VIRY.CZ

Dobrý den,
mám prosbu Avast mi našel ROOTKIT, můžete se mi na to prosím mrknout.
Díky

* Report testu rezidentního štítu avast!
* Tento soubor je generován automaticky
8. 4. 2010 18:48:23 C:\WINDOWS\system32\activedsp.exe [L] Win32:Rootkit-gen [Rtk] (0)
Soubor byl úspěšně přesunut do truhly...
8. 4. 2010 18:56:22 C:\WINDOWS\System32\drivers\efff8c73.sys [L] Win32:RustNT [Rtk] (0)
Nelze soubor přesunout do truhly: Systém nemůže nalézt uvedený soubor

Tady je log z RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Hanka at 2010-04-08 21:19:27
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 44 GB (77%) free of 57 GB
Total RAM: 446 MB (12% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:19:31, on 8.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\KMDEVMONSRV.exe
C:\WINDOWS\system32\KMdevmonx.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Nástroj TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Panasonic\Multi-Function Station\StatusMon.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Hanka\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Hanka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: Google Toolbar Helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Nástroj TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\WINDOWS\TEMP\E_SB8.tmp" /EF "HKCU"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Panasonic Monitor statusu.lnk = C:\Program Files\Panasonic\Multi-Function Station\StatusMon.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: google sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [international] International
O11 - Options group: [searching] Search from the Address bar
O16 - DPF: {6414512b-b978-451d-a0d8-fcfdf33e833c} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0732023418
O17 - HKLM\System\CCS\Services\Tcpip\..\{78ADF170-B552-4DE4-8462-3D981578CC23}: NameServer = 77.87.236.1,77.87.232.17
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: bersk.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Multi-Function Station Device Monitor (KMDevmonSrv) - Unknown owner - C:\WINDOWS\system32\KMDEVMONSRV.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Funkce Auto-Protect aplikace Norton AntiVirus (navapsvc) - Unknown owner - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - C:\WINDOWS\

--
End of file - 12121 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{12864A8E-3B6F-4244-9551-CE6F14A1C6FB}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-08-01 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa58ed58-01dd-4d91-8333-cf10577473f7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-08 279664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{af69de43-7d58-4638-b6fa-ce66b5ad205d}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-04-08 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\PROGRA~1\ICQTOO~1\toolbaru.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-08 279664]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-08-05 344064]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-10-15 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-10-15 688218]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2005-10-15 88203]
"THotkey"=C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe [2005-12-08 352256]
"Tvs"=C:\Program Files\TOSHIBA\Tvs\TvsTray.exe [2005-11-30 73728]
"TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2005-08-03 266240]
"NDSTray.exe"=NDSTray.exe []
"SmoothView"=C:\Program Files\TOSHIBA\Nástroj TOSHIBA Zooming Utility\SmoothView.exe [2005-05-12 118784]
"PadTouch"=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [2005-08-30 1077327]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-08-01 122940]
"SSC_UserPrompt"=C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe [2005-06-08 218712]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2005-05-20 28160]
"MMTray"=C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe [2005-05-03 135168]
"mmtask"=C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe [2005-05-03 53248]
""= []
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
"PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2006-06-15 229376]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2008-04-14 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-11-10 15473664]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-04 69632]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-03-09 2769336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2005-04-12 65536]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2006-06-27 1449984]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-02-16 67128]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-24 68856]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-05-28 95800]
"EPSON Stylus DX7400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE [2007-04-12 182272]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe [2008-10-05 235936]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Panasonic Monitor statusu.lnk - C:\Program Files\Panasonic\Multi-Function Station\StatusMon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="bersk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-08-04 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digiwet.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe"="C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-08 21:16:48 ----D---- C:\Program Files\trend micro
2010-04-08 21:16:45 ----D---- C:\rsit
2010-04-08 17:41:38 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-04-08 17:41:29 ----D---- C:\Program Files\Alwil Software
2010-04-08 17:41:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-04-08 17:23:03 ----A---- C:\WINDOWS\system32\LuResult.txt
2010-04-08 15:16:20 ----D---- C:\WINDOWS\WBEM
2010-04-08 15:14:41 ----HDC---- C:\WINDOWS\ie8
2010-04-08 15:11:51 ----D---- C:\Stahovaci
2010-04-08 15:06:26 ----A---- C:\WINDOWS\system32\wpa.bak
2010-04-08 14:59:58 ----D---- C:\WINDOWS\Prefetch
2010-04-08 14:52:06 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-04-08 14:51:26 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2010-04-08 14:48:58 ----A---- C:\WINDOWS\system32\tsgqec.dll
2010-04-08 14:48:58 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2010-04-08 14:48:58 ----A---- C:\WINDOWS\system32\aaclient.dll
2010-04-08 14:39:34 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-04-08 14:39:34 ----A---- C:\WINDOWS\system32\irclass.dll
2010-04-08 14:39:13 ----RA---- C:\WINDOWS\SET1BF.tmp
2010-04-08 14:39:09 ----RA---- C:\WINDOWS\SET1B3.tmp
2010-04-08 14:39:06 ----RA---- C:\WINDOWS\SET1B2.tmp
2010-04-08 14:23:47 ----A---- C:\WINDOWS\UPGRADE.TXT
2010-04-08 14:23:42 ----D---- C:\WINDOWS\setup.pss
2010-04-08 13:31:19 ----A---- C:\WINDOWS\system32\SET1084.tmp
2010-04-08 13:31:18 ----A---- C:\WINDOWS\system32\SET1069.tmp
2010-04-08 13:31:17 ----A---- C:\WINDOWS\system32\SET105D.tmp
2010-04-08 13:31:15 ----A---- C:\WINDOWS\system32\SET1040.tmp
2010-04-08 13:31:14 ----A---- C:\WINDOWS\system32\SET1032.tmp
2010-04-08 13:31:12 ----D---- C:\WINDOWS\system32\cs-cz
2010-04-08 13:31:12 ----D---- C:\WINDOWS\l2schemas
2010-04-08 13:31:11 ----D---- C:\WINDOWS\system32\cs
2010-04-08 13:31:11 ----D---- C:\WINDOWS\system32\bits
2010-04-08 13:28:33 ----A---- C:\WINDOWS\SET488.tmp
2010-04-08 13:28:31 ----A---- C:\WINDOWS\system32\SET465.tmp
2010-04-08 13:28:31 ----A---- C:\WINDOWS\system32\SET463.tmp
2010-04-08 13:28:30 ----A---- C:\WINDOWS\system32\SET460.tmp
2010-04-08 13:28:30 ----A---- C:\WINDOWS\system32\SET45D.tmp
2010-04-08 13:28:30 ----A---- C:\WINDOWS\system32\SET45B.tmp
2010-04-08 13:28:29 ----A---- C:\WINDOWS\system32\SET458.tmp
2010-04-08 13:28:29 ----A---- C:\WINDOWS\system32\SET453.tmp
2010-04-08 13:28:28 ----A---- C:\WINDOWS\system32\SET44E.tmp
2010-04-08 13:28:28 ----A---- C:\WINDOWS\system32\SET44D.tmp
2010-04-08 13:28:28 ----A---- C:\WINDOWS\system32\SET449.tmp
2010-04-08 13:28:27 ----A---- C:\WINDOWS\system32\SET448.tmp
2010-04-08 13:28:27 ----A---- C:\WINDOWS\system32\SET444.tmp
2010-04-08 13:28:27 ----A---- C:\WINDOWS\system32\SET443.tmp
2010-04-08 13:28:26 ----A---- C:\WINDOWS\system32\SET43C.tmp
2010-04-08 13:28:26 ----A---- C:\WINDOWS\system32\SET43A.tmp
2010-04-08 13:28:25 ----A---- C:\WINDOWS\system32\SET437.tmp
2010-04-08 13:28:25 ----A---- C:\WINDOWS\system32\SET434.tmp
2010-04-08 13:28:25 ----A---- C:\WINDOWS\system32\SET42D.tmp
2010-04-08 13:28:24 ----A---- C:\WINDOWS\system32\SET427.tmp
2010-04-08 13:28:23 ----A---- C:\WINDOWS\system32\SET41F.tmp
2010-04-08 13:28:23 ----A---- C:\WINDOWS\system32\SET41E.tmp
2010-04-08 13:28:23 ----A---- C:\WINDOWS\system32\SET419.tmp
2010-04-08 13:28:22 ----A---- C:\WINDOWS\system32\SET417.tmp
2010-04-08 13:28:22 ----A---- C:\WINDOWS\system32\SET414.tmp
2010-04-08 13:28:22 ----A---- C:\WINDOWS\system32\SET412.tmp
2010-04-08 13:28:21 ----A---- C:\WINDOWS\system32\SET411.tmp
2010-04-08 13:28:21 ----A---- C:\WINDOWS\system32\SET40F.tmp
2010-04-08 13:28:21 ----A---- C:\WINDOWS\system32\SET40C.tmp
2010-04-08 13:28:21 ----A---- C:\WINDOWS\system32\SET40B.tmp
2010-04-08 13:28:20 ----A---- C:\WINDOWS\system32\SET40A.tmp
2010-04-08 13:28:20 ----A---- C:\WINDOWS\system32\SET408.tmp
2010-04-08 13:28:20 ----A---- C:\WINDOWS\system32\SET407.tmp
2010-04-08 13:28:20 ----A---- C:\WINDOWS\system32\SET406.tmp
2010-04-08 13:28:19 ----A---- C:\WINDOWS\system32\SET3FF.tmp
2010-04-08 13:28:18 ----A---- C:\WINDOWS\system32\SET3F0.tmp
2010-04-08 13:28:17 ----A---- C:\WINDOWS\system32\SET3E5.tmp
2010-04-08 13:28:16 ----A---- C:\WINDOWS\system32\SET3D2.tmp
2010-04-08 13:28:16 ----A---- C:\WINDOWS\system32\SET3D1.tmp
2010-04-08 13:28:15 ----A---- C:\WINDOWS\system32\SET3C1.tmp
2010-04-08 13:28:14 ----A---- C:\WINDOWS\system32\SET3BB.tmp
2010-04-08 13:28:14 ----A---- C:\WINDOWS\system32\SET3B6.tmp
2010-04-08 13:28:13 ----A---- C:\WINDOWS\system32\SET3A8.tmp
2010-04-08 13:28:12 ----A---- C:\WINDOWS\system32\SET3A7.tmp
2010-04-08 13:28:12 ----A---- C:\WINDOWS\system32\SET3A6.tmp
2010-04-08 13:28:12 ----A---- C:\WINDOWS\system32\SET3A4.tmp
2010-04-08 13:28:12 ----A---- C:\WINDOWS\system32\SET39E.tmp
2010-04-08 13:28:11 ----A---- C:\WINDOWS\system32\SET395.tmp
2010-04-08 13:28:10 ----A---- C:\WINDOWS\system32\SET391.tmp
2010-04-08 13:28:10 ----A---- C:\WINDOWS\system32\SET38D.tmp
2010-04-08 13:28:09 ----A---- C:\WINDOWS\system32\SET38B.tmp
2010-04-08 13:28:09 ----A---- C:\WINDOWS\system32\SET38A.tmp
2010-04-08 13:28:09 ----A---- C:\WINDOWS\system32\SET388.tmp
2010-04-08 13:28:08 ----A---- C:\WINDOWS\system32\SET382.tmp
2010-04-08 13:28:08 ----A---- C:\WINDOWS\system32\SET37F.tmp
2010-04-08 13:28:07 ----A---- C:\WINDOWS\system32\SET369.tmp
2010-04-08 13:28:06 ----A---- C:\WINDOWS\system32\SET365.tmp
2010-04-08 13:28:06 ----A---- C:\WINDOWS\system32\SET364.tmp
2010-04-08 13:28:06 ----A---- C:\WINDOWS\system32\SET35D.tmp
2010-04-08 13:28:06 ----A---- C:\WINDOWS\system32\SET35B.tmp
2010-04-08 13:28:05 ----A---- C:\WINDOWS\system32\SET359.tmp
2010-04-08 13:28:05 ----A---- C:\WINDOWS\system32\SET355.tmp
2010-04-08 13:28:03 ----A---- C:\WINDOWS\system32\SET33B.tmp
2010-04-08 13:28:03 ----A---- C:\WINDOWS\system32\SET339.tmp
2010-04-08 13:28:03 ----A---- C:\WINDOWS\system32\SET337.tmp
2010-04-08 13:28:02 ----A---- C:\WINDOWS\system32\SET332.tmp
2010-04-08 13:28:02 ----A---- C:\WINDOWS\system32\SET330.tmp
2010-04-08 13:28:02 ----A---- C:\WINDOWS\system32\SET32B.tmp
2010-04-08 13:28:01 ----A---- C:\WINDOWS\system32\SET329.tmp
2010-04-08 13:28:01 ----A---- C:\WINDOWS\system32\SET321.tmp
2010-04-08 13:28:00 ----A---- C:\WINDOWS\system32\SET31E.tmp
2010-04-08 13:28:00 ----A---- C:\WINDOWS\system32\SET31D.tmp
2010-04-08 13:28:00 ----A---- C:\WINDOWS\system32\SET31C.tmp
2010-04-08 13:28:00 ----A---- C:\WINDOWS\system32\SET318.tmp
2010-04-08 13:27:59 ----A---- C:\WINDOWS\system32\SET30D.tmp
2010-04-08 13:27:58 ----A---- C:\WINDOWS\system32\SET306.tmp
2010-04-08 13:27:58 ----A---- C:\WINDOWS\system32\SET305.tmp
2010-04-08 13:27:58 ----A---- C:\WINDOWS\system32\SET303.tmp
2010-04-08 13:27:57 ----A---- C:\WINDOWS\system32\SET2FE.tmp
2010-04-08 13:27:57 ----A---- C:\WINDOWS\system32\SET2FC.tmp
2010-04-08 13:27:57 ----A---- C:\WINDOWS\system32\SET2FA.tmp
2010-04-08 13:27:57 ----A---- C:\WINDOWS\system32\SET2F9.tmp
2010-04-08 13:27:57 ----A---- C:\WINDOWS\system32\SET2F8.tmp
2010-04-08 13:27:57 ----A---- C:\WINDOWS\system32\SET2F6.tmp
2010-04-08 13:27:56 ----A---- C:\WINDOWS\system32\SET2EC.tmp
2010-04-08 13:27:55 ----A---- C:\WINDOWS\system32\SET2E8.tmp
2010-04-08 13:27:55 ----A---- C:\WINDOWS\system32\SET2E4.tmp
2010-04-08 13:27:55 ----A---- C:\WINDOWS\system32\SET2E3.tmp
2010-04-08 13:27:54 ----A---- C:\WINDOWS\system32\SET2E2.tmp
2010-04-08 13:27:54 ----A---- C:\WINDOWS\system32\SET2E0.tmp
2010-04-08 13:27:54 ----A---- C:\WINDOWS\system32\SET2DF.tmp
2010-04-08 13:27:54 ----A---- C:\WINDOWS\system32\SET2DE.tmp
2010-04-08 13:27:54 ----A---- C:\WINDOWS\system32\SET2DD.tmp
2010-04-08 13:27:54 ----A---- C:\WINDOWS\system32\SET2DB.tmp
2010-04-08 13:27:53 ----A---- C:\WINDOWS\system32\SET2D6.tmp
2010-04-08 13:27:53 ----A---- C:\WINDOWS\system32\SET2D5.tmp
2010-04-08 13:27:53 ----A---- C:\WINDOWS\system32\SET2D2.tmp
2010-04-08 13:27:52 ----A---- C:\WINDOWS\system32\SET2CD.tmp
2010-04-08 13:27:52 ----A---- C:\WINDOWS\system32\SET2CA.tmp
2010-04-08 13:27:52 ----A---- C:\WINDOWS\system32\SET2C9.tmp
2010-04-08 13:27:52 ----A---- C:\WINDOWS\system32\SET2C8.tmp
2010-04-08 13:27:51 ----A---- C:\WINDOWS\system32\SET2C6.tmp
2010-04-08 13:27:51 ----A---- C:\WINDOWS\system32\SET2C5.tmp
2010-04-08 13:27:50 ----A---- C:\WINDOWS\system32\SET2BF.tmp
2010-04-08 13:27:50 ----A---- C:\WINDOWS\system32\SET2BB.tmp
2010-04-08 13:27:50 ----A---- C:\WINDOWS\system32\SET2B4.tmp
2010-04-08 13:27:49 ----A---- C:\WINDOWS\system32\SET2B3.tmp
2010-04-08 13:27:49 ----A---- C:\WINDOWS\system32\SET2B0.tmp
2010-04-08 13:27:49 ----A---- C:\WINDOWS\system32\SET2AD.tmp
2010-04-08 13:27:49 ----A---- C:\WINDOWS\system32\SET2AC.tmp
2010-04-08 13:27:48 ----A---- C:\WINDOWS\system32\SET2A9.tmp
2010-04-08 13:27:48 ----A---- C:\WINDOWS\system32\SET2A8.tmp
2010-04-08 13:27:48 ----A---- C:\WINDOWS\system32\SET2A6.tmp
2010-04-08 13:27:47 ----A---- C:\WINDOWS\system32\SET2A3.tmp
2010-04-08 13:27:47 ----A---- C:\WINDOWS\system32\SET2A1.tmp
2010-04-08 13:27:47 ----A---- C:\WINDOWS\system32\SET2A0.tmp
2010-04-08 13:27:47 ----A---- C:\WINDOWS\system32\SET29F.tmp
2010-04-08 13:27:46 ----A---- C:\WINDOWS\system32\SET29A.tmp
2010-04-08 13:27:46 ----A---- C:\WINDOWS\system32\SET299.tmp
2010-04-08 13:27:46 ----A---- C:\WINDOWS\system32\SET298.tmp
2010-04-08 13:27:45 ----A---- C:\WINDOWS\system32\SET293.tmp
2010-04-08 13:27:45 ----A---- C:\WINDOWS\system32\SET290.tmp
2010-04-08 13:27:45 ----A---- C:\WINDOWS\system32\SET28D.tmp
2010-04-08 13:27:44 ----A---- C:\WINDOWS\system32\SET28C.tmp
2010-04-08 13:27:44 ----A---- C:\WINDOWS\system32\SET28B.tmp
2010-04-08 13:27:44 ----A---- C:\WINDOWS\system32\SET289.tmp
2010-04-08 13:27:44 ----A---- C:\WINDOWS\system32\SET288.tmp
2010-04-08 13:27:44 ----A---- C:\WINDOWS\system32\SET287.tmp
2010-04-08 13:27:44 ----A---- C:\WINDOWS\system32\SET285.tmp
2010-04-08 13:27:44 ----A---- C:\WINDOWS\system32\SET284.tmp
2010-04-08 13:27:43 ----A---- C:\WINDOWS\system32\SET283.tmp
2010-04-08 13:27:43 ----A---- C:\WINDOWS\system32\SET282.tmp
2010-04-08 13:27:43 ----A---- C:\WINDOWS\system32\SET281.tmp
2010-04-08 13:27:43 ----A---- C:\WINDOWS\system32\SET27E.tmp
2010-04-08 13:27:43 ----A---- C:\WINDOWS\system32\SET27D.tmp
2010-04-08 13:27:42 ----A---- C:\WINDOWS\system32\SET276.tmp
2010-04-08 13:27:42 ----A---- C:\WINDOWS\system32\SET275.tmp
2010-04-08 13:27:42 ----A---- C:\WINDOWS\system32\SET272.tmp
2010-04-08 13:27:40 ----A---- C:\WINDOWS\system32\SET261.tmp
2010-04-08 13:27:40 ----A---- C:\WINDOWS\system32\SET25D.tmp
2010-04-08 13:27:40 ----A---- C:\WINDOWS\system32\SET25B.tmp
2010-04-08 13:27:40 ----A---- C:\WINDOWS\system32\SET258.tmp
2010-04-08 13:27:40 ----A---- C:\WINDOWS\system32\SET257.tmp
2010-04-08 13:27:39 ----A---- C:\WINDOWS\system32\SET256.tmp
2010-04-08 13:27:39 ----A---- C:\WINDOWS\system32\SET255.tmp
2010-04-08 13:27:38 ----A---- C:\WINDOWS\system32\SET249.tmp
2010-04-08 13:27:38 ----A---- C:\WINDOWS\system32\SET248.tmp
2010-04-08 13:27:38 ----A---- C:\WINDOWS\system32\SET247.tmp
2010-04-08 13:27:38 ----A---- C:\WINDOWS\system32\SET245.tmp
2010-04-08 13:27:37 ----A---- C:\WINDOWS\system32\SET243.tmp
2010-04-08 13:27:37 ----A---- C:\WINDOWS\system32\SET23D.tmp
2010-04-08 13:27:37 ----A---- C:\WINDOWS\system32\SET237.tmp
2010-04-08 13:27:36 ----A---- C:\WINDOWS\system32\SET231.tmp
2010-04-08 13:27:35 ----A---- C:\WINDOWS\system32\SET22F.tmp
2010-04-08 13:27:35 ----A---- C:\WINDOWS\system32\SET22D.tmp
2010-04-08 13:27:35 ----A---- C:\WINDOWS\system32\SET22C.tmp
2010-04-08 13:27:34 ----A---- C:\WINDOWS\system32\SET22B.tmp
2010-04-08 13:27:34 ----A---- C:\WINDOWS\system32\SET225.tmp
2010-04-08 13:27:33 ----A---- C:\WINDOWS\system32\SET21D.tmp
2010-04-08 13:27:33 ----A---- C:\WINDOWS\system32\SET21C.tmp
2010-04-08 13:27:33 ----A---- C:\WINDOWS\system32\SET21B.tmp
2010-04-08 13:27:32 ----A---- C:\WINDOWS\system32\SET215.tmp
2010-04-08 13:27:32 ----A---- C:\WINDOWS\system32\SET214.tmp
2010-04-08 13:27:32 ----A---- C:\WINDOWS\system32\SET210.tmp
2010-04-08 13:27:32 ----A---- C:\WINDOWS\system32\SET20F.tmp
2010-04-08 13:27:32 ----A---- C:\WINDOWS\system32\SET20B.tmp
2010-04-08 13:27:31 ----A---- C:\WINDOWS\system32\SET20A.tmp
2010-04-08 13:27:31 ----A---- C:\WINDOWS\system32\SET207.tmp
2010-04-08 13:27:29 ----A---- C:\WINDOWS\system32\SET206.tmp
2010-04-08 13:27:29 ----A---- C:\WINDOWS\system32\SET205.tmp
2010-04-08 13:27:29 ----A---- C:\WINDOWS\system32\SET204.tmp
2010-04-08 13:27:29 ----A---- C:\WINDOWS\system32\SET203.tmp
2010-04-08 13:27:29 ----A---- C:\WINDOWS\system32\SET201.tmp
2010-04-08 13:27:28 ----A---- C:\WINDOWS\system32\SET1FC.tmp
2010-04-08 13:27:28 ----A---- C:\WINDOWS\system32\SET1F0.tmp
2010-04-08 13:27:27 ----A---- C:\WINDOWS\system32\SET1EC.tmp
2010-04-08 13:27:27 ----A---- C:\WINDOWS\system32\SET1EB.tmp
2010-04-08 13:27:27 ----A---- C:\WINDOWS\system32\SET1EA.tmp
2010-04-08 13:27:27 ----A---- C:\WINDOWS\system32\SET1E9.tmp
2010-04-08 13:27:26 ----A---- C:\WINDOWS\system32\SET1E6.tmp
2010-04-08 13:27:26 ----A---- C:\WINDOWS\system32\SET1E3.tmp
2010-04-08 13:27:26 ----A---- C:\WINDOWS\system32\SET1E2.tmp
2010-04-08 13:27:25 ----A---- C:\WINDOWS\system32\SET1D9.tmp
2010-04-08 13:27:25 ----A---- C:\WINDOWS\system32\SET1D8.tmp
2010-04-08 13:27:25 ----A---- C:\WINDOWS\system32\SET1D5.tmp
2010-04-08 13:27:25 ----A---- C:\WINDOWS\system32\SET1D3.tmp
2010-04-08 13:27:24 ----A---- C:\WINDOWS\system32\SET1D2.tmp
2010-04-08 13:27:24 ----A---- C:\WINDOWS\system32\SET1CB.tmp
2010-04-08 13:27:23 ----A---- C:\WINDOWS\system32\SET1CA.tmp
2010-04-08 13:27:23 ----A---- C:\WINDOWS\system32\SET1C7.tmp
2010-04-08 13:27:23 ----A---- C:\WINDOWS\system32\SET1C3.tmp
2010-04-08 13:27:22 ----A---- C:\WINDOWS\system32\SET1C2.tmp
2010-04-08 13:27:22 ----A---- C:\WINDOWS\system32\SET1BC.tmp
2010-04-08 13:27:21 ----A---- C:\WINDOWS\system32\SET1B6.tmp
2010-04-08 13:27:21 ----A---- C:\WINDOWS\system32\SET1B3.tmp
2010-04-08 13:27:21 ----A---- C:\WINDOWS\system32\SET1B2.tmp
2010-04-08 13:27:21 ----A---- C:\WINDOWS\system32\SET1B1.tmp
2010-04-08 13:27:21 ----A---- C:\WINDOWS\system32\SET1B0.tmp
2010-04-08 13:27:20 ----A---- C:\WINDOWS\system32\SET1AB.tmp
2010-04-08 13:27:20 ----A---- C:\WINDOWS\system32\SET1AA.tmp
2010-04-08 13:27:20 ----A---- C:\WINDOWS\system32\SET1A9.tmp
2010-04-08 13:27:20 ----A---- C:\WINDOWS\system32\SET1A7.tmp
2010-04-08 13:27:19 ----A---- C:\WINDOWS\system32\SET1A6.tmp
2010-04-08 13:27:19 ----A---- C:\WINDOWS\system32\SET1A5.tmp
2010-04-08 13:27:19 ----A---- C:\WINDOWS\system32\SET1A3.tmp
2010-04-08 13:27:18 ----A---- C:\WINDOWS\system32\SET19C.tmp
2010-04-08 13:27:18 ----A---- C:\WINDOWS\system32\SET19B.tmp
2010-04-08 13:27:18 ----A---- C:\WINDOWS\system32\SET199.tmp
2010-04-08 13:27:18 ----A---- C:\WINDOWS\system32\SET196.tmp
2010-04-08 13:27:17 ----A---- C:\WINDOWS\system32\SET195.tmp
2010-04-08 13:27:17 ----A---- C:\WINDOWS\system32\SET194.tmp
2010-04-08 13:27:17 ----A---- C:\WINDOWS\system32\SET193.tmp
2010-04-08 13:27:16 ----A---- C:\WINDOWS\system32\SET18C.tmp
2010-04-08 13:27:16 ----A---- C:\WINDOWS\system32\SET18B.tmp
2010-04-08 13:27:15 ----A---- C:\WINDOWS\system32\SET186.tmp
2010-04-08 13:27:15 ----A---- C:\WINDOWS\system32\SET185.tmp
2010-04-08 13:27:15 ----A---- C:\WINDOWS\system32\SET184.tmp
2010-04-08 13:27:15 ----A---- C:\WINDOWS\system32\SET183.tmp
2010-04-08 13:27:15 ----A---- C:\WINDOWS\system32\SET180.tmp
2010-04-08 13:27:14 ----A---- C:\WINDOWS\system32\SET17F.tmp
2010-04-08 13:27:14 ----A---- C:\WINDOWS\system32\SET17D.tmp
2010-04-08 13:27:14 ----A---- C:\WINDOWS\system32\SET17C.tmp
2010-04-08 13:27:14 ----A---- C:\WINDOWS\system32\SET17B.tmp
2010-04-08 13:27:13 ----A---- C:\WINDOWS\system32\SET178.tmp
2010-04-08 13:27:13 ----A---- C:\WINDOWS\system32\SET177.tmp
2010-04-08 13:27:13 ----A---- C:\WINDOWS\system32\SET176.tmp
2010-04-08 13:27:13 ----A---- C:\WINDOWS\system32\SET171.tmp
2010-04-08 13:27:12 ----A---- C:\WINDOWS\system32\SET16E.tmp
2010-04-08 13:27:12 ----A---- C:\WINDOWS\system32\SET16D.tmp
2010-04-08 13:27:12 ----A---- C:\WINDOWS\system32\SET166.tmp
2010-04-08 13:27:12 ----A---- C:\WINDOWS\system32\SET164.tmp
2010-04-08 13:27:11 ----A---- C:\WINDOWS\system32\SET162.tmp
2010-04-08 13:27:11 ----A---- C:\WINDOWS\system32\SET160.tmp
2010-04-08 13:27:11 ----A---- C:\WINDOWS\system32\SET15F.tmp
2010-04-08 13:27:10 ----D---- C:\WINDOWS\network diagnostic
2010-04-08 13:27:10 ----A---- C:\WINDOWS\system32\SET15B.tmp
2010-04-08 13:26:03 ----A---- C:\WINDOWS\002768_.tmp
2010-04-08 13:24:10 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-04-08 13:23:16 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-04-08 13:22:56 ----D---- C:\WINDOWS\EHome
2010-04-07 23:02:17 ----D---- C:\ZALOHA
2010-04-07 21:46:56 ----D---- C:\Program Files\ESET
2010-04-07 21:44:06 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2010-04-08 21:16:48 ----RD---- C:\Program Files
2010-04-08 20:44:42 ----D---- C:\WINDOWS\system32
2010-04-08 20:26:40 ----D---- C:\WINDOWS\system32\drivers
2010-04-08 19:03:15 ----D---- C:\WINDOWS\Temp
2010-04-08 18:50:04 ----D---- C:\WINDOWS\system32\Lang
2010-04-08 18:48:23 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-08 18:46:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-08 18:46:01 ----D---- C:\WINDOWS\system32\Restore
2010-04-08 17:41:53 ----SHD---- C:\WINDOWS\Installer
2010-04-08 17:41:53 ----D---- C:\WINDOWS\WinSxS
2010-04-08 17:36:39 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-04-08 17:36:32 ----SD---- C:\WINDOWS\Tasks
2010-04-08 17:36:28 ----D---- C:\WINDOWS
2010-04-08 17:33:55 ----D---- C:\Program Files\Common Files
2010-04-08 17:30:49 ----HD---- C:\WINDOWS\inf
2010-04-08 17:30:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2010-04-08 17:18:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-08 17:18:32 ----D---- C:\WINDOWS\Help
2010-04-08 16:35:38 ----D---- C:\WINDOWS\system32\Setup
2010-04-08 16:35:24 ----D---- C:\WINDOWS\system32\usmt
2010-04-08 16:35:08 ----D---- C:\WINDOWS\AppPatch
2010-04-08 16:35:03 ----D---- C:\WINDOWS\ime
2010-04-08 16:34:39 ----D---- C:\WINDOWS\PeerNet
2010-04-08 16:34:19 ----D---- C:\WINDOWS\system32\npp
2010-04-08 16:34:08 ----D---- C:\WINDOWS\msagent
2010-04-08 16:29:52 ----D---- C:\WINDOWS\system32\1029
2010-04-08 16:29:15 ----D---- C:\WINDOWS\twain_32
2010-04-08 16:28:14 ----D---- C:\WINDOWS\system32\icsxml
2010-04-08 16:27:24 ----D---- C:\WINDOWS\system32\1033
2010-04-08 16:25:47 ----D---- C:\WINDOWS\Driver Cache
2010-04-08 15:18:37 ----D---- C:\Program Files\Internet Explorer
2010-04-08 15:16:25 ----D---- C:\WINDOWS\system32\config
2010-04-08 15:16:12 ----D---- C:\WINDOWS\Media
2010-04-08 15:08:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-08 15:07:17 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-04-08 15:06:32 ----A---- C:\WINDOWS\setuplog.txt
2010-04-08 15:06:01 ----D---- C:\Program Files\Google
2010-04-08 15:03:56 ----SD---- C:\Documents and Settings\Hanka\Data aplikací\Microsoft
2010-04-08 15:03:35 ----D---- C:\WINDOWS\Registration
2010-04-08 15:03:21 ----A---- C:\WINDOWS\OEWABLog.txt
2010-04-08 15:00:04 ----SHD---- C:\System Volume Information
2010-04-08 14:58:23 ----A---- C:\WINDOWS\imsins.BAK
2010-04-08 14:54:04 ----D---- C:\Program Files\Windows Media Player
2010-04-08 14:53:14 ----A---- C:\WINDOWS\ODBCINST.INI
2010-04-08 14:52:40 ----D---- C:\WINDOWS\system32\ias
2010-04-08 14:52:09 ----RD---- C:\WINDOWS\Web
2010-04-08 14:51:59 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-04-08 14:51:44 ----A---- C:\WINDOWS\win.ini
2010-04-08 14:51:36 ----D---- C:\WINDOWS\srchasst
2010-04-08 14:51:26 ----D---- C:\Program Files\Movie Maker
2010-04-08 14:51:21 ----D---- C:\WINDOWS\system32\oobe
2010-04-08 14:51:12 ----D---- C:\Program Files\NetMeeting
2010-04-08 14:51:09 ----D---- C:\Program Files\Outlook Express
2010-04-08 14:51:09 ----D---- C:\Program Files\Common Files\System
2010-04-08 14:50:40 ----D---- C:\WINDOWS\system32\Com
2010-04-08 14:49:01 ----D---- C:\Program Files\Windows NT
2010-04-08 14:48:50 ----D---- C:\WINDOWS\system32\wbem
2010-04-08 14:47:34 ----SH---- C:\boot.ini
2010-04-08 14:43:16 ----D---- C:\WINDOWS\oemdrv
2010-04-08 14:41:12 ----D---- C:\WINDOWS\security
2010-04-08 14:41:04 ----D---- C:\WINDOWS\system
2010-04-08 14:41:04 ----A---- C:\WINDOWS\system32\OEMINFO.INI
2010-04-08 14:40:54 ----A---- C:\WINDOWS\system.ini
2010-04-08 14:40:33 ----RSD---- C:\WINDOWS\Fonts
2010-04-08 14:40:27 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-08 14:39:17 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2010-04-08 13:39:38 ----D---- C:\Program Files\Messenger
2010-04-08 13:31:44 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-04-08 13:25:59 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-04-07 23:11:00 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-07 22:08:34 ----D---- C:\Program Files\ICQToolbar
2010-04-07 21:44:42 ----D---- C:\Documents and Settings\Hanka\Data aplikací\Mozilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\aavmker4.sys [2010-03-09 28880]
R1 aswsp;aswSP; C:\WINDOWS\system32\drivers\aswsp.sys [2010-03-09 162640]
R1 aswtdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswtdi.sys [2010-03-09 46672]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-07-07 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-07-07 22684]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswfsblk;aswFsBlk; C:\WINDOWS\system32\drivers\aswfsblk.sys [2010-03-09 19024]
R2 aswmon2;aswMon2; C:\WINDOWS\system32\drivers\aswmon2.sys [2010-03-09 100432]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-08-01 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-08-01 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-08-01 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-08-01 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-08-01 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-08-01 87004]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-08-01 92700]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-07-07 40544]
R2 KMsmfpi;KMSMFPI; \??\C:\WINDOWS\System32\Drivers\KMSMFPI.sys []
R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-11-15 1122656]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswrdr;aswRdr; C:\WINDOWS\system32\drivers\aswrdr.sys [2010-03-09 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-04 1273344]
R3 bridgemp;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-14 71552]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-11-11 4064256]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]
R3 l8042kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2005-05-20 13056]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-15 185728]
R3 TVALD;Toshiba Mobile PC Service; C:\WINDOWS\system32\DRIVERS\NBSMI.sys [2005-10-20 6144]
R3 Tvs;TOSHIBA Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2005-11-30 43392]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S2 VECP;VECP; \??\C:\WINDOWS\System32\Drivers\VECP.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-09-12 468736]
S3 bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-14 71552]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 LHidKE;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2005-05-20 25600]
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2005-05-20 36480]
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2005-05-20 68352]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]
S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2006-05-29 13312]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS []
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-05-01 61600]
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys [2006-05-01 9360]
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys [2006-05-01 97184]
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys [2006-05-01 88688]
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS); C:\WINDOWS\system32\DRIVERS\se2End5.sys [2006-05-01 18704]
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys [2006-05-01 86560]
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM); C:\WINDOWS\system32\DRIVERS\se2Eunic.sys [2006-05-01 90800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-04 380928]
R2 avast! antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-18 40960]
R2 KMDevmonSrv;Multi-Function Station Device Monitor; C:\WINDOWS\system32\KMDEVMONSRV.exe [2001-10-07 24576]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-07-24 53248]
R2 SymWSC;SymWMI Service; C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe [2004-08-05 308352]
R2 TAPPSRV;TOSHIBA Application Service; C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe [2005-08-10 35328]
R3 avast! mail scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R3 avast! web scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R3 ServiceLayer;ServiceLayer; C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-08 135664]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-30 182768]
S3 navapsvc;Funkce Auto-Protect aplikace Norton AntiVirus; C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe []
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 UMWdf;Sada ovladačů pro uživatelský režim systému Windows; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]

-----------------EOF-----------------

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Tady je:
ComboFix 10-04-07.04 - Hanka 08.04.2010 21:45:21.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.446.106 [GMT 2:00]
Spuštěný z: c:\documents and settings\Hanka\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system\oeminfo.ini
c:\windows\system32\_003137_.tmp.dll
c:\windows\system32\_003138_.tmp.dll
c:\windows\system32\_003139_.tmp.dll
c:\windows\system32\_003140_.tmp.dll
c:\windows\system32\_003147_.tmp.dll
c:\windows\system32\_003148_.tmp.dll
c:\windows\system32\_003149_.tmp.dll
c:\windows\system32\_003150_.tmp.dll
c:\windows\system32\_003152_.tmp.dll
c:\windows\system32\_003153_.tmp.dll
c:\windows\system32\_003156_.tmp.dll
c:\windows\system32\_003157_.tmp.dll
c:\windows\system32\_003159_.tmp.dll
c:\windows\system32\_003160_.tmp.dll
c:\windows\system32\_003161_.tmp.dll
c:\windows\system32\_003163_.tmp.dll
c:\windows\system32\_003166_.tmp.dll
c:\windows\system32\_003167_.tmp.dll
c:\windows\system32\_003171_.tmp.dll
c:\windows\system32\_003172_.tmp.dll
c:\windows\system32\_003174_.tmp.dll
c:\windows\system32\_003177_.tmp.dll
c:\windows\system32\_003179_.tmp.dll
c:\windows\system32\_003180_.tmp.dll
c:\windows\system32\_003181_.tmp.dll
c:\windows\system32\_003182_.tmp.dll
c:\windows\system32\_003183_.tmp.dll
c:\windows\system32\_003186_.tmp.dll
c:\windows\system32\_003187_.tmp.dll
c:\windows\system32\_003188_.tmp.dll
c:\windows\system32\_003189_.tmp.dll
c:\windows\system32\_003190_.tmp.dll
c:\windows\system32\_003195_.tmp.dll
c:\windows\system32\3897494076.dat
c:\windows\system32\drivers\efff8c73.sys
c:\windows\system32\sft.res
c:\windows\wiaservim.log

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_efff8c73


((((((((((((((((((((((((( Soubory vytvořené od 2010-03-08 do 2010-04-08 )))))))))))))))))))))))))))))))
.

2010-04-08 19:16 . 2010-04-08 19:19 -------- d-----w- c:\program files\trend micro
2010-04-08 19:16 . 2010-04-08 19:17 -------- d-----w- C:\rsit
2010-04-08 15:42 . 2010-03-09 10:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-08 15:42 . 2010-03-09 10:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-04-08 15:42 . 2010-03-09 10:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-04-08 15:42 . 2010-03-09 10:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-04-08 15:42 . 2010-03-09 10:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-04-08 15:42 . 2010-03-09 10:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-04-08 15:42 . 2010-03-09 10:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-04-08 15:41 . 2010-03-09 10:24 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-08 15:41 . 2010-03-09 10:24 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-04-08 15:41 . 2010-04-08 15:41 -------- d-----w- c:\program files\Alwil Software
2010-04-08 13:23 . 2010-04-08 13:23 -------- d-sh--w- c:\documents and settings\Hanka\IECompatCache
2010-04-08 13:23 . 2010-04-08 13:23 -------- d-sh--w- c:\documents and settings\Hanka\PrivacIE
2010-04-08 13:19 . 2010-04-08 13:19 -------- d-sh--w- c:\documents and settings\Hanka\IETldCache
2010-04-08 13:19 . 2010-04-08 13:19 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-04-08 13:14 . 2010-04-08 13:15 -------- dc-h--w- c:\windows\ie8
2010-04-08 13:11 . 2010-04-08 15:40 -------- d-----w- C:\Stahovaci
2010-04-08 12:55 . 2008-04-14 12:00 119808 -c--a-w- c:\windows\system32\dllcache\mtstocom.exe
2010-04-08 12:54 . 2008-04-14 12:00 18944 -c--a-w- c:\windows\system32\dllcache\cprofile.exe
2010-04-08 12:51 . 2008-04-14 12:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2010-04-08 12:51 . 2008-04-14 12:00 7168 -c--a-w- c:\windows\system32\dllcache\bitsprx4.dll
2010-04-08 12:51 . 2008-04-14 12:00 7168 ----a-w- c:\windows\system32\bitsprx4.dll
2010-04-08 12:48 . 2008-04-14 12:00 53248 -c--a-w- c:\windows\system32\dllcache\tsgqec.dll
2010-04-08 12:48 . 2008-04-14 12:00 53248 ----a-w- c:\windows\system32\tsgqec.dll
2010-04-08 12:48 . 2008-04-14 12:00 290304 -c--a-w- c:\windows\system32\dllcache\rhttpaa.dll
2010-04-08 12:48 . 2008-04-14 12:00 290304 ----a-w- c:\windows\system32\rhttpaa.dll
2010-04-08 12:48 . 2008-04-14 12:00 136192 -c--a-w- c:\windows\system32\dllcache\aaclient.dll
2010-04-08 12:48 . 2008-04-14 12:00 136192 ----a-w- c:\windows\system32\aaclient.dll
2010-04-08 12:40 . 2008-04-14 12:00 97792 -c--a-w- c:\windows\system32\dllcache\chtmbx.dll
2010-04-08 12:40 . 2008-04-14 12:00 56320 -c--a-w- c:\windows\system32\dllcache\chtskdic.dll
2010-04-08 12:40 . 2008-04-14 12:00 480256 -c--a-w- c:\windows\system32\dllcache\cintsetp.exe
2010-04-08 12:40 . 2008-04-14 12:00 455168 -c--a-w- c:\windows\system32\dllcache\tintsetp.exe
2010-04-08 12:40 . 2008-04-14 12:00 44032 -c--a-w- c:\windows\system32\dllcache\tintlphr.exe
2010-04-08 12:40 . 2008-04-14 12:00 198656 -c--a-w- c:\windows\system32\dllcache\cintime.dll
2010-04-08 12:40 . 2008-04-14 12:00 173568 -c--a-w- c:\windows\system32\dllcache\chtskf.dll
2010-04-08 12:40 . 2008-04-14 12:00 10240 -c--a-w- c:\windows\system32\dllcache\tmigrate.dll
2010-04-08 12:40 . 2008-04-14 12:00 70144 -c--a-w- c:\windows\system32\dllcache\pintlphr.exe
2010-04-08 12:40 . 2008-04-14 12:00 67584 -c--a-w- c:\windows\system32\dllcache\pmigrate.dll
2010-04-08 12:40 . 2008-04-14 12:00 59392 -c--a-w- c:\windows\system32\dllcache\imscinst.exe
2010-04-08 12:39 . 2008-04-14 12:00 10096640 -c--a-w- c:\windows\system32\dllcache\hwxcht.dll
2010-04-08 12:39 . 2008-04-14 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2010-04-08 12:39 . 2008-04-14 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2010-04-08 12:39 . 2008-04-14 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2010-04-08 12:39 . 2008-04-14 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2010-04-08 11:31 . 2010-04-08 14:35 -------- d-----w- c:\windows\l2schemas
2010-04-08 11:31 . 2010-04-08 13:18 -------- d-----w- c:\windows\system32\cs-cz
2010-04-08 11:31 . 2010-04-08 14:34 -------- d-----w- c:\windows\system32\cs
2010-04-08 11:31 . 2010-04-08 11:33 -------- d-----w- c:\windows\system32\bits
2010-04-08 11:24 . 2008-04-14 12:00 409088 -c--a-w- c:\windows\system32\dllcache\qmgr.dll
2010-04-08 11:24 . 2008-04-14 12:00 409088 ----a-w- c:\windows\system32\qmgr.dll
2010-04-08 11:24 . 2008-04-14 12:00 129792 -c--a-w- c:\windows\system32\dllcache\fltmgr.sys
2010-04-08 11:24 . 2008-04-14 12:00 129792 ----a-w- c:\windows\system32\drivers\fltMgr.sys
2010-04-08 11:22 . 2010-04-08 11:22 -------- d-----w- c:\windows\EHome
2010-04-07 21:02 . 2010-04-07 21:13 -------- d-----w- C:\ZALOHA
2010-04-07 19:44 . 2010-04-07 19:44 0 ----a-w- c:\windows\nsreg.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-08 15:36 . 2005-12-20 08:22 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-04-08 13:08 . 2005-12-19 13:06 63084 ----a-w- c:\windows\system32\perfc005.dat
2010-04-08 13:08 . 2005-12-19 13:06 381180 ----a-w- c:\windows\system32\perfh005.dat
2010-04-08 13:06 . 2007-06-18 18:15 -------- d-----w- c:\program files\Google
2010-04-08 12:50 . 2005-12-19 13:18 23640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-04-07 20:08 . 2008-07-12 20:56 -------- d-----w- c:\program files\ICQToolbar
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-12 65536]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-02-16 67128]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-24 68856]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-05-28 95800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 344064]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-10-14 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-10-14 688218]
"AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 88203]
"THotkey"="c:\program files\Toshiba\Toshiba Applet\thotkey.exe" [2005-12-08 352256]
"Tvs"="c:\program files\TOSHIBA\Tvs\TvsTray.exe" [2005-11-30 73728]
"TPSMain"="TPSMain.exe" [2005-08-03 266240]
"NDSTray.exe"="NDSTray.exe" [BU]
"SmoothView"="c:\program files\TOSHIBA\Nástroj TOSHIBA Zooming Utility\SmoothView.exe" [2005-05-12 118784]
"PadTouch"="c:\program files\TOSHIBA\Touch and Launch\PadExe.exe" [2005-08-30 1077327]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-08-01 122940]
"SSC_UserPrompt"="c:\program files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe" [2005-06-08 218712]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 28160]
"MMTray"="c:\program files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2005-05-03 135168]
"mmtask"="c:\program files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2005-05-03 53248]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"RTHDCPL"="RTHDCPL.EXE" [2005-11-10 15473664]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-2-16 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2006-6-10 450560]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Panasonic Monitor statusu.lnk - c:\program files\Panasonic\Multi-Function Station\StatusMon.exe [2007-4-16 303104]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\TOSHIBA\\ConfigFree\\CFXFER.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R1 aswsp;aswSP;c:\windows\system32\drivers\aswSP.sys [8.4.2010 17:42 162640]
R2 aswfsblk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8.4.2010 17:42 19024]
R2 KMDevmonSrv;Multi-Function Station Device Monitor;c:\windows\system32\KMDEVMONSRV.exe [16.4.2007 13:00 24576]
R2 KMsmfpi;KMSMFPI;c:\windows\system32\drivers\KMsmfpi.sys [16.4.2007 13:00 21536]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8.4.2010 15:06 135664]
S2 VECP;VECP;c:\windows\system32\drivers\VECP.SYS [16.4.2007 13:00 40800]
.
Obsah adresáře 'Naplánované úlohy'

2010-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-08 13:06]

2010-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-08 13:06]

2010-04-08 c:\windows\Tasks\User_Feed_Synchronization-{12864A8E-3B6F-4244-9551-CE6F14A1C6FB}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: google sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: {78ADF170-B552-4DE4-8462-3D981578CC23} = 77.87.236.1,77.87.232.17
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Hanka\Data aplikací\Mozilla\Firefox\Profiles\tcsli1rz.default\
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre1.5.0_04\bin\NPJPI150_04.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-08 21:54
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-747644523-386269518-2239312351-1006\RemoteAccess\Profile\x *]
"EnableAutodisconnect"=dword:00000001
"EnableExitDisconnect"=dword:00000001
"DisconnectIdleTime"=dword:00000014
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(640)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3264)
c:\windows\system32\SynTPFcs.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\TPwrCfg.DLL
c:\windows\system32\TPwrReg.dll
c:\windows\system32\TPSTrace.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\KMdevmonx.exe
c:\program files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
c:\program files\Common Files\Symantec Shared\Security Center\SymWSC.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\AGRSMMSG.exe
c:\program files\TOSHIBA\ConfigFree\NDSTray.exe
c:\windows\system32\TPSBattM.exe
c:\progra~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
c:\program files\Common Files\Teleca Shared\CapabilityManager.exe
c:\windows\RTHDCPL.EXE
c:\program files\Common Files\PCSuite\Services\ServiceLayer.exe
c:\progra~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
c:\program files\Common Files\Logitech\KHAL\KHALMNPR.EXE
c:\program files\Common Files\Teleca Shared\Generic.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Celkový čas: 2010-04-08 21:58:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-08 19:58

Před spuštěním: Volných bajtů: 46 021 144 576
Po spuštění: Volných bajtů: 46 294 212 608

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - FCCAE28C4A2AB41790142BCD6AC0B433

Pod ostatní výmazy najdete smazané položky. Zbytek logu vypadá čistý.

Ještě jsem zjistil, že přestal fungovat windows update. Dává to nějakou chybu 0x8024D007 a nechce se to aktualizovat.
Restartuji to a nechám projet nějaké skeny. Uvidím co bude.
Určitě to nechám ale až na zítra.
Díky za pomoc.

Nemáte zač. V případě potřeby se ozvěte.