d:\windows\system32\ReinstallBackups\0007\DriverFiles\Tutorial.exe
+ 2009-12-10 12:03 . 2006-05-25 17:39 163840 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynZMetr.exe
+ 2009-12-10 12:03 . 2006-05-25 18:02 786521 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPEnh.exe
+ 2009-12-10 12:03 . 2006-05-25 17:40 193088 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTP.sys
+ 2009-12-10 12:03 . 2006-05-25 17:39 147456 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynMood.exe
+ 2009-12-10 12:03 . 2006-05-25 18:04 557056 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynISDLL.dll
+ 2009-12-10 12:03 . 2006-05-25 17:45 114688 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynCtrl.dll
+ 2009-09-16 23:15 . 2009-10-06 10:52 660480 d:\windows\system32\nmwcdcocls.dll
+ 2009-11-19 21:05 . 2003-09-27 20:41 356352 d:\windows\system32\N3DCommon.dll
+ 2009-10-28 03:40 . 2009-10-28 03:40 257440 d:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2009-07-18 03:21 . 2009-07-18 03:21 257440 d:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2009-10-28 03:31 . 2009-10-28 03:31 257440 d:\windows\system32\Macromed\Flash\FlashUtil10d.exe
+ 2009-11-19 21:05 . 1999-02-09 09:46 137728 d:\windows\system32\ijl10.dll
+ 2009-09-07 21:17 . 2010-01-20 01:47 518544 d:\windows\system32\FNTCACHE.DAT
- 2009-09-16 23:16 . 2009-05-11 11:30 547840 d:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\PCCSWpdDriver.dll
+ 2009-12-16 02:07 . 2009-05-11 11:30 547840 d:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\PCCSWpdDriver.dll
+ 2009-12-16 02:05 . 2009-10-06 10:56 136704 d:\windows\system32\DRVSTORE\nmwcdnsu_10FA6A921E353BE9BB700451FBD26A6E839F5860\nmwcdnsu.sys
+ 2009-12-16 02:05 . 2009-10-06 10:52 660480 d:\windows\system32\DRVSTORE\ccdcmb_10FA6A921E353BE9BB700451FBD26A6E839F5860\nmwcdcocls.dll
+ 2009-05-11 11:30 . 2009-05-11 11:30 547840 d:\windows\system32\drivers\UMDF\PCCSWpdDriver.dll
+ 2009-11-23 01:41 . 2009-09-15 11:55 114768 d:\windows\system32\drivers\aswSP.sys
+ 2009-11-19 21:05 . 1999-05-31 16:03 137216 d:\windows\system32\cNewMenu.dll
+ 2009-12-05 22:41 . 2009-12-05 22:41 276480 d:\windows\Installer\dd718aa.msi
+ 2009-11-25 16:42 . 2009-11-25 16:42 692224 d:\windows\Installer\d8142f8.msi
+ 2009-11-29 08:57 . 2009-11-29 08:57 950272 d:\windows\Installer\c9903f8.msi
+ 2009-12-26 23:22 . 2009-12-26 23:22 836096 d:\windows\Installer\7aaf3f1.msi
+ 2009-11-13 00:27 . 2009-11-13 00:27 782848 d:\windows\Installer\1d5893d.msi
+ 2009-11-13 00:27 . 2009-11-13 00:27 691200 d:\windows\Installer\1d58939.msi
+ 2009-11-13 00:27 . 2009-11-13 00:27 312320 d:\windows\Installer\1d58932.msi
+ 2009-12-16 02:11 . 2009-12-16 02:11 858624 d:\windows\Installer\1d22a105.msi
+ 2009-12-16 02:07 . 2009-12-16 02:07 496128 d:\windows\Installer\1d22a05d.msi
+ 2009-12-16 02:05 . 2009-12-16 02:05 331776 d:\windows\Installer\1d22a025.msi
+ 2009-12-16 02:04 . 2009-12-16 02:04 215552 d:\windows\Installer\1d22a007.msi
+ 2009-12-28 21:27 . 2009-12-28 21:27 192512 d:\windows\Installer\{E692347E-2AFA-44AE-8197-5A34308B84CC}\ARPPRODUCTICON.exe
+ 2009-12-18 21:25 . 2009-12-18 21:25 271542 d:\windows\Installer\{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}\controlPanelIcon.exe
+ 2003-02-21 13:42 . 2003-02-21 13:42 348160 d:\windows\Installer\$PatchCache$\Managed\E743296EAFA2EA441879A54303B848CC\1.24.0\msvcr71.dll
+ 2009-11-15 21:15 . 2009-11-15 21:15 450048 d:\windows\DHTML Menu Builder\uninstall.exe
+ 2009-11-13 00:27 . 2009-11-13 00:27 288608 d:\windows\assembly\GAC_MSIL\Microsoft.Synchronization\2.0.0.0__89845dcd8080cc91\Microsoft.Synchronization.dll
+ 2009-12-16 02:15 . 2006-09-28 16:56 316416 d:\windows\$NtUninstallWudf01007$\wudfx.dll
+ 2009-12-16 02:15 . 2006-09-28 16:56 165376 d:\windows\$NtUninstallWudf01007$\wudfplatform.dll
+ 2009-12-16 02:15 . 2006-09-28 16:56 146432 d:\windows\$NtUninstallWudf01007$\wudfhost.exe
+ 2009-12-16 02:15 . 2008-03-21 12:57 379184 d:\windows\$NtUninstallWudf01007$\spuninst\updspapi.dll
+ 2009-12-16 02:15 . 2008-03-21 12:57 221488 d:\windows\$NtUninstallWudf01007$\spuninst\spuninst.exe
+ 2009-05-11 10:47 . 2009-05-11 10:47 1302600 d:\windows\system32\WUDFUpdate_01007.dll
+ 2009-12-10 12:03 . 2006-05-25 17:52 6139993 d:\windows\system32\ReinstallBackups\0007\DriverFiles\SynTPCpl.dll
+ 2009-01-22 03:14 . 2009-01-22 03:14 1328968 d:\windows\system32\msxml4.dll
- 2006-03-02 12:00 . 2004-02-22 23:00 1386496 d:\windows\system32\MSVBVM60.DLL
+ 2004-02-17 17:57 . 2004-02-23 10:42 1386496 d:\windows\system32\msvbvm60.dll
+ 2009-10-28 03:40 . 2009-10-28 03:40 3885984 d:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2009-09-16 23:16 . 2009-05-11 10:47 1302600 d:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\WUDFUpdate_01007.dll
+ 2009-12-16 02:07 . 2009-05-11 10:47 1302600 d:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\WUDFUpdate_01007.dll
+ 2009-12-16 02:05 . 2009-10-06 10:55 1112288 d:\windows\system32\DRVSTORE\ccdcmb_10FA6A921E353BE9BB700451FBD26A6E839F5860\wdfcoinstaller01007.dll
+ 2010-01-04 12:22 . 2005-12-05 17:09 2323664 d:\windows\system32\d3dx9_28.dll
- 2009-09-14 19:41 . 2009-09-14 19:41 3731456 d:\windows\system32\config\systemprofile\ntuser.dat
+ 2009-09-14 19:41 . 2009-11-12 14:04 3731456 d:\windows\system32\config\systemprofile\ntuser.dat
+ 2009-12-27 01:03 . 2009-12-27 01:03 1262080 d:\windows\Installer\80566a1.msi
+ 2009-12-18 21:25 . 2009-12-18 21:25 1141248 d:\windows\Installer\5ebc6.msi
+ 2009-12-28 21:27 . 2009-12-28 21:27 1495040 d:\windows\Installer\4b43b87.msi
+ 2009-12-03 18:30 . 2009-12-03 18:30 1236480 d:\windows\Installer\2a4b1d6.msi
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="d:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"DetectTray"="c:\program files\Genius\TVGo DVB-T02PRO\DetectTray.exe" [2007-09-21 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Firefox"="d:\program files\Mozilla Firefox\firefox -turbo" [X]
"HControl"="d:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2008-03-26 16859136]
"SMSERIAL"="d:\windows\sm56hlpr.exe" [2006-03-21 544768]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ACU"="d:\program files\Atheros\ACU.exe" [2006-07-04 336001]
"ASUS Live Update"="d:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"StatusClient"="d:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="d:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"WD Drive Manager"="d:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2009-05-27 450560]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"COMODO Internet Security"="d:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-11-18 1800464]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"FLMOFFICE4DMOUSE"="d:\program files\Labtec\Mouse\2.1\moffice.exe" [2009-12-10 958464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Mozilla Thunderbird.lnk - d:\program files\Mozilla Thunderbird\thunderbird.exe [2009-9-7 8318056]
Nastavenˇ myçi Labtec.lnk - d:\program files\Software laserov‚ myçi Labtec\MulMouse.exe [2009-12-10 352256]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-5 2057536]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-5 9116480]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=d:\windows\system32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 [X]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [23.11.2009 2:41 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [12.11.2009 14:33 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [12.11.2009 14:33 25160]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [23.11.2009 2:41 20560]
R2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe [10.11.2009 23:22 630272]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [5.11.2009 8:44 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [22.9.2009 23:26 721904]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 ivusb;Initio Driver for USB Default Controller;d:\windows\system32\DRIVERS\ivusb.sys --> d:\windows\system32\DRIVERS\ivusb.sys [?]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S3 UDGY;UDGY;d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe --> d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe [?]
S3 WXXLRUX;WXXLRUX;d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe --> d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-01-17 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]

2010-01-17 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]

2010-01-09 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]

2010-01-20 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]

2010-01-20 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/
uInternet Settings,ProxyOverride = <local>;*.local
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - http:/atlas.centrum.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\RadioWMPCore.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}\library\WINNT-32\MinimizeToTrayPlus.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: d:\program files\Musicnotes\npmusicn.dll
FF - plugin: d:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-NWEReboot - (no file)
ActiveSetup-ccc-core-static - msiexec



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 03:34
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwClose, ZwOpenFile

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(856)
d:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-01-20 03:39:57
ComboFix-quarantined-files.txt 2010-01-20 02:39
ComboFix2.txt 2009-11-23 01:27
ComboFix3.txt 2009-11-23 00:55
ComboFix4.txt 2009-11-16 13:23
ComboFix5.txt 2010-01-20 02:21

Před spuštěním: Volných bajtů: 50 287 403 008
Po spuštění: Volných bajtů: 50 244 497 408

Current=13 Default=13 Failed=12 LastKnownGood=14 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14
- - End Of File - - 27DBF02D7671A63BA9C8AA1BA4AA958A

Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

Collect::
d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe
d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe

Driver::
UDGY
WXXLRUX

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikionu CoémboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Díky za radu. Počítač již teď sice "žije", ale neustále zamrzá. Při otevření dvou a více oken se stává, že aplikace "neodpovídá", a to dokonce na hoooodně dlouho dobu. Systém vypadá, že je přetížen, i když podle výpisu "jede" na pár procent a paměť je vytížená na cca 800M ze 2G.
Přikládám výpis z RSIT a prosím o radu... je to pracovní počítač a jsem už z toho dost nešťastný. Mimochodem tam "visí" mfnhk32.dll a mfnsp32.dll a nejdou nijak vyhodit, ve správci procesů se občas objevuje HBPRO.exe o kterém nevím, co je a AVG Anti-Root Kit neustále vyhazuje přítomnost root virů. Předem moc děkuji!!!

Logfile of random's system information tool 1.06 (written by random/random)
Run by Petr at 2010-01-25 09:42:17
Microsoft Windows XP Home Edition Service Pack 3
System drive D: has 47 GB (67%) free of 69 GB
Total RAM: 1919 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:42:41, on 25.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\StkCSrv.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\ATK0100\HControl.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\ATK0100\ATKOSD.exe
D:\WINDOWS\sm56hlpr.exe
D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
D:\Program Files\Atheros\ACU.exe
D:\Program Files\ASUS\ASUS Live Update\ALU.exe
D:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
D:\WINDOWS\system32\rundll32.exe
D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\COMODO\COMODO Internet Security\cfp.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Genius\TVGo DVB-T02PRO\DetectTray.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\totalcmd\TotalCmd.exe
D:\WINDOWS\system32\taskmgr.exe
c:\Anti-Rooty\RSIT.exe
D:\Program Files\trend micro\Petr.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;*.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - D:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [HControl] D:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SMSERIAL] D:\WINDOWS\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "D:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [ASUS Live Update] D:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [StatusClient] D:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] D:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [WD Drive Manager] D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] D:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKCU\..\Run: [DetectTray] C:\Program Files\Genius\TVGo DVB-T02PRO\DetectTray.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Nastavení myši Labtec.lnk = ?
O4 - Global Startup: WDDMStatus.lnk = D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - D:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O10 - Unknown file in Winsock LSP: d:\program files\http debugger pro\mfnsp32.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2678920015
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - D:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Atheros Configuration Service (ACS) - Atheros - D:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - D:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - D:\WINDOWS\System32\StkCSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

--
End of file - 11848 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\Defraggler Volume C Task.job
D:\WINDOWS\tasks\Defraggler Volume D Task.job
D:\WINDOWS\tasks\Defraggler Volume G Task.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}]
IE Developer Toolbar BHO - D:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll [2007-03-01 623992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=D:\WINDOWS\ATK0100\HControl.exe [2006-10-14 110592]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2008-03-26 16859136]
"SMSERIAL"=D:\WINDOWS\sm56hlpr.exe [2006-03-21 544768]
"SynTPEnh"=D:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"ACU"=D:\Program Files\Atheros\ACU.exe [2006-07-04 336001]
"ASUS Live Update"=D:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30 51768]
"StatusClient"=D:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=D:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"WD Drive Manager"=D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [2009-05-27 450560]
"SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"COMODO Internet Security"=D:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2009-11-18 1800464]
"avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"NeroFilterCheck"=D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"InCD"=D:\Program Files\Nero\Nero 7\InCD\InCD.exe [2006-07-25 1043968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DetectTray"=C:\Program Files\Genius\TVGo DVB-T02PRO\DetectTray.exe [2007-09-21 131072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FLEXnet Licensing Service"=3
"SQLAgent$INVENTORCONTENT"=3

D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Nastavení myši Labtec.lnk - D:\Program Files\Software laserové myši Labtec\MulMouse.exe
WDDMStatus.lnk - D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2007-01-16 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - D:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"D:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="D:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\WINDOWS\system32\mmc.exe"="D:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console"
"D:\Documents and Settings\Petr\Data aplikací\uTorrent\utorrent.exe"="D:\Documents and Settings\Petr\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.scr - open - D:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-01-24 23:06:34 ----SHD---- D:\RECYCLER
2010-01-24 23:04:39 ----A---- D:\ComboFix.txt
2010-01-24 14:05:23 ----D---- D:\Documents and Settings\Petr\Data aplikací\Malwarebytes
2010-01-24 14:05:17 ----D---- D:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-01-24 14:05:14 ----D---- D:\Program Files\Malwarebytes' Anti-Malware
2010-01-24 13:50:37 ----D---- D:\!KillBox
2010-01-24 13:38:38 ----D---- D:\Documents and Settings\Petr\Data aplikací\Uniblue
2010-01-24 03:08:49 ----D---- D:\Program Files\Common Files\ParetoLogic
2010-01-24 02:53:28 ----D---- D:\Program Files\trend micro
2010-01-24 02:53:27 ----D---- D:\rsit
2010-01-24 01:58:54 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-01-24 00:22:34 ----D---- D:\WINDOWS\setup.pss
2010-01-22 23:51:49 ----D---- D:\Program Files\Common Files\ParallelGraphics
2010-01-22 23:46:55 ----D---- D:\Program Files\PlotSoft
2010-01-22 23:46:55 ----D---- D:\Documents and Settings\All Users\Data aplikací\PlotSoft
2010-01-22 23:44:45 ----D---- D:\Program Files\HTTP Debugger Pro
2010-01-22 17:20:15 ----D---- D:\Documents and Settings\Petr\Data aplikací\Greenshot
2010-01-22 00:24:31 ----D---- D:\WINDOWS\pss
2010-01-21 09:18:44 ----D---- D:\Program Files\GRISOFT
2010-01-21 08:58:58 ----A---- D:\WINDOWS\system32\tmp.txt
2010-01-21 08:58:30 ----A---- D:\rapport.txt
2010-01-20 23:22:29 ----D---- D:\Program Files\Microsoft WSE
2010-01-20 22:55:01 ----N---- D:\WINDOWS\system32\dbmsqlgc.dll
2010-01-20 22:55:01 ----N---- D:\WINDOWS\system32\dbmsgnet.dll
2010-01-20 22:53:53 ----D---- D:\Program Files\Microsoft SQL Server
2010-01-20 22:24:59 ----HDC---- D:\WINDOWS\$NtUninstallKB970430$
2010-01-20 22:24:50 ----HDC---- D:\WINDOWS\$NtUninstallKB976098-v2$
2010-01-20 22:24:41 ----HDC---- D:\WINDOWS\$NtUninstallKB955759$
2010-01-20 22:24:30 ----HDC---- D:\WINDOWS\$NtUninstallKB974318$
2010-01-20 22:24:02 ----HDC---- D:\WINDOWS\$NtUninstallKB972270$
2010-01-20 22:23:16 ----HDC---- D:\WINDOWS\$NtUninstallKB976325$
2010-01-20 22:08:46 ----D---- D:\Program Files\MSXML 4.0
2010-01-20 22:08:15 ----HDC---- D:\WINDOWS\$NtUninstallKB973687$
2010-01-20 22:07:56 ----HDC---- D:\WINDOWS\$NtUninstallKB973904$
2010-01-20 22:06:49 ----HDC---- D:\WINDOWS\$NtUninstallKB974392$
2010-01-20 22:05:03 ----HDC---- D:\WINDOWS\$NtUninstallKB971737$
2010-01-20 21:41:38 ----D---- D:\Documents and Settings\Petr\Data aplikací\Ahead
2010-01-20 21:38:18 ----D---- D:\Program Files\Nero
2010-01-20 21:25:00 ----A---- D:\WINDOWS\UPGRADE.TXT
2010-01-20 03:21:36 ----A---- D:\WINDOWS\NIRCMD.exe
2010-01-20 03:21:36 ----A---- D:\WINDOWS\MBR.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\zip.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWXCACLS.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWSC.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\SWREG.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\sed.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\PEV.exe
2010-01-20 03:21:35 ----A---- D:\WINDOWS\grep.exe
2010-01-13 22:46:23 ----A---- D:\WINDOWS\ROZPOCTY.INI
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\xfontman.dll
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\xaradocg.dll
2010-01-11 21:27:36 ----A---- D:\WINDOWS\system32\BMPImporter.dll
2010-01-11 21:27:33 ----A---- D:\WINDOWS\system32\templop.dll
2010-01-11 21:27:33 ----A---- D:\WINDOWS\system32\templman.dll
2010-01-04 13:25:20 ----D---- D:\Program Files\Common Files\Ahead
2010-01-04 13:22:24 ----A---- D:\WINDOWS\system32\d3dx9_28.dll
2010-01-04 00:04:54 ----D---- D:\Documents and Settings\All Users\Data aplikací\Musicnotes
2010-01-03 15:38:35 ----D---- D:\Program Files\Musicnotes
2010-01-03 02:26:50 ----D---- D:\Program Files\Advanced PDF to IMAGE converter
2010-01-02 22:28:43 ----D---- D:\Documents and Settings\Petr\Data aplikací\Foxit Software
2009-12-28 22:27:01 ----D---- D:\Program Files\Software602

======List of files/folders modified in the last 1 months======

2010-01-25 09:41:09 ----D---- D:\WINDOWS\Prefetch
2010-01-25 09:34:13 ----A---- D:\WINDOWS\WINCMD.INI
2010-01-25 08:42:16 ----D---- D:\Program Files\Mozilla Firefox
2010-01-25 08:41:57 ----D---- D:\WINDOWS\Temp
2010-01-25 08:35:15 ----D---- D:\WINDOWS\system32\CatRoot2
2010-01-25 08:31:56 ----D---- D:\WINDOWS\system32\drivers
2010-01-25 08:31:56 ----D---- D:\WINDOWS\system32
2010-01-25 02:24:43 ----D---- D:\WINDOWS
2010-01-25 01:38:21 ----D---- D:\Program Files\Mozilla Thunderbird
2010-01-24 23:22:25 ----HDC---- D:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-01-24 23:10:23 ----RD---- D:\Program Files
2010-01-24 23:06:34 ----D---- D:\WINDOWS\Debug
2010-01-24 23:04:57 ----AD---- D:\Qoobox
2010-01-24 22:54:02 ----A---- D:\WINDOWS\system.ini
2010-01-24 22:50:09 ----D---- D:\WINDOWS\system32\config
2010-01-24 22:49:44 ----D---- D:\WINDOWS\ERDNT
2010-01-24 22:45:18 ----D---- D:\WINDOWS\AppPatch
2010-01-24 22:45:15 ----AD---- D:\Program Files\Common Files
2010-01-24 22:34:08 ----RD---- D:\WINDOWS\Offline Web Pages
2010-01-24 21:15:28 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-01-24 19:25:09 ----D---- D:\Documents and Settings\Petr\Data aplikací\Skype
2010-01-24 13:31:21 ----A---- D:\WINDOWS\win.ini
2010-01-24 04:27:15 ----D---- D:\Config.Msi
2010-01-24 04:02:11 ----SHD---- D:\WINDOWS\Installer
2010-01-24 04:02:04 ----D---- D:\Documents and Settings\All Users\Data aplikací\ParetoLogic
2010-01-24 03:59:54 ----SD---- D:\WINDOWS\Tasks
2010-01-24 00:54:30 ----D---- D:\WINDOWS\system32\LogFiles
2010-01-23 22:23:56 ----HD---- D:\WINDOWS\inf
2010-01-23 22:23:51 ----D---- D:\Documents and Settings
2010-01-21 22:51:20 ----D---- D:\Documents and Settings\Petr\Data aplikací\Autodesk
2010-01-21 22:44:15 ----D---- D:\Program Files\Autodesk
2010-01-21 22:36:13 ----D---- D:\Documents and Settings\All Users\Data aplikací\Autodesk
2010-01-21 22:33:38 ----D---- D:\Program Files\Common Files\Autodesk Shared
2010-01-21 22:20:38 ----RSD---- D:\WINDOWS\Fonts
2010-01-21 03:50:36 ----HDC---- D:\WINDOWS\$NtUninstallKB973525$
2010-01-21 02:57:35 ----D---- D:\WINDOWS\Registration
2010-01-21 02:47:13 ----RSD---- D:\WINDOWS\assembly
2010-01-20 23:03:40 ----SD---- D:\WINDOWS\Downloaded Program Files
2010-01-20 22:25:02 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-01-20 22:24:39 ----HD---- D:\WINDOWS\$hf_mig$
2010-01-20 22:08:48 ----D---- D:\WINDOWS\WinSxS
2010-01-20 22:07:49 ----D---- D:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-01-20 02:30:08 ----D---- D:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-01-20 02:30:01 ----D---- D:\WINDOWS\Minidump
2010-01-20 02:25:08 ----D---- D:\Program Files\Microsoft Office
2010-01-20 02:23:26 ----D---- D:\Program Files\Common Files\Bluebeam Software
2010-01-20 02:22:43 ----D---- D:\Program Files\Common Files\SolidWorks Shared
2010-01-20 02:18:18 ----D---- D:\WINDOWS\system32\ShellExt
2010-01-19 00:59:47 ----D---- D:\Documents and Settings\Petr\Data aplikací\Alibre Design
2010-01-18 17:35:20 ----D---- D:\Documents and Settings\Petr\Data aplikací\gtk-2.0
2010-01-15 01:10:47 ----A---- D:\WINDOWS\wcx_ftp.ini
2010-01-14 11:57:16 ----D---- D:\UniScan
2010-01-11 20:43:15 ----D---- D:\Documents and Settings\Petr\Data aplikací\ColorImpact3
2010-01-09 21:12:17 ----D---- D:\WINDOWS\system32\NtmsData
2010-01-05 12:04:38 ----D---- D:\Documents and Settings\Petr\Data aplikací\Microsoft
2010-01-05 02:34:58 ----SD---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-01-05 02:30:57 ----D---- D:\Program Files\Defraggler
2010-01-04 16:17:48 ----A---- D:\WINDOWS\system32\MRT.exe
2010-01-04 13:20:48 ----D---- D:\WINDOWS\system32\DirectX
2010-01-01 08:03:39 ----D---- D:\Documents and Settings\Petr\Data aplikací\skypePM
2009-12-27 02:03:15 ----D---- D:\Program Files\Google
2009-12-26 01:55:02 ----D---- D:\Documents and Settings\Petr\Data aplikací\avidemux

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; D:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; D:\WINDOWS\System32\DRIVERS\cmdguard.sys [2009-11-26 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver; D:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2009-11-18 25160]
R1 InCDPass;InCDPass; D:\WINDOWS\system32\drivers\InCDPass.sys [2006-07-25 31488]
R1 incdrm;InCD Reader; D:\WINDOWS\system32\drivers\InCDRm.sys [2006-07-25 33792]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tosrfcom;Bluetooth RFCOMM; D:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; D:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-09-07 21275]
R2 Aspi32;Aspi32; D:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R2 Sentinel;Sentinel; D:\WINDOWS\System32\Drivers\SENTINEL.SYS [2002-12-17 76288]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; D:\WINDOWS\system32\DRIVERS\athw.sys [2009-06-03 1570240]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter; D:\WINDOWS\system32\DRIVERS\atl02_xp.sys [2006-08-14 27776]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-01-16 1957376]
R3 BthEnum;Ovladač pro Bluetooth Request Block; D:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); D:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; D:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 CmBatt;Microsoft AC Adapter Driver; D:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-03-26 4713472]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; D:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 MODEMCSA;Unimodem Streaming Filter Device; D:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 moufiltr;Labtec Wireless Laser Mouse; D:\WINDOWS\system32\DRIVERS\moufiltr.sys [2007-05-07 13824]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; D:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); D:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; D:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 RTSTOR;USB Mass Stroage Device; D:\WINDOWS\system32\drivers\RTSTOR.SYS [2006-06-09 27520]
R3 smserial;smserial; D:\WINDOWS\system32\DRIVERS\smserial.sys [2006-03-21 889472]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; D:\WINDOWS\System32\Drivers\StkCMini.sys [2007-06-06 1260672]
R3 tosporte;Bluetooth COM Port; D:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 WDC_SAM;WD SCSI Pass Thru driver; D:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
R4 InCDfs;InCD File System; D:\WINDOWS\system32\drivers\InCDFs.sys [2006-07-25 102912]
S3 41011;41011; \??\D:\WINDOWS\system32\41011.sys []
S3 a09n5m24;a09n5m24; D:\WINDOWS\system32\drivers\a09n5m24.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; D:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-07-17 494080]
S3 BTHPORT;Ovladač portu Bluetooth; D:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 catchme;catchme; \??\D:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Dot4;Ovladač MS IEEE-1284.4; D:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; D:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; D:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 EC168BDA;TVGo DVB-T02PRO; D:\WINDOWS\system32\DRIVERS\EC168BDA.sys [2007-05-18 67968]
S3 ivusb;Initio Driver for USB Default Controller; D:\WINDOWS\system32\DRIVERS\ivusb.sys []
S3 MPE;Filtr MPE BDA; D:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; D:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; D:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; D:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; D:\WINDOWS\system32\drivers\StarOpen.sys [2009-09-28 7168]
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SynTP;Synaptics TouchPad Driver; D:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; D:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS; D:\WINDOWS\System32\Drivers\tosrfbd.sys [2007-04-24 113920]
S3 Tosrfbnp;Bluetooth RFBNEP; D:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; D:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; D:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; D:\WINDOWS\system32\drivers\TosRfSnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; D:\WINDOWS\System32\Drivers\tosrfusb.sys [2007-06-11 41856]
S3 TVICHW32;TVICHW32; \??\D:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 upperdev;upperdev; D:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 USB_RNDIS;USB Remote NDIS Network Device Driver; D:\WINDOWS\system32\DRIVERS\usb8023k.sys [2002-08-12 11136]
S3 usbser;USB Modem Driver; D:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 Wdf01000;Kernel Mode Driver Frameworks service; D:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; D:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; D:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 BthServ;Bluetooth Support Service; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-07 723632]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; D:\WINDOWS\System32\StkCSrv.exe [2007-04-19 24576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; D:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service; D:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2009-05-27 102400]
R2 WDDMService;WD SmartWare Drive Manager; D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-05 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ACS;Atheros Configuration Service; D:\WINDOWS\system32\acs.exe [2009-11-12 278613]
S2 gupdate;Služba Google Update (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-13 133104]
S2 InCDsrv;InCD Helper; D:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-07-25 849408]
S3 aspnet_state;Stavová služba ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; D:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-09-11 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; D:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 NBService;NBService; D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-08-23 724992]
S3 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe []
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; D:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S3 ServiceLayer;ServiceLayer; D:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2007-01-16 438272]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-03 654848]
S4 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT; D:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe [2002-12-17 7520337]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager; D:\Flexlm\lmgrd.exe []
S4 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT; D:\Program Files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE [2002-12-17 311872]

-----------------EOF-----------------

Log vypadá čistý. Zkuste obnovu systému k datu, kdy korektně fungoval.

Oki... zkusím a dám vědět... eventuelně zase hodím výpis... a díky!

Zatím není zač!

tak nevím....

ComboFix 09-11-11.02 - Petr 12.11.2009 14:04.1.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1483 [GMT 1:00]
Spuštěný z: I:\OpravTo.exe
AV: avast! antivirus 4.8.1351 [VPS 091111-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\documents and settings\Petr\Data aplikací\drivers\downld
d:\documents and settings\Petr\Data aplikací\drivers\downld\1205125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1205953.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1205984.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1206531.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1206937.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1206968.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1224296.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1224531.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1224546.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1242328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1243046.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1243218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1243593.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1244078.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1244750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1245125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1267765.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1269687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1270359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1304734.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1307734.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1308328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1314218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1315187.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1315531.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1392625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1392828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1392875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1393140.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1393312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1410562.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1410750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1410781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1429312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1430093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1430312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1430687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1431203.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1431218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1431875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1432312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1467156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1471281.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1474781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1486625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1487437.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1489328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1489875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1491093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1493578.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1495906.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1497156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1497468.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1502828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1502921.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1507468.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1507812.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1507890.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1518078.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1518687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1518703.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1538671.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1539296.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1539828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\170281.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\174359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1794328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1794781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1794828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1795093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1795359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1813984.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1814187.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1814218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\181484.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1835015.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1836078.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1836250.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1836718.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1837375.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1837406.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1838125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1838500.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1838546.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18539750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18545406.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18554859.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18557093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18576562.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\18580468.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1862703.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1864062.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1864765.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1889843.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1893062.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1893593.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\189421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1901171.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1902562.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\1902890.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\190406.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\201156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\202234.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\207359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\221531.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\221687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\221828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\222750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\226578.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\227093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\227265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\237218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\237781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\238125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\241500.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\241703.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\241718.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\245437.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\245812.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\245968.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\250234.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\252593.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\256359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\257000.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\257281.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\262312.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\262875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\264421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\264796.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\270625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\277437.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\277656.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\278109.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\278625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\302265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\302500.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\302921.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\307562.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\308265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\308515.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\318000.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\318625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\318750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\358421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\359187.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\359625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\426234.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\429593.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\429640.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\429906.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\430093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\430109.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\447265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\447453.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\447484.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\464906.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\465687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\465843.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\466390.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\466765.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\466828.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\467546.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\467890.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\490093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\491796.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\492390.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\516218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\518750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\519375.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\522656.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523015.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523453.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523656.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\523718.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\528578.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\529546.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\529921.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\541421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\542250.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\542265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\559625.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\560781.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\561218.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\562015.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\562640.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\562843.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\563968.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\564328.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\564515.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\590953.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\592343.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\592953.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\614421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\617750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\618390.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\624640.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\625937.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\626250.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\660421.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\664296.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\664687.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\669109.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\670953.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\675875.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\693000.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\693093.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\693125.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\697156.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\697671.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\697750.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\706359.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\707265.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\729203.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\729968.exe
d:\documents and settings\Petr\Data aplikací\drivers\downld\730390.exe
d:\documents and settings\Petr\Data aplikací\drivers\winupgro.exe
d:\documents and settings\Petr\Data aplikací\m\shared
d:\documents and settings\Petr\Data aplikací\m\shared\Adobe icons collection.zip
d:\documents and settings\Petr\Data aplikací\m\shared\ArcSoft_Scrapbook_Creator_Memories_Edition_1.0.9.9_(Crack).zip
d:\documents and settings\Petr\Data aplikací\m\shared\Art_of_Titian_1.0_[With_Crack].zip
d:\documents and settings\Petr\Data aplikací\m\shared\Arty_Flash_Player_1.23.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Astral_II_2.0.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Atrise PHP Script Debugger 3.0.1.zip
d:\documents and settings\Petr\Data aplikací\m\shared\AWS Docket 3.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Brain Workshop 2.1.zip
d:\documents and settings\Petr\Data aplikací\m\shared\CD-Tag 2.26.zip
d:\documents and settings\Petr\Data aplikací\m\shared\CDEdit 1.1.46.zip
d:\documents and settings\Petr\Data aplikací\m\shared\DBtree 0.8.3 Beta.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Direct Access 1.6.6.zip
d:\documents and settings\Petr\Data aplikací\m\shared\DirSize 4.8.zip
d:\documents and settings\Petr\Data aplikací\m\shared\DJ Flanger 1438.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Dune and Desert Screen Saver 1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Easter Eggs - Animated Wallpaper 5.07.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Eastsea_Outlook_Express_Backup_1.50.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Easy Email Encryption 6.17.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Easy_Banner_Creator_1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Flash Screensaver Maker Simple Version 3.8.zip
d:\documents and settings\Petr\Data aplikací\m\shared\FlashCapture_1.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\FlashPPT_4.0.czip
d:\documents and settings\Petr\Data aplikací\m\shared\Folder-Snap 1.4.1.105.zip
d:\documents and settings\Petr\Data aplikací\m\shared\FtpVC_2.4_(KeyGen).zip
d:\documents and settings\Petr\Data aplikací\m\shared\generateAfeed_dB_-_PHP_1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Get_My_Files_Back_5.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\How_To_Survive_A_Power_Outage_While_Writing_1.0_(Key).zip
d:\documents and settings\Petr\Data aplikací\m\shared\CHEAPSKATE 1.5.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Image2Html 1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Jalmus 1.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Javascript Obfuscator 3.0.5.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Javascript_Outline_Builder_1.0_Serial.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Job Search Tracker 1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\LingvoSoft Suite Deluxe 2007 English - Portuguese 2.0.24.zip
d:\documents and settings\Petr\Data aplikací\m\shared\LingvoSoft_Picture_Dictionary_2007_English_-_Polish_1.1.17_(Cracked).zip
d:\documents and settings\Petr\Data aplikací\m\shared\LingvoSoft_Picture_Dictionary_2007_Spanish_-_Arabic_1.1.19.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Lotto PowerPlayer Pro 2009 6.7.zip
d:\documents and settings\Petr\Data aplikací\m\shared\MAP-Blend 1.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Mars 3D ScreenSaver 1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Max Payne - Matrix II map.zip
d:\documents and settings\Petr\Data aplikací\m\shared\McAfee.Alert.Manager.v4.7.1-ROR.zip
d:\documents and settings\Petr\Data aplikací\m\shared\MedInfoE_4.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\MIDIFADE_1.5.zip
d:\documents and settings\Petr\Data aplikací\m\shared\mjSQLDataScripter_1.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\MySQL Data Access Components 5.00.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Native_American_Art_6.1_(KeyGen).zip
d:\documents and settings\Petr\Data aplikací\m\shared\Networker IM 3.6.zip
d:\documents and settings\Petr\Data aplikací\m\shared\NOD32.Antivirus.System.v2.51.8.Administrator.Edition.Win2K.NT.XP.2K3.Retail.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Okoker_Free_DVD_Burner_1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\oogalleryimport 0.5.zip
d:\documents and settings\Petr\Data aplikací\m\shared\PanelBar Studio 4.0.92.zip
d:\documents and settings\Petr\Data aplikací\m\shared\PDF_to_Text_Converter_2.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\PowerFolder 3.0.2.zip
d:\documents and settings\Petr\Data aplikací\m\shared\SATextureLab 1.5.zip
d:\documents and settings\Petr\Data aplikací\m\shared\SaxLab 1.4.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Smart Color Pick'n'Capture 1.00.zip
d:\documents and settings\Petr\Data aplikací\m\shared\SmileCamFX_1.0_(Serial).zip
d:\documents and settings\Petr\Data aplikací\m\shared\SpiceCharts 3D Pie Chart 1.6.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Spot_Shop_Software_DESengine_Server_1.1.zip
d:\documents and settings\Petr\Data aplikací\m\shared\StayInformed 1.3.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Tinynice_MP3Recorder_1.00.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Tipard DVD to iPhone Converter 3.2.38.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Token2 Plus 4.6 build 1421.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Universal_Internet_Dialer_2.3.zip
d:\documents and settings\Petr\Data aplikací\m\shared\VBScript2Exe_1.4.zip
d:\documents and settings\Petr\Data aplikací\m\shared\VisiPPT_1.0.zip
d:\documents and settings\Petr\Data aplikací\m\shared\VitaMem Pro 2.2.0.1.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Wallpaper_Photo_Show_1.1_(With_Crack).zip
d:\documents and settings\Petr\Data aplikací\m\shared\WinCalendar 2.57.zip
d:\documents and settings\Petr\Data aplikací\m\shared\Wine_Chronicle_1.1.zip
d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
d:\windows\a3kebook.ini
d:\windows\akebook.ini
d:\windows\ANS2000.INI
d:\windows\system32\ban_list.txt
d:\windows\system32\ieuinit.inf
d:\windows\system32\mdelk.exe
d:\windows\system32\srosa2.sys
d:\windows\system32\wfsintwq.sys
d:\windows\system32\Winacprd0.dll
d:\windows\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SK9OU0S


((((((((((((((((((((((((( Soubory vytvořené od 2009-10-12 do 2009-11-12 )))))))))))))))))))))))))))))))
.

2009-11-12 12:49 . 2009-11-12 12:53 -------- d-----w- D:\OpravTo
2009-11-12 12:42 . 2009-11-12 12:42 -------- d-----w- D:\FixMePlease
2009-11-12 09:45 . 2009-11-12 09:45 53136 ----a-w- d:\windows\system32\PxSecure.dll
2009-11-12 09:45 . 2009-11-12 09:45 46768 ----a-w- d:\windows\system32\drivers\pxrts.sys
2009-11-12 09:45 . 2009-11-12 09:45 30280 ----a-w- d:\windows\system32\drivers\pxscan.sys
2009-11-12 09:45 . 2009-11-12 09:45 24368 ----a-w- d:\windows\system32\drivers\pxkbf.sys
2009-11-12 09:44 . 2009-11-12 09:45 -------- d-----w- d:\program files\Prevx
2009-11-12 09:35 . 2009-11-12 09:35 -------- d-----w- d:\program files\Naevius USB Antivirus
2009-11-12 02:16 . 2001-10-24 11:24 66048 -c--a-w- d:\windows\system32\dllcache\s3legacy.dll
2009-11-12 02:16 . 2009-08-04 20:59 2191360 ----a-w- d:\windows\system32\dllcache\ntoskrnl.exe
2009-11-12 02:16 . 2003-04-14 18:48 212992 ----a-w- d:\windows\system32\dllcache\fpmmcsat.dll
2009-11-11 00:10 . 2009-11-11 00:10 -------- d-----w- d:\program files\Common Files\McNeel Shared
2009-11-11 00:09 . 2009-11-11 00:10 -------- d-----w- d:\program files\Rhinoceros 4.0
2009-11-10 22:58 . 2009-11-10 22:58 -------- d-----w- d:\program files\SolidWorks Explorer
2009-11-10 22:58 . 2009-11-10 22:58 -------- d-----w- d:\program files\SolidWorks Viewer
2009-11-10 22:56 . 2009-11-10 23:03 -------- d-----w- d:\program files\PDMWorks2005
2009-11-10 22:54 . 2009-11-11 00:03 -------- d-----w- d:\program files\Common Files\eDrawings2005
2009-11-10 22:52 . 2004-05-10 13:19 639052 ----a-w- d:\windows\system32\BBPDFPortMon.dll
2009-11-10 22:50 . 2009-11-10 22:56 -------- d-----w- d:\program files\Common Files\SolidWorks Shared
2009-11-10 22:50 . 2009-11-10 22:50 -------- d-----w- d:\program files\Common Files\Bluebeam Software
2009-11-10 22:48 . 2009-11-10 22:50 -------- d-----w- d:\program files\Bluebeam Software
2009-11-10 22:48 . 2009-11-10 23:01 -------- d-----w- d:\program files\SolidWorks
2009-11-10 22:48 . 2009-11-10 22:48 -------- d-----w- d:\program files\Common Files\Solidworks Data
2009-11-10 22:22 . 2009-11-12 13:15 -------- d-----w- D:\Flexlm
2009-11-09 15:50 . 2009-02-24 17:42 116736 ----a-w- d:\windows\system32\drivers\mcdbus.sys
2009-11-09 15:50 . 2009-11-09 15:50 -------- d-----w- d:\program files\MagicDisc
2009-11-08 19:32 . 2003-11-13 11:13 118784 ----a-w- d:\windows\system32\XMUpload.dll
2009-11-08 19:32 . 2003-10-17 13:03 876544 ----a-w- d:\windows\system32\XaraDocG.dll
2009-11-08 19:32 . 2003-10-17 13:03 126976 ----a-w- d:\windows\system32\TemplMan.dll
2009-11-08 19:32 . 2003-10-14 14:49 253952 ----a-w- d:\windows\system32\TemplOp.dll
2009-11-08 19:32 . 2003-10-06 13:45 23552 ----a-w- d:\windows\system32\XFontMan.dll
2009-11-08 19:32 . 2003-10-01 13:49 131072 ----a-w- d:\windows\system32\BmpImporter.dll
2009-11-08 19:32 . 2003-05-19 15:18 86016 ----a-w- d:\windows\system32\BinCoder.dll
2009-11-08 14:31 . 2009-11-08 14:31 -------- d-----w- d:\windows\SolidWorks
2009-11-07 18:10 . 2009-11-07 18:31 -------- d-----w- d:\program files\iTV
2009-10-30 23:58 . 2009-11-05 10:32 -------- d-----w- D:\totalcmd
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\UC.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\RAR.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\PKZIP.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\PKUNZIP.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\NOCLOSE.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\LHA.PIF
2009-10-30 23:58 . 2009-09-24 06:50 545 ----a-w- d:\windows\ARJ.PIF
2009-10-29 20:03 . 2009-10-29 20:03 -------- d-----w- d:\program files\Smart Projects
2009-10-29 10:05 . 2003-03-19 11:44 45056 ----a-w- d:\windows\system32\MFC71CHT.DLL
2009-10-29 10:02 . 2008-04-13 19:46 15232 -c--a-w- d:\windows\system32\dllcache\mpe.sys
2009-10-29 10:02 . 2008-04-13 19:46 15232 ----a-w- d:\windows\system32\drivers\MPE.sys
2009-10-29 10:01 . 2007-02-26 10:40 7107 ----a-w- d:\windows\system32\drivers\EC168BDA.bin
2009-10-29 10:01 . 2006-12-12 16:56 104 ----a-w- d:\windows\system32\drivers\EC168Hid.dat
2009-10-29 10:01 . 2006-07-31 03:56 4096 ----a-w- d:\windows\system32\HUCoInstaller.dll
2009-10-29 10:01 . 2007-05-18 12:18 67968 ----a-w- d:\windows\system32\drivers\EC168BDA.sys
2009-10-29 10:01 . 2004-07-09 03:26 354816 -c--a-w- d:\windows\system32\dllcache\psisdecd.dll
2009-10-29 10:01 . 2004-07-09 03:26 354816 ----a-w- d:\windows\system32\PsisDecd.dll
2009-10-29 10:01 . 2004-07-09 03:26 11392 -c--a-w- d:\windows\system32\dllcache\bdasup.sys
2009-10-29 10:01 . 2004-07-09 03:26 11392 ----a-w- d:\windows\system32\drivers\BdaSup.sys
2009-10-28 23:23 . 2009-10-28 23:26 -------- d-----w- d:\windows\system32\NtmsData
2009-10-28 22:47 . 2009-10-28 22:47 -------- d-----w- d:\program files\Western Digital Technologies
2009-10-28 22:46 . 2009-10-28 22:46 -------- d-----w- d:\program files\Western Digital Corporation
2009-10-28 22:35 . 2009-10-28 22:36 -------- d-----w- D:\b90451c29ad1fe142890
2009-10-28 21:07 . 2009-02-13 11:02 11520 ----a-w- d:\windows\system32\drivers\wdcsam.sys
2009-10-28 21:07 . 2009-10-28 22:00 -------- d-----w- d:\program files\Western Digital
2009-10-27 00:49 . 2009-10-27 00:49 -------- d-----w- d:\program files\Core Services
2009-10-23 19:30 . 2009-10-23 20:23 -------- d-----w- d:\program files\Opti Drive Control
2009-10-23 19:12 . 2009-10-23 19:14 -------- d-----w- d:\program files\Philips Intelligent Agent
2009-10-20 11:27 . 2009-10-20 11:27 -------- d-----w- d:\windows\system32\Adobe
2009-10-20 11:25 . 2009-10-20 11:25 -------- d-----w- d:\documents and settings\Petr\.HenselEnyGuide
2009-10-13 23:37 . 2009-10-13 23:37 -------- d-----w- d:\windows\system32\wbem\Repository

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-12 13:17 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-11-12 01:47 . 2006-03-02 12:00 98024 ----a-w- d:\windows\system32\perfc005.dat
2009-11-12 01:47 . 2006-03-02 12:00 466418 ----a-w- d:\windows\system32\perfh005.dat
2009-11-03 22:52 . 2009-09-11 21:47 -------- d-----w- d:\program files\Java
2009-11-01 22:23 . 2009-10-03 09:07 -------- d-----w- d:\program files\Common Files\Adobe
2009-10-29 10:05 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-10-26 00:18 . 2009-09-11 20:52 -------- d-----w- d:\program files\AutoCAD 2009
2009-10-24 09:52 . 2009-09-12 22:28 108024 ---ha-w- d:\windows\system32\mlfcache.dat
2009-10-22 18:50 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-10-15 15:36 . 2009-09-11 22:47 -------- d-----w- d:\program files\Foxit Software
2009-10-12 22:33 . 2009-10-12 22:33 -------- d-----w- d:\program files\FLV Player
2009-10-11 19:04 . 2009-10-11 19:03 -------- d-----w- d:\program files\DWG TrueView 2010
2009-10-11 19:04 . 2009-09-11 20:11 -------- d-----w- d:\program files\Common Files\Autodesk Shared
2009-10-11 03:17 . 2009-09-11 21:48 411368 ----a-w- d:\windows\system32\deploytk.dll
2009-10-07 19:48 . 2009-10-07 19:48 -------- d-----w- d:\program files\Common Files\ABBYY
2009-10-03 09:20 . 2009-10-03 09:20 -------- d-----w- d:\program files\QuickTime
2009-10-03 09:18 . 2009-10-03 09:18 -------- d-----w- d:\program files\Bonjour
2009-10-03 09:10 . 2009-10-03 09:10 -------- d-----w- d:\program files\Common Files\Macrovision Shared
2009-10-01 22:03 . 2009-10-01 22:03 -------- d-----w- d:\program files\Common Files\Windows Live
2009-09-28 19:57 . 2009-10-10 00:15 7168 ----a-w- d:\windows\system32\drivers\StarOpen.sys
2009-09-27 05:38 . 2009-09-27 05:38 -------- d-----w- d:\program files\ESTsoft
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
2009-09-26 20:48 . 2009-09-26 20:48 -------- d-----w- d:\program files\LizardTech
2009-09-26 20:41 . 2009-09-26 20:41 160323 ----a-w- d:\windows\Sqirlz Morph Uninstaller.exe
2009-09-26 18:15 . 2009-09-26 18:15 -------- d-----w- d:\program files\MSXML 4.0
2009-09-26 00:00 . 2009-09-25 23:59 -------- d-----w- d:\program files\Common Files\Xara
2009-09-25 19:02 . 2009-09-11 21:33 -------- d-----w- d:\program files\Mozilla Sunbird
2009-09-25 05:37 . 2006-03-02 12:00 1510400 ----a-w- d:\windows\system32\shdocvw(2).dll
2009-09-24 10:55 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-09-23 20:57 . 2009-09-23 20:57 45 ---h--w- d:\windows\dsez8403.dat
2009-09-23 16:32 . 2009-09-23 16:32 -------- d-----w- d:\program files\CAM Development
2009-09-23 09:26 . 2009-09-23 09:26 -------- d-----w- d:\program files\Toshiba
2009-09-22 22:26 . 2009-09-22 22:26 721904 ----a-w- d:\windows\system32\drivers\sptd.sys
2009-09-20 22:04 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2009-09-20 21:43 . 2009-09-20 21:43 23600 ----a-w- d:\windows\system32\drivers\TVICHW32.SYS
2009-09-19 16:13 . 2009-09-19 16:13 -------- d-----w- d:\program files\Windows Media Connect 2
2009-09-18 21:15 . 2009-09-18 21:15 -------- d-----w- d:\program files\eXaNetworks Setup Files
2009-09-18 14:30 . 2009-09-12 17:22 -------- d-----w- d:\program files\PROFIT
2009-09-18 11:05 . 2009-09-07 21:04 179792 ----a-w- d:\windows\system32\guard32.dll
2009-09-16 23:50 . 2009-09-16 23:17 -------- d-----w- d:\program files\Common Files\Nokia
2009-09-16 23:19 . 2009-09-16 23:19 0 ---ha-w- d:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-09-16 23:19 . 2009-09-16 23:19 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-09-16 23:17 . 2009-09-16 23:17 -------- d-----w- d:\program files\Common Files\PCSuite
2009-09-16 23:16 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-09-16 23:16 . 2009-09-16 23:16 -------- d-----w- d:\program files\PC Connectivity Solution
2009-09-16 20:04 . 2009-09-16 20:04 -------- d-----w- d:\program files\SunnyDesign
2009-09-16 20:02 . 2009-09-16 20:02 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-09-12 22:09 . 2009-09-12 22:07 19496 ----a-w- d:\windows\hpqins13.dat
2009-09-11 22:44 . 2009-09-11 22:44 45056 ----a-w- d:\windows\NCUNINST.EXE
2009-09-11 20:21 . 2009-09-11 20:18 674 ----a-w- d:\windows\PowerReg.dat
2009-09-11 14:19 . 2006-03-02 12:00 136192 ----a-w- d:\windows\system32\msv1_0.dll
2009-09-11 14:18 . 2009-09-11 14:18 56 ---ha-w- d:\windows\system32\ezsidmv.dat
2009-09-07 20:45 . 2009-09-07 20:45 0 ----a-w- d:\windows\nsreg.dat
2009-09-07 20:33 . 2009-09-07 20:33 21275 ----a-w- d:\windows\system32\drivers\AegisP.sys
2009-09-07 20:23 . 2009-09-07 20:23 315392 ----a-w- d:\windows\HideWin.exe
2009-09-07 20:18 . 2009-09-07 19:27 76487 ----a-w- d:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-09-07 20:18 . 2009-09-07 19:27 2684 ----a-w- d:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-09-07 20:15 . 2009-09-07 19:27 8972 ----a-w- d:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-09-07 19:25 . 2009-09-07 19:25 21812 ----a-w- d:\windows\system32\emptyregdb.dat
2009-09-04 21:05 . 2006-03-02 12:00 58880 ----a-w- d:\windows\system32\msasn1.dll
2009-08-26 08:02 . 2006-03-02 12:00 247326 ----a-w- d:\windows\system32\strmdll.dll
2009-08-17 21:33 . 2009-08-17 21:33 1193832 ----a-w- d:\windows\system32\FM20.DLL
2009-08-17 16:10 . 2009-09-11 19:15 1279456 ----a-w- d:\windows\system32\aswBoot.exe
2009-08-17 16:06 . 2009-09-11 19:15 93392 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-08-17 16:02 . 2009-09-11 19:15 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-08-14 15:15 . 2006-03-02 12:00 1850624 ----a-w- d:\windows\system32\win32k.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="d:\program files\Skype\\Phone\Skype.exe" [2009-10-09 25623336]
"Philips Intelligent Agent"="d:\program files\Philips Intelligent Agent\Philips Intelligent Agent.exe" [2008-02-21 613792]
"DetectTray"="c:\program files\Genius\TVGo DVB-T02PRO\DetectTray.exe" [2007-09-21 131072]
"flec003.exe"="d:\documents and settings\Petr\Data aplikací\hidires\flec003.exe" [2009-11-12 2557956]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="d:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"SMSERIAL"="d:\windows\sm56hlpr.exe" [2006-03-21 544768]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ACU"="d:\program files\Atheros\ACU.exe" [2006-07-04 336001]
"ASUS Live Update"="d:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-12 81000]
"StatusClient"="d:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="d:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"COMODO Internet Security"="c:\program files\Comodo\COMODO Internet Security\cfp.exe" [2009-11-12 1799952]
"WD Drive Manager"="d:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2009-05-27 450560]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"RTHDCPL"="RTHDCPL.EXE" - d:\windows\RTHDCPL.exe [2008-03-26 16859136]
"BluetoothAuthenticationAgent"="bthprops.cpl" - d:\windows\system32\bthprops.cpl [2008-04-14 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Mozilla Thunderbird.lnk - d:\program files\Mozilla Thunderbird\thunderbird.exe [2009-9-7 8318056]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-10-14 2049344]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-10-14 9085760]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=d:\windows\system32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"d:\\Program Files\\Philips Intelligent Agent\\Philips Intelligent Agent.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\m\\flec006.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\hidires\\flec003.exe"=

R0 pxscan;pxscan;d:\windows\system32\drivers\pxscan.sys [12.11.2009 10:45 30280]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 pxrts;pxrts;d:\windows\system32\drivers\pxrts.sys [12.11.2009 10:45 46768]
R2 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe [10.11.2009 23:22 630272]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [14.10.2009 14:31 98304]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 9:58 20480]
R3 pxkbf;pxkbf;d:\windows\system32\drivers\pxkbf.sys [12.11.2009 10:45 24368]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S1 aswSP;avast! Self Protection; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\DRIVERS\cmdguard.sys --> d:\windows\system32\DRIVERS\cmdguard.sys [?]
S1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\DRIVERS\cmdhlp.sys --> d:\windows\system32\DRIVERS\cmdhlp.sys [?]
S2 aswFsBlk;aswFsBlk;d:\windows\system32\DRIVERS\aswFsBlk.sys --> d:\windows\system32\DRIVERS\aswFsBlk.sys [?]
S2 CSIScanner;CSIScanner;d:\program files\Prevx\prevx.exe [12.11.2009 10:45 6210488]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S3 UDGY;UDGY;d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe --> d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe [?]
S3 WXXLRUX;WXXLRUX;d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe --> d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe [?]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - MBR
*Deregistered* - mbr

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {589F60BC-2712-FB88-7CF0-BE9E09DDD892} /qb
.
Obsah adresáře 'Naplánované úlohy'

2009-11-12 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-10-01 18:28]

2009-11-12 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-10-01 18:28]

2009-11-11 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-10-01 18:28]

2009-11-12 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]

2009-11-12 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/
uInternet Settings,ProxyOverride = <local>;*.local
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.atlas.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firetray@radicalsoft.com\components\firetray.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-StartCCC - d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
HKLM-Run-usbantivirus - d:\program files\Naevius USB Antivirus\usbantivirus.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-12 14:16
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spjh.sys >>UNKNOWN [0x8DFCE938]<<
kernel: MBR read successfully
user & kernel MBR OK
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

atapi.sys @ 0x0 0x0 bytes

\Driver\atapi [ IRP_MJ_CREATE ] 0xA6F2 != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_CLOSE ] 0xA6F2 != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_DEVICE_CONTROL ] 0xA712 != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_INTERNAL_DEVICE_CONTROL ] 0x6852 != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_POWER ] 0xA73C != 0xBA621B40 atapi.sys
\Driver\atapi [ IRP_MJ_SYSTEM_CONTROL ] 0x11336 != 0xBA621B40 atapi.sys
\Driver\atapi IRP hooks detected !

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(792)
d:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3528)
d:\windows\system32\msi.dll
d:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\program files\Bonjour\mDNSResponder.exe
d:\program files\Java\jre6\bin\jqs.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
d:\windows\system32\wbem\wmiapsrv.exe
d:\windows\system32\wscntfy.exe
d:\windows\system32\rundll32.exe
d:\program files\Skype\Phone\Skype.exe
d:\windows\ATK0100\ATKOSD.exe
d:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
d:\totalcmd\TotalCmd.exe
d:\program files\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
994

Ještě dočistíme. Přesuňte ComoboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

Collect::
d:\documents and settings\Petr\Data aplikací\hidires\flec003.exe
d:\docume~1\Petr\LOCALS~1\Temp\UDGY.exe
d:\docume~1\Petr\LOCALS~1\Temp\WXXLRUX.exe

Driver::
UDGY
WXXLRUX

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"flec003.exe"=-

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Udělal jsem obnovení zpátky o měsíc a pak projel Combem. Tohle je poslední výpis. Teď ještě projedu podle rady. Ztím díky

ComboFix 10-01-19.03 - Petr 25.01.2010 20:34:47.14.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1302 [GMT 1:00]
Spuštěný z: c:\anti-rooty\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100125-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-12-25 do 2010-01-25 )))))))))))))))))))))))))))))))
.

2010-01-25 17:12 . 2010-01-25 17:12 8576 ----a-w- d:\windows\system32\drivers\yporaormwtcq.sys
2010-01-22 22:51 . 2010-01-22 22:51 -------- d-----w- d:\program files\Common Files\ParallelGraphics
2010-01-22 22:46 . 2010-01-22 22:46 -------- d-----w- d:\program files\PlotSoft
2010-01-22 22:44 . 2010-01-24 03:42 -------- d-----w- d:\program files\HTTP Debugger Pro
2010-01-22 10:24 . 2010-01-22 10:24 54624 ----a-w- d:\windows\system32\41011.sys
2010-01-21 08:18 . 2007-01-18 12:00 3968 ----a-w- d:\windows\system32\drivers\AvgArCln.sys
2010-01-20 22:22 . 2010-01-21 01:24 -------- d-----w- d:\program files\Microsoft WSE
2010-01-20 21:55 . 2002-12-17 15:23 33340 ------w- d:\windows\system32\dbmsqlgc.dll
2010-01-20 21:55 . 2002-10-20 13:05 24576 ------w- d:\windows\system32\dbmsgnet.dll
2010-01-20 21:53 . 2010-01-20 21:53 -------- d-----w- d:\program files\Microsoft SQL Server
2010-01-20 21:08 . 2010-01-20 21:08 -------- d-----w- d:\program files\MSXML 4.0
2010-01-20 20:38 . 2010-01-20 20:38 -------- d-----w- d:\program files\Nero
2010-01-11 20:27 . 2002-08-23 12:37 880694 ----a-w- d:\windows\system32\xaradocg.dll
2010-01-11 20:27 . 2002-06-28 08:24 23552 ----a-w- d:\windows\system32\xfontman.dll
2010-01-11 20:27 . 2002-06-28 08:24 139264 ----a-w- d:\windows\system32\BMPImporter.dll
2010-01-11 20:27 . 2002-08-22 15:56 126976 ----a-w- d:\windows\system32\templman.dll
2010-01-11 20:27 . 2002-06-28 08:24 253952 ----a-w- d:\windows\system32\templop.dll
2010-01-04 12:25 . 2010-01-20 20:40 -------- d-----w- d:\program files\Common Files\Ahead
2010-01-03 14:38 . 2010-01-03 14:39 -------- d-----w- d:\program files\Musicnotes
2010-01-03 01:26 . 2010-01-03 01:40 -------- d-----w- d:\program files\Advanced PDF to IMAGE converter
2009-12-28 21:27 . 2009-12-28 21:27 -------- d-----w- d:\program files\Software602

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-25 17:11 . 2010-01-25 17:11 8576 ----a-w- d:\windows\system32\drivers\yxfkfarcdpjo.sys
2010-01-25 16:35 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2010-01-25 08:42 . 2010-01-24 01:53 -------- d-----w- d:\program files\trend micro
2010-01-24 20:15 . 2006-03-02 12:00 484248 ----a-w- d:\windows\system32\perfh005.dat
2010-01-24 20:15 . 2006-03-02 12:00 105776 ----a-w- d:\windows\system32\perfc005.dat
2010-01-24 13:05 . 2010-01-24 13:05 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2010-01-24 03:04 . 2010-01-24 02:20 6176 --sha-w- d:\windows\system32\drivers\fidbox2.dat
2010-01-24 03:02 . 2010-01-24 02:20 92192 --sha-w- d:\windows\system32\drivers\fidbox.dat
2010-01-24 02:46 . 2010-01-24 02:20 2624 --sha-w- d:\windows\system32\drivers\fidbox.idx
2010-01-24 02:46 . 2010-01-24 02:20 2312 --sha-w- d:\windows\system32\drivers\fidbox2.idx
2010-01-21 21:44 . 2009-09-13 08:04 -------- d-----w- d:\program files\Autodesk
2010-01-21 21:33 . 2009-09-11 20:11 -------- d-----w- d:\program files\Common Files\Autodesk Shared
2010-01-07 15:07 . 2010-01-24 13:05 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2010-01-24 13:05 19160 ----a-w- d:\windows\system32\drivers\mbam.sys
2010-01-05 01:30 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2009-12-28 02:02 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-12-27 01:03 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-12-18 21:25 . 2009-10-28 21:07 -------- d-----w- d:\program files\Western Digital
2009-12-18 09:34 . 2009-12-18 09:34 -------- d-----w- d:\program files\Guitar Pro 5
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\PCSuite
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\Nokia
2009-12-16 02:10 . 2009-12-16 02:04 -------- d-----w- d:\program files\Nokia
2009-12-16 02:07 . 2009-12-16 02:06 -------- d-----w- d:\program files\PC Connectivity Solution
2009-12-10 12:03 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-12-10 12:03 . 2009-12-10 12:02 -------- d-----w- d:\program files\Software laserové myši Labtec
2009-12-10 12:02 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-12-10 12:01 . 2009-12-10 12:01 -------- d-----w- d:\program files\Labtec
2009-12-05 22:47 . 2009-12-05 22:47 -------- d-----w- d:\program files\VisualLightBox
2009-12-05 22:41 . 2009-12-05 22:41 -------- d-----w- d:\program files\Microsoft
2009-12-03 18:55 . 2009-12-03 18:55 -------- d-----w- d:\program files\Any DWF to DWG Converter
2009-11-29 08:57 . 2009-11-29 08:56 -------- d-----w- d:\program files\SunnyDesign
2009-11-29 08:55 . 2009-11-29 08:55 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-11-26 09:00 . 2009-11-12 14:06 171552 ----a-w- d:\windows\system32\guard32.dll
2009-11-26 09:00 . 2009-11-12 13:33 133064 ----a-w- d:\windows\system32\drivers\cmdguard.sys
2009-11-24 23:54 . 2009-11-23 01:40 1280480 ----a-w- d:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-23 01:41 93424 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-11-23 01:41 48560 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-23 01:41 23120 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-23 01:41 27408 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-23 01:41 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2006-03-02 12:00 471552 ----a-w- d:\windows\AppPatch\aclayers.dll
2009-11-18 09:00 . 2009-11-12 13:33 87104 ----a-w- d:\windows\system32\drivers\inspect.sys
2009-11-18 09:00 . 2009-11-12 13:33 25160 ----a-w- d:\windows\system32\drivers\cmdhlp.sys
2009-11-12 18:04 . 2009-11-12 13:37 339872 ----a-w- d:\windows\system32\drivers\sfi.dat
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-10-29 05:26 . 2006-03-02 12:00 668160 ------w- d:\windows\system32\wininet.dll
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
.

((((((((((((((((((((((((((((( SnapShot_2010-01-21_07.35.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-25 19:32 . 2010-01-25 19:32 16384 d:\windows\Temp\Perflib_Perfdata_810.dat
+ 2010-01-25 19:32 . 2010-01-25 19:32 16384 d:\windows\Temp\Perflib_Perfdata_778.dat
+ 2009-09-15 18:15 . 2010-01-25 19:04 30276 d:\windows\system32\Restore\rstrlog.dat
+ 2006-03-02 12:00 . 2010-01-24 20:15 92784 d:\windows\system32\perfc009.dat
+ 2010-01-22 22:47 . 2010-01-22 22:47 10134 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\SystemFolder_msiexec.exe
+ 2010-01-22 22:52 . 2010-01-22 22:52 86358 d:\windows\Installer\{C06CE867-0019-4BDD-88C3-CD96F79FCDC7}\controlPanelIcon.exe
+ 2007-01-31 13:33 . 2007-01-31 13:33 5632 d:\windows\system32\drivers\avgarkt.sys
+ 2010-01-22 22:47 . 2010-01-22 22:47 7406 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\PDFill_PDF_Tools.exe
+ 2010-01-22 22:47 . 2010-01-22 22:47 7406 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\controlPanelIcon.exe
+ 2006-03-02 12:00 . 2010-01-24 20:15 493532 d:\windows\system32\perfh009.dat
+ 2002-01-05 05:37 . 2002-01-05 05:37 344064 d:\windows\system32\msvcr70.dll
+ 2002-01-05 05:36 . 2002-01-05 05:36 964608 d:\windows\system32\mfc70u.dll
+ 2009-09-07 21:17 . 2010-01-21 22:16 517744 d:\windows\system32\FNTCACHE.DAT
+ 2005-09-08 16:16 . 2005-09-08 16:16 294912 d:\windows\system32\DynamicTwainCtrl.dll
+ 2010-01-22 22:52 . 2010-01-22 22:52 642048 d:\windows\Installer\16a4731.msi
+ 2010-01-22 22:47 . 2010-01-22 22:47 217088 d:\windows\Installer\16a472d.msi
+ 2008-07-10 15:54 . 2008-07-10 15:54 409168 d:\windows\Downloaded Program Files\MSDcode.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DetectTray"="c:\program files\Genius\TVGo DVB-T02PRO\DetectTray.exe" [2007-09-21 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="d:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2008-03-26 16859136]
"SMSERIAL"="d:\windows\sm56hlpr.exe" [2006-03-21 544768]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ACU"="d:\program files\Atheros\ACU.exe" [2006-07-04 336001]
"ASUS Live Update"="d:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"StatusClient"="d:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="d:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"WD Drive Manager"="d:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2009-05-27 450560]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"COMODO Internet Security"="d:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-11-18 1800464]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NeroFilterCheck"="d:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"InCD"="d:\program files\Nero\Nero 7\InCD\InCD.exe" [2006-07-25 1043968]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Nastavenˇ myçi Labtec.lnk - d:\program files\Software laserov‚ myçi Labtec\MulMouse.exe [2009-12-10 352256]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-5 2057536]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-5 9116480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FLEXnet Licensing Service"=3 (0x3)
"SQLAgent$INVENTORCONTENT"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [23.11.2009 2:41 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [12.11.2009 14:33 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [12.11.2009 14:33 25160]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [23.11.2009 2:41 20560]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [5.11.2009 8:44 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [22.9.2009 23:26 721904]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S3 41011;41011;d:\windows\system32\41011.sys [22.1.2010 11:24 54624]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 ivusb;Initio Driver for USB Default Controller;d:\windows\system32\DRIVERS\ivusb.sys --> d:\windows\system32\DRIVERS\ivusb.sys [?]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S4 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT --> d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT [?]
S4 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe --> d:\flexlm\lmgrd.exe [?]
S4 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-01-17 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]

2010-01-17 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]

2010-01-09 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]

2010-01-25 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]

2010-01-25 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = ;*.local;<local>
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: d:\program files\HTTP Debugger Pro\mfnsp32.dll
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - http:/atlas.centrum.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\RadioWMPCore.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}\library\WINNT-32\MinimizeToTrayPlus.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Common Files\ParallelGraphics\Cortona\npCortona.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npCortona.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: d:\program files\Musicnotes\npmusicn.dll
FF - plugin: d:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-25 20:46
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(856)
d:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(912)
d:\program files\HTTP Debugger Pro\mfnsp32.dll
d:\program files\http debugger pro\mfnhks32.dll
.
Celkový čas: 2010-01-25 20:53:21
ComboFix-quarantined-files.txt 2010-01-25 19:53
ComboFix2.txt 2010-01-25 18:36
ComboFix3.txt 2010-01-24 22:04
ComboFix4.txt 2010-01-24 11:57
ComboFix5.txt 2010-01-25 19:33

Před spuštěním: Volných bajtů: 48 610 947 072
Po spuštění: Volných bajtů: 48 550 477 824

Current=15 Default=15 Failed=14 LastKnownGood=16 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16
- - End Of File - - CFE4CA6BB3FDFC44A5B4CAADDFDDEC91

Spusťte CF ještě jednou tímto skriptem:

Collect::
d:\windows\system32\41011.sys
d:\windows\system32\drivers\yxfkfarcdpjo.sys

Driver::
yxfkfarcdpjo
41011

Tak tohle je report po první opravě... teď jdu na druhou:

ComboFix 10-01-19.03 - Petr 25.01.2010 21:07:59.15.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1919.1217 [GMT 1:00]
Spuštěný z: c:\anti-rooty\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\Petr\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100125-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-12-25 do 2010-01-25 )))))))))))))))))))))))))))))))
.

2010-01-25 17:12 . 2010-01-25 17:12 8576 ----a-w- d:\windows\system32\drivers\yporaormwtcq.sys
2010-01-22 22:51 . 2010-01-22 22:51 -------- d-----w- d:\program files\Common Files\ParallelGraphics
2010-01-22 22:46 . 2010-01-22 22:46 -------- d-----w- d:\program files\PlotSoft
2010-01-22 22:44 . 2010-01-24 03:42 -------- d-----w- d:\program files\HTTP Debugger Pro
2010-01-22 10:24 . 2010-01-22 10:24 54624 ----a-w- d:\windows\system32\41011.sys
2010-01-21 08:18 . 2007-01-18 12:00 3968 ----a-w- d:\windows\system32\drivers\AvgArCln.sys
2010-01-20 22:22 . 2010-01-21 01:24 -------- d-----w- d:\program files\Microsoft WSE
2010-01-20 21:55 . 2002-12-17 15:23 33340 ------w- d:\windows\system32\dbmsqlgc.dll
2010-01-20 21:55 . 2002-10-20 13:05 24576 ------w- d:\windows\system32\dbmsgnet.dll
2010-01-20 21:53 . 2010-01-20 21:53 -------- d-----w- d:\program files\Microsoft SQL Server
2010-01-20 21:08 . 2010-01-20 21:08 -------- d-----w- d:\program files\MSXML 4.0
2010-01-20 20:38 . 2010-01-20 20:38 -------- d-----w- d:\program files\Nero
2010-01-11 20:27 . 2002-08-23 12:37 880694 ----a-w- d:\windows\system32\xaradocg.dll
2010-01-11 20:27 . 2002-06-28 08:24 23552 ----a-w- d:\windows\system32\xfontman.dll
2010-01-11 20:27 . 2002-06-28 08:24 139264 ----a-w- d:\windows\system32\BMPImporter.dll
2010-01-11 20:27 . 2002-08-22 15:56 126976 ----a-w- d:\windows\system32\templman.dll
2010-01-11 20:27 . 2002-06-28 08:24 253952 ----a-w- d:\windows\system32\templop.dll
2010-01-04 12:25 . 2010-01-20 20:40 -------- d-----w- d:\program files\Common Files\Ahead
2010-01-03 14:38 . 2010-01-03 14:39 -------- d-----w- d:\program files\Musicnotes
2010-01-03 01:26 . 2010-01-03 01:40 -------- d-----w- d:\program files\Advanced PDF to IMAGE converter
2009-12-28 21:27 . 2009-12-28 21:27 -------- d-----w- d:\program files\Software602

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-25 17:11 . 2010-01-25 17:11 8576 ----a-w- d:\windows\system32\drivers\yxfkfarcdpjo.sys
2010-01-25 16:35 . 2009-09-07 20:43 -------- d-----w- d:\program files\Mozilla Thunderbird
2010-01-25 08:42 . 2010-01-24 01:53 -------- d-----w- d:\program files\trend micro
2010-01-24 20:15 . 2006-03-02 12:00 484248 ----a-w- d:\windows\system32\perfh005.dat
2010-01-24 20:15 . 2006-03-02 12:00 105776 ----a-w- d:\windows\system32\perfc005.dat
2010-01-24 13:05 . 2010-01-24 13:05 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2010-01-24 03:04 . 2010-01-24 02:20 6176 --sha-w- d:\windows\system32\drivers\fidbox2.dat
2010-01-24 03:02 . 2010-01-24 02:20 92192 --sha-w- d:\windows\system32\drivers\fidbox.dat
2010-01-24 02:46 . 2010-01-24 02:20 2624 --sha-w- d:\windows\system32\drivers\fidbox.idx
2010-01-24 02:46 . 2010-01-24 02:20 2312 --sha-w- d:\windows\system32\drivers\fidbox2.idx
2010-01-21 21:44 . 2009-09-13 08:04 -------- d-----w- d:\program files\Autodesk
2010-01-21 21:33 . 2009-09-11 20:11 -------- d-----w- d:\program files\Common Files\Autodesk Shared
2010-01-07 15:07 . 2010-01-24 13:05 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2010-01-24 13:05 19160 ----a-w- d:\windows\system32\drivers\mbam.sys
2010-01-05 01:30 . 2009-09-11 21:52 -------- d-----w- d:\program files\Defraggler
2009-12-28 02:02 . 2009-09-18 14:17 0 ----a-w- d:\documents and settings\Petr\DATA.DAT
2009-12-27 01:03 . 2009-09-12 22:17 -------- d-----w- d:\program files\Google
2009-12-18 21:25 . 2009-10-28 21:07 -------- d-----w- d:\program files\Western Digital
2009-12-18 09:34 . 2009-12-18 09:34 -------- d-----w- d:\program files\Guitar Pro 5
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-12-16 02:16 . 2009-12-16 02:16 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\PCSuite
2009-12-16 02:10 . 2009-12-16 02:10 -------- d-----w- d:\program files\Common Files\Nokia
2009-12-16 02:10 . 2009-12-16 02:04 -------- d-----w- d:\program files\Nokia
2009-12-16 02:07 . 2009-12-16 02:06 -------- d-----w- d:\program files\PC Connectivity Solution
2009-12-10 12:03 . 2009-09-16 23:16 -------- d-----w- d:\program files\DIFX
2009-12-10 12:03 . 2009-12-10 12:02 -------- d-----w- d:\program files\Software laserové myši Labtec
2009-12-10 12:02 . 2009-09-07 19:40 -------- d--h--w- d:\program files\InstallShield Installation Information
2009-12-10 12:01 . 2009-12-10 12:01 -------- d-----w- d:\program files\Labtec
2009-12-05 22:47 . 2009-12-05 22:47 -------- d-----w- d:\program files\VisualLightBox
2009-12-05 22:41 . 2009-12-05 22:41 -------- d-----w- d:\program files\Microsoft
2009-12-03 18:55 . 2009-12-03 18:55 -------- d-----w- d:\program files\Any DWF to DWG Converter
2009-11-29 08:57 . 2009-11-29 08:56 -------- d-----w- d:\program files\SunnyDesign
2009-11-29 08:55 . 2009-11-29 08:55 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2009-11-26 09:00 . 2009-11-12 14:06 171552 ----a-w- d:\windows\system32\guard32.dll
2009-11-26 09:00 . 2009-11-12 13:33 133064 ----a-w- d:\windows\system32\drivers\cmdguard.sys
2009-11-24 23:54 . 2009-11-23 01:40 1280480 ----a-w- d:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-11-23 01:41 93424 ----a-w- d:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2009-11-23 01:41 48560 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-11-23 01:41 23120 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-11-23 01:41 27408 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-11-23 01:41 97480 ----a-w- d:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2006-03-02 12:00 471552 ----a-w- d:\windows\AppPatch\aclayers.dll
2009-11-18 09:00 . 2009-11-12 13:33 87104 ----a-w- d:\windows\system32\drivers\inspect.sys
2009-11-18 09:00 . 2009-11-12 13:33 25160 ----a-w- d:\windows\system32\drivers\cmdhlp.sys
2009-11-12 18:04 . 2009-11-12 13:37 339872 ----a-w- d:\windows\system32\drivers\sfi.dat
2009-11-12 12:10 . 2009-09-07 20:33 278613 ----a-w- d:\windows\system32\acs.exe
2009-10-29 05:26 . 2006-03-02 12:00 668160 ------w- d:\windows\system32\wininet.dll
2009-09-26 21:38 . 2009-09-26 21:38 0 ----a-w- d:\program files\Common Files\dht342126
.

((((((((((((((((((((((((((((( SnapShot_2010-01-21_07.35.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-25 19:32 . 2010-01-25 19:32 16384 d:\windows\Temp\Perflib_Perfdata_810.dat
+ 2010-01-25 19:32 . 2010-01-25 19:32 16384 d:\windows\Temp\Perflib_Perfdata_778.dat
+ 2009-09-15 18:15 . 2010-01-25 19:04 30276 d:\windows\system32\Restore\rstrlog.dat
+ 2006-03-02 12:00 . 2010-01-24 20:15 92784 d:\windows\system32\perfc009.dat
+ 2010-01-22 22:47 . 2010-01-22 22:47 10134 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\SystemFolder_msiexec.exe
+ 2010-01-22 22:52 . 2010-01-22 22:52 86358 d:\windows\Installer\{C06CE867-0019-4BDD-88C3-CD96F79FCDC7}\controlPanelIcon.exe
+ 2007-01-31 13:33 . 2007-01-31 13:33 5632 d:\windows\system32\drivers\avgarkt.sys
+ 2010-01-22 22:47 . 2010-01-22 22:47 7406 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\PDFill_PDF_Tools.exe
+ 2010-01-22 22:47 . 2010-01-22 22:47 7406 d:\windows\Installer\{D1399216-81B2-457C-A0F7-73B9A2EF6902}\controlPanelIcon.exe
+ 2006-03-02 12:00 . 2010-01-24 20:15 493532 d:\windows\system32\perfh009.dat
+ 2002-01-05 05:37 . 2002-01-05 05:37 344064 d:\windows\system32\msvcr70.dll
+ 2002-01-05 05:36 . 2002-01-05 05:36 964608 d:\windows\system32\mfc70u.dll
+ 2009-09-07 21:17 . 2010-01-21 22:16 517744 d:\windows\system32\FNTCACHE.DAT
+ 2005-09-08 16:16 . 2005-09-08 16:16 294912 d:\windows\system32\DynamicTwainCtrl.dll
+ 2010-01-22 22:52 . 2010-01-22 22:52 642048 d:\windows\Installer\16a4731.msi
+ 2010-01-22 22:47 . 2010-01-22 22:47 217088 d:\windows\Installer\16a472d.msi
+ 2008-07-10 15:54 . 2008-07-10 15:54 409168 d:\windows\Downloaded Program Files\MSDcode.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DetectTray"="c:\program files\Genius\TVGo DVB-T02PRO\DetectTray.exe" [2007-09-21 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="d:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2008-03-26 16859136]
"SMSERIAL"="d:\windows\sm56hlpr.exe" [2006-03-21 544768]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ACU"="d:\program files\Atheros\ACU.exe" [2006-07-04 336001]
"ASUS Live Update"="d:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"StatusClient"="d:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]
"TomcatStartup"="d:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe" [2003-03-31 155648]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"WD Drive Manager"="d:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2009-05-27 450560]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"COMODO Internet Security"="d:\program files\COMODO\COMODO Internet Security\cfp.exe" [2009-11-18 1800464]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NeroFilterCheck"="d:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"InCD"="d:\program files\Nero\Nero 7\InCD\InCD.exe" [2006-07-25 1043968]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - d:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Nastavenˇ myçi Labtec.lnk - d:\program files\Software laserov‚ myçi Labtec\MulMouse.exe [2009-12-10 352256]
WDDMStatus.lnk - d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-5 2057536]
WDSmartWare.lnk - d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-5 9116480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FLEXnet Licensing Service"=3 (0x3)
"SQLAgent$INVENTORCONTENT"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\Program Files\\Hewlett-Packard\\Toolbox2.0\\Javasoft\\JRE\\1.3.1\\bin\\javaw.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Documents and Settings\\Petr\\Data aplikací\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [23.11.2009 2:41 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [12.11.2009 14:33 133064]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [12.11.2009 14:33 25160]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;d:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 20:03 660768]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [23.11.2009 2:41 20560]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;d:\windows\system32\StkCSrv.exe [12.9.2009 14:19 24576]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;d:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [27.5.2009 11:38 102400]
R2 WDDMService;WD SmartWare Drive Manager;d:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [5.11.2009 8:44 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;d:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;d:\windows\system32\drivers\StkCMini.sys [12.9.2009 14:19 1260672]
R3 WDC_SAM;WD SCSI Pass Thru driver;d:\windows\system32\drivers\wdcsam.sys [28.10.2009 22:07 11520]
S0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [22.9.2009 23:26 721904]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.9.2009 13:47 133104]
S3 41011;41011;d:\windows\system32\41011.sys [22.1.2010 11:24 54624]
S3 EC168BDA;TVGo DVB-T02PRO;d:\windows\system32\drivers\EC168BDA.sys [29.10.2009 11:01 67968]
S3 ivusb;Initio Driver for USB Default Controller;d:\windows\system32\DRIVERS\ivusb.sys --> d:\windows\system32\DRIVERS\ivusb.sys [?]
S3 TVICHW32;TVICHW32;d:\windows\system32\drivers\TVICHW32.SYS [20.9.2009 22:43 23600]
S4 MSSQL$INVENTORCONTENT;MSSQL$INVENTORCONTENT;d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT --> d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlservr.exe -sINVENTORCONTENT [?]
S4 SolidWorks SolidNetWork License Manager;SolidWorks SolidNetWork License Manager;d:\flexlm\lmgrd.exe --> d:\flexlm\lmgrd.exe [?]
S4 SQLAgent$INVENTORCONTENT;SQLAgent$INVENTORCONTENT;d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT --> d:\program files\Microsoft SQL Server\MSSQL$INVENTORCONTENT\Binn\sqlagent.EXE -i INVENTORCONTENT [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-01-17 d:\windows\Tasks\Defraggler Volume C Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]

2010-01-17 d:\windows\Tasks\Defraggler Volume D Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]

2010-01-09 d:\windows\Tasks\Defraggler Volume G Task.job
- d:\program files\Defraggler\df.exe [2009-12-02 17:37]

2010-01-25 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]

2010-01-25 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-09-13 12:47]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = ;*.local;<local>
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: d:\program files\HTTP Debugger Pro\mfnsp32.dll
FF - ProfilePath - d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\
FF - prefs.js: browser.startup.homepage - http:/atlas.centrum.cz/
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{8d0e0d0f-9635-4811-ab46-1143a114e762}\components\RadioWMPCore.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\{de1b245c-de57-11da-ba2d-0050c2490048}\library\WINNT-32\MinimizeToTrayPlus.dll
FF - component: d:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\rzshkbnd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - component: d:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: d:\program files\Common Files\ParallelGraphics\Cortona\npCortona.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npCortona.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdjvu.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npfiller.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: d:\program files\Musicnotes\npmusicn.dll
FF - plugin: d:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-25 21:17
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(856)
d:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(912)
d:\program files\HTTP Debugger Pro\mfnsp32.dll
d:\program files\http debugger pro\mfnhks32.dll

- - - - - - - > 'explorer.exe'(892)
d:\windows\system32\msi.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
d:\program files\HTTP Debugger Pro\mfnsp32.dll
d:\program files\http debugger pro\mfnhks32.dll
.
Celkový čas: 2010-01-25 21:22:53
ComboFix-quarantined-files.txt 2010-01-25 20:22
ComboFix2.txt 2010-01-25 19:53
ComboFix3.txt 2010-01-25 18:36
ComboFix4.txt 2010-01-24 22:04
ComboFix5.txt 2010-01-25 20:05
ComboFix6.txt 2010-01-25 19:54

Před spuštěním: Volných bajtů: 48 574 246 912
Po spuštění: Volných bajtů: 48 540 811 264

Current=15 Default=15 Failed=14 LastKnownGood=16 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16
- - End Of File - - BBEA40A61E29D95B994A5340CAE2C37F

Zkuste to ještě jednou, ale v nouz. režimu. Položky nebyly smazány.