reštartovanie PC + mrznutie PC - podozrenie na vírus

[stell]

Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do nehocelý tex:

Kód: Vybrat vše

KILLALL::
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
"TomTomHOME.exe"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=-
"NvCplDaemon"=-
"WinSys2"=-
"NvMediaCenter"=-
"NeroFilterCheck"=-
"TkBellExe"=-
"RemoteControl"=-
"SSBkgdUpdate"=-
"Acrobat Assistant 7.0"=-
"SunJavaUpdateSched"=-
"Adobe Reader Speed Launcher"=-
"UpdateReminder"=-
Driver::
17135817
DDS::
uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT2776682
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
Extra::
FireFox::
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\j2hd1ofy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.as ... 1098640&q=
FF - Ext: Skinner: support@fbskinner.com - %profile%\extensions\support@fbskinner.com
FF - Ext: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - %profile%\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
ClearJavaCache::

Potom klik na Subor -> Uložiť ako.. .-> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *]všetky súbory
A ulož ho na plochu> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :


Po skonceni skenu vlož log

[patricia11]

ako má vypnúť firewall????

[stell]

no nijako, pretoze ty nemas firewall
pokracuj.

[patricia11]

Combofix mi reštartoval PC, nemám ho už v núdzovom režime.
Tu je log


ComboFix 12-07-16.01 - Administrator 16.07.2012 22:06:11.1.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1022.578 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
AV: Eset NOD32 Antivirus 2.70 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_17135817
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-16 do 2012-07-16 )))))))))))))))))))))))))))))))
.
.
2012-07-16 18:02 . 2012-07-16 18:02 14080 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2012-07-16 17:55 . 2001-03-13 13:49 140288 ----a-w- c:\windows\system32\Comdlg32.ocx
2012-07-16 17:55 . 2010-09-02 12:25 180736 ----a-w- c:\windows\system32\avaxgrph.dll
2012-07-16 17:55 . 1999-09-30 12:29 61440 ----a-w- c:\windows\system32\gvlib32.dll
2012-07-16 17:55 . 2000-08-04 12:24 397312 ----a-w- c:\windows\system32\avImageX.dll
2012-07-16 17:55 . 2000-07-13 16:07 1830912 ----a-w- c:\windows\system32\ODX.dll
2012-07-16 17:54 . 2012-07-16 17:57 -------- d-----w- c:\program files\Avax Vector ActiveX R1
2012-07-16 13:56 . 2012-07-16 18:13 -------- d-----w- c:\program files\trend micro
2012-07-16 13:56 . 2012-07-16 13:57 -------- d-----w- C:\rsit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-04-20 385024]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-04 16206848]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-03-31 949376]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 563984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 2178832]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [BU]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-03-07 8425472]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Acrobat Speed Launcher.lnk - [N/A]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-11-7 66864]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Administrator\\Plocha\\NetTester.exe"=
"c:\\Program Files\\Boiling Point - Cesta do pekel\\XENUS.EXE"=
"c:\\Program Files\\Red Storm Entertainment\\Ghost Recon\\GhostRecon.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [8.9.2010 17:59 436792]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [31.3.2008 18:32 15424]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27.1.2010 4:09 50704]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [24.6.2010 16:41 92008]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [19.7.2009 9:18 47360]
S2 gupdate1c9bf4da32aed3a;Služba Google Update (gupdate1c9bf4da32aed3a);c:\program files\Google\Update\GoogleUpdate.exe [17.4.2009 13:14 133104]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [17.4.2009 13:14 133104]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-17 11:13]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-17 11:13]
.
2012-07-16 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2011-07-18 20:18]
.
.
------- Doplňkový sken -------
.
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
LSP: c:\windows\system32\imon.dll
TCP: DhcpNameServer = 217.75.72.11
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\j2hd1ofy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Skinner: support@fbskinner.com - %profile%\extensions\support@fbskinner.com
FF - Ext: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - %profile%\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-16 22:14
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(776)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
- - - - - - - > 'explorer.exe'(8112)
c:\program files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll
c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\NeroSearchTrayHook.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO800u.dll
c:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\RTHDCPL.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Eset\nod32krn.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Celkový čas: 2012-07-16 22:17:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-16 20:17
ComboFix2.txt 2012-07-16 19:18
.
Před spuštěním: Volných bajtů: 170 899 836 928
Po spuštění: Volných bajtů: 170 875 817 984
.
- - End Of File - - F12423C88F6A1C8F4F602061ACD68222

[stell]

ok,
stiahni na plochu OTM
Podla navodu
http://forum.viry.cz/viewtopic.php?f=11 ... 05#p572105
do laveho okna vloz tento script;
a Klikni na gombik MOVEIT>>log po restarte vloz sem, yes,yes,

Kód: Vybrat vše

:files
autorun.inf /alldrives
autorun.exe /alldrives 
recycler /alldrives
ipconfig /flushdns /c

:Commands
[emptytemp]
[resethosts]
[CreateRestorePoint] 
[emptyflash]
[Reboot]

[patricia11]

All processes killed
========== FILES ==========
autorun.inf not found in C:\
autorun.exe not found in C:\
recycler not found in C:\
< ipconfig /flushdns /c >
Konfigurace protokolu IP systému Windows
Mezipaměť překládání DNS byla úspěšně vyprázdněna.
C:\Documents and Settings\Administrator\Plocha\cmd.bat deleted successfully.
C:\Documents and Settings\Administrator\Plocha\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 18464446 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 61063564 bytes
->Google Chrome cache emptied: 8061304 bytes
->Flash cache emptied: 1969229 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes

User: Patrícia
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 22804 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 88,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTM Restore Point (0)

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Patrícia

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.19.0 log created on 07162012_223210

Files moved on Reboot...

Registry entries deleted on Reboot...

[stell]

1:ok, este spustis ESET online scanner, log po skane vloz sem,
http://www.eset.cz/cz/domacnosti/produk ... e-scanner/

2:Po skene spust prikazovy riadok a napis tento prikaz
chkdsk /f/r
Enter.
Suhlasis, yes, ano, restart, a nechas aby chkdsk skontroloval Harddisk.

Napis ci su este problemy, dnes koncim, zajtra pokracujeme.

[patricia11]

Takže urobila som všetky kroky, tak ako ste mi napísali.......
tu je log z RSIT po skene


Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2012-07-17 08:30:06
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 163 GB (53%) free of 305 GB
Total RAM: 1022 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:30:13, on 17.7.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\JMRaidTool.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint - Náhled - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Přidat na seznam k tisku - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint - Tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Vysokorychlostní tisk - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Služba Google Update (gupdate1c9bf4da32aed3a) (gupdate1c9bf4da32aed3a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 10000 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\WGASetup.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\j2hd1ofy.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.sk"
prefs.js - "extensions.enabledItems" - "{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, jqs@sun.com:1.0, support@fbskinner.com:1.0, {ecdee021-0d17-467f-a1ff-c7a115230949}:2.5.6.0, engine@conduit.com:3.3.3.2, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8312, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.27"

"searchpredict@speedbit.com"=C:\Program Files\SearchPredict\PRFireFox
"{0329E7D6-6F54-462D-93F6-F5C3118BADF2}"=C:\Program Files\SpeedBit Video Downloader\SPFireFox
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2629]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739]
"Description"=6.0.12.1739
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
npdevalvr.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npdeploytk.dll
npdevalvr.dll
npnul32.dll
nppdf32.DEU
nppdf32.dll
nppdf32.FRA

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\j2hd1ofy.default\extensions\
engine@conduit.com
support@fbskinner.com
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
{ecdee021-0d17-467f-a1ff-c7a115230949}

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\j2hd1ofy.default\searchplugins\
askcom.xml
conduit.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-33.xml
icqplugin-34.xml
icqplugin-35.xml
icqplugin-36.xml
icqplugin-37.xml
icqplugin-38.xml
icqplugin-39.xml
icqplugin-4.xml
icqplugin-40.xml
icqplugin-41.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.gif
icqplugin.src
icqplugin.xml
winamp-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-09-21 3853984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-21 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-07-21 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-06-09 552960]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X Configure"=C:\WINDOWS\system32\JMRaidTool.exe [2006-04-20 385024]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-05-04 16206848]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2008-03-31 949376]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-10-25 563984]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe [2007-10-25 2178832]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-03-07 8425472]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Acrobat Speed Launcher.lnk -
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Administrator\Plocha\NetTester.exe"="C:\Documents and Settings\Administrator\Plocha\NetTester.exe:*:Enabled:NetTester"
"C:\Program Files\Boiling Point - Cesta do pekel\XENUS.EXE"="C:\Program Files\Boiling Point - Cesta do pekel\XENUS.EXE:*:Disabled:XENUS"
"C:\Program Files\Red Storm Entertainment\Ghost Recon\GhostRecon.exe"="C:\Program Files\Red Storm Entertainment\Ghost Recon\GhostRecon.exe:*:Disabled:GhostRecon"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=lvcodec2.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-07-16 22:32:35 ----SHD---- C:\RECYCLER
2012-07-16 22:32:10 ----D---- C:\_OTM
2012-07-16 22:17:13 ----A---- C:\ComboFix.txt
2012-07-16 22:12:29 ----D---- C:\WINDOWS\temp
2012-07-16 21:08:39 ----A---- C:\Boot.bak
2012-07-16 21:08:34 ----RASHD---- C:\cmdcons
2012-07-16 21:06:36 ----A---- C:\WINDOWS\zip.exe
2012-07-16 21:06:36 ----A---- C:\WINDOWS\SWXCACLS.exe
2012-07-16 21:06:36 ----A---- C:\WINDOWS\SWSC.exe
2012-07-16 21:06:36 ----A---- C:\WINDOWS\SWREG.exe
2012-07-16 21:06:36 ----A---- C:\WINDOWS\sed.exe
2012-07-16 21:06:36 ----A---- C:\WINDOWS\PEV.exe
2012-07-16 21:06:36 ----A---- C:\WINDOWS\NIRCMD.exe
2012-07-16 21:06:36 ----A---- C:\WINDOWS\MBR.exe
2012-07-16 21:06:36 ----A---- C:\WINDOWS\grep.exe
2012-07-16 21:05:36 ----D---- C:\Qoobox
2012-07-16 21:05:25 ----D---- C:\WINDOWS\erdnt
2012-07-16 20:49:46 ----A---- C:\TDSSKiller.2.7.45.0_16.07.2012_20.49.46_log.txt
2012-07-16 20:35:50 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2012-07-16 20:34:46 ----SHD---- C:\WINDOWS\CSC
2012-07-16 20:02:45 ----A---- C:\WINDOWS\system32\drivers\TrueSight.sys
2012-07-16 19:55:01 ----A---- C:\WINDOWS\system32\gvlib32.dll
2012-07-16 19:55:01 ----A---- C:\WINDOWS\system32\avaxgrph.dll
2012-07-16 19:55:00 ----A---- C:\WINDOWS\system32\ODX.dll
2012-07-16 19:55:00 ----A---- C:\WINDOWS\system32\avImageX.dll
2012-07-16 19:54:54 ----D---- C:\Program Files\Avax Vector ActiveX R1
2012-07-16 15:56:25 ----D---- C:\Program Files\trend micro
2012-07-16 15:56:24 ----D---- C:\rsit

======List of files/folders modified in the last 1 month======

2012-07-17 08:27:23 ----D---- C:\WINDOWS\Prefetch
2012-07-17 06:38:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-07-16 22:42:14 ----D---- C:\Program Files\ESET
2012-07-16 22:32:35 ----D---- C:\WINDOWS\system32\drivers\etc
2012-07-16 22:32:35 ----D---- C:\WINDOWS\system32
2012-07-16 22:32:35 ----D---- C:\WINDOWS
2012-07-16 22:17:17 ----D---- C:\WINDOWS\system32\drivers
2012-07-16 22:15:46 ----D---- C:\WINDOWS\system32\CatRoot2
2012-07-16 22:14:01 ----A---- C:\WINDOWS\system.ini
2012-07-16 22:12:39 ----D---- C:\WINDOWS\system32\config
2012-07-16 22:12:37 ----A---- C:\WINDOWS\ntbtlog.txt
2012-07-16 22:10:57 ----D---- C:\WINDOWS\AppPatch
2012-07-16 22:10:54 ----D---- C:\Program Files\Common Files
2012-07-16 21:44:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-07-16 21:08:39 ----RASH---- C:\boot.ini
2012-07-16 20:12:06 ----SD---- C:\WINDOWS\Tasks
2012-07-16 19:54:54 ----D---- C:\Program Files
2012-07-16 19:32:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2012-07-16 19:29:34 ----D---- C:\Program Files\Google
2012-07-16 19:29:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2012-07-16 19:29:31 ----SHD---- C:\WINDOWS\Installer
2012-07-16 19:29:17 ----A---- C:\WINDOWS\IE4 Error Log.txt
2012-07-15 11:57:23 ----D---- C:\Program Files\Mozilla Firefox
2012-07-15 10:03:11 ----D---- C:\Program Files\Spybot - Search & Destroy
2012-07-04 13:10:50 ----A---- C:\WINDOWS\NeroDigital.ini
2012-07-03 20:54:07 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 imagedrv;imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [2005-08-15 5888]
R0 imagesrv;imagesrv; C:\WINDOWS\system32\DRIVERS\imagesrv.sys [2005-08-15 127488]
R0 JGOGO;JMicron Hot-Plug Driver; C:\WINDOWS\system32\DRIVERS\JGOGO.sys [2006-02-07 6912]
R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2006-04-20 42368]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2008-08-20 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-03-03 48640]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-10-31 436792]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2008-03-31 15424]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2008-03-31 512096]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-04 4271616]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-10-11 25624]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-03-07 6704096]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-12-27 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-06-03 9856]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-26 81408]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-04 17024]
S3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2007-10-12 23832]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-10-19 2109976]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]
S3 lvpopflt;Logitech POP Suppression Filter; C:\WINDOWS\system32\DRIVERS\lvpopflt.sys [2007-10-12 1920920]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
S3 LVUVC;QuickCam Communicate Deluxe(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2007-10-12 3647384]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-04 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-04 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-04 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-04 15360]
S3 TrueSight;TrueSight; \??\c:\windows\system32\drivers\TrueSight.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;Sony Ericsson USB Serial Port; C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-04 25600]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-04 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2007-10-19 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2007-10-19 141848]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2008-03-31 552064]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-03-07 163908]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2010-06-24 92008]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 gupdate1c9bf4da32aed3a;Služba Google Update (gupdate1c9bf4da32aed3a); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-17 133104]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-08-08 69632]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-17 133104]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

[patricia11]

Tu je log z ESET Online Scanneru (našla som ho v C:\Program Files\ESET\ESET Online Scanner)

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=655d7a5eb14f644b9adce91cf5b4a164
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-16 09:26:41
# local_time=2012-07-16 11:26:41 )
# country="Czech Republic"
# lang=1029
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 9122 9122 0 0
# compatibility_mode=8194 67108185 100 100 4114596 135490502 0 0
# scanned=98277
# found=0
# cleaned=0
# scan_time=2445
# nod_component=NOD32MOD_WINNT_SLOVAK_BASE Build:0x11081627
# nod_component=NOD32MOD_WINNT_SLOVAK_INET Build:0x11081627
# nod_component=NOD32MOD_WINNT_SLOVAK_STANDARD Build:0x11081627
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=655d7a5eb14f644b9adce91cf5b4a164
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-16 11:15:34
# local_time=2012-07-17 01:15:34 )
# country="Czech Republic"
# lang=1029
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 15771 15771 0 0
# compatibility_mode=8194 67108185 100 100 4121245 135497151 0 0
# scanned=98279
# found=0
# cleaned=0
# scan_time=2329
# nod_component=NOD32MOD_WINNT_SLOVAK_BASE Build:0x11081627
# nod_component=NOD32MOD_WINNT_SLOVAK_INET Build:0x11081627
# nod_component=NOD32MOD_WINNT_SLOVAK_STANDARD Build:0x11081627

[patricia11]

Poslala som vám ten log z RSIT po skene, pretože mi odvtedy dvakrát zamrzol

[stell]

2x zamrzol? a uz nerestartoavalo??
1:stiahni a spust scan, log vloz sem
http://download.bleepingcomputer.com/farbar/FRST.exe

2:Stiahni a spust
http://www.bleepingcomputer.com/downloa ... box/dl/65/
zafajkni

List last 10 Event Viewer Errors
List Instaled Programs.
List device Only problems
a klik go.
log vloz sem

[patricia11]

log z FRST

Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 16-07-2012 01
Ran by Administrator at 17-07-2012 12:15:44
Running from C:\Documents and Settings\Administrator\Plocha
Service Pack 2 (X86) OS Language: Czech
Attention: Could not load system hive.
Error: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNTION PROPERLY.


============ One Month Created Files and Folders ==============

2012-07-17 12:15 - 2012-07-17 12:15 - 00000000 ____D C:\FRST
2012-07-16 22:32 - 2012-07-16 22:32 - 00000000 ____D C:\_OTM
2012-07-16 22:17 - 2012-07-16 22:17 - 00010945 ____A C:\ComboFix.txt
2012-07-16 22:12 - 2012-07-16 22:12 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2012-07-16 22:12 - 2012-07-16 22:12 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG
2012-07-16 22:12 - 2012-07-16 22:12 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG
2012-07-16 22:12 - 2012-07-16 22:12 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2012-07-16 22:12 - 2012-07-16 22:12 - 00000000 ___AH C:\Windows\System32\config\default.tmp.LOG
2012-07-16 21:08 - 2012-07-16 21:08 - 00000000 RASHD C:\cmdcons
2012-07-16 21:08 - 2011-07-18 22:30 - 00000211 ____A C:\Boot.bak
2012-07-16 21:08 - 2004-08-03 23:00 - 00261312 _RASH C:\cmldr
2012-07-16 21:06 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2012-07-16 21:06 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2012-07-16 21:06 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-07-16 21:06 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-07-16 21:06 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-07-16 21:06 - 2000-08-31 02:00 - 00212480 ____A (SteelWerX) C:\Windows\SWXCACLS.exe
2012-07-16 21:06 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2012-07-16 21:06 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2012-07-16 21:06 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2012-07-16 21:05 - 2012-07-16 22:17 - 00000000 ____D C:\Qoobox
2012-07-16 21:05 - 2012-07-16 22:12 - 00000000 ____D C:\Windows\erdnt
2012-07-16 20:35 - 2012-07-16 22:08 - 00000664 ____A C:\Windows\System32\d3d9caps.dat
2012-07-16 20:34 - 2012-07-16 21:47 - 00000000 __SHD C:\Windows\CSC
2012-07-16 20:02 - 2012-07-16 20:02 - 00014080 ____A C:\Windows\System32\Drivers\TrueSight.sys
2012-07-16 19:55 - 2010-09-02 14:25 - 00180736 ____A C:\Windows\System32\avaxgrph.dll
2012-07-16 19:55 - 2004-02-17 01:00 - 00002494 ____A C:\Windows\System32\Mscomct2.DEP
2012-07-16 19:55 - 2001-03-13 15:49 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\Comdlg32.ocx
2012-07-16 19:55 - 2000-08-04 14:24 - 00397312 ____A C:\Windows\System32\avImageX.dll
2012-07-16 19:55 - 2000-08-02 01:00 - 00002494 ____A C:\Windows\System32\Mscomctl.DEP
2012-07-16 19:55 - 2000-07-13 18:07 - 01830912 ____A () C:\Windows\System32\ODX.dll
2012-07-16 19:55 - 1999-09-30 14:29 - 00061440 ____A C:\Windows\System32\gvlib32.dll
2012-07-16 19:55 - 1999-06-03 01:00 - 00002494 ____A C:\Windows\System32\Comdlg32.DEP
2012-07-16 19:55 - 1998-06-14 01:00 - 00002495 ____A C:\Windows\System32\COMCT232.DEP
2012-07-16 19:54 - 2012-07-16 19:57 - 00000000 ____D C:\Program Files\Avax Vector ActiveX R1
2012-07-16 15:56 - 2012-07-17 08:30 - 00000000 ____D C:\Program Files\trend micro
2012-07-16 15:56 - 2012-07-16 15:57 - 00000000 ____D C:\rsit

============ 3 Months Modified Files ========================

2012-07-17 12:13 - 2011-07-18 13:02 - 00000260 ____A C:\Windows\Tasks\WGASetup.job
2012-07-17 12:04 - 2007-06-01 18:21 - 00000159 ____A C:\Windows\wiadebug.log
2012-07-17 12:04 - 2007-06-01 18:21 - 00000049 ____A C:\Windows\wiaservc.log
2012-07-17 12:03 - 2009-07-01 16:48 - 00000936 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-07-17 12:03 - 2008-11-07 21:28 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs
2012-07-17 12:03 - 2008-11-07 21:28 - 00000000 ____A C:\Windows\System32\Drivers\logiflt.iad
2012-07-17 12:03 - 2007-06-01 16:45 - 00000062 __ASH C:\Documents and Settings\LocalService\Local Settings\desktop.ini
2012-07-17 12:03 - 2007-06-01 16:45 - 00000062 __ASH C:\Documents and Settings\Administrator\Local Settings\desktop.ini
2012-07-17 12:03 - 2007-06-01 16:45 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-07-17 12:03 - 2007-06-01 16:40 - 00000062 __ASH C:\Documents and Settings\NetworkService\Local Settings\desktop.ini
2012-07-17 08:54 - 2007-06-01 16:45 - 00032396 ____A C:\Windows\SchedLgU.Txt
2012-07-17 08:54 - 2007-06-01 16:36 - 01098487 ____A C:\Windows\WindowsUpdate.log
2012-07-17 05:50 - 2009-07-01 16:48 - 00000940 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-07-16 22:17 - 2012-07-16 22:17 - 00010945 ____A C:\ComboFix.txt
2012-07-16 22:14 - 2001-10-25 14:00 - 00000227 ____A C:\Windows\system.ini
2012-07-16 22:12 - 2012-07-16 22:12 - 00008192 ___AH C:\Windows\System32\config\SECURITY.tmp.LOG
2012-07-16 22:12 - 2012-07-16 22:12 - 00000000 ___AH C:\Windows\System32\config\system.tmp.LOG
2012-07-16 22:12 - 2012-07-16 22:12 - 00000000 ___AH C:\Windows\System32\config\software.tmp.LOG
2012-07-16 22:12 - 2012-07-16 22:12 - 00000000 ___AH C:\Windows\System32\config\SAM.tmp.LOG
2012-07-16 22:12 - 2012-07-16 22:12 - 00000000 ___AH C:\Windows\System32\config\default.tmp.LOG
2012-07-16 22:12 - 2007-06-01 18:17 - 00262144 ____A C:\Windows\System32\config\SECURITY.bak
2012-07-16 22:12 - 2007-06-01 18:17 - 00024576 ____A C:\Windows\System32\config\SAM.bak
2012-07-16 22:12 - 2007-06-01 18:16 - 23855104 ____A C:\Windows\System32\config\software.bak
2012-07-16 22:12 - 2007-06-01 18:16 - 06029312 ____A C:\Windows\System32\config\system.bak
2012-07-16 22:12 - 2007-06-01 18:16 - 00262144 ____A C:\Windows\System32\config\default.bak
2012-07-16 22:12 - 2007-06-01 16:45 - 00000272 ___SH C:\Documents and Settings\Administrator\ntuser.ini
2012-07-16 22:08 - 2012-07-16 20:35 - 00000664 ____A C:\Windows\System32\d3d9caps.dat
2012-07-16 21:44 - 2007-06-01 18:18 - 00723342 ____A C:\Windows\System32\PerfStringBackup.INI
2012-07-16 21:08 - 2007-06-01 18:16 - 00000327 _RASH C:\boot.ini
2012-07-16 20:02 - 2012-07-16 20:02 - 00014080 ____A C:\Windows\System32\Drivers\TrueSight.sys
2012-07-16 17:03 - 2007-06-01 17:06 - 00000053 ____A C:\biosinfo
2012-07-16 10:46 - 2001-10-25 14:00 - 00002206 ____A C:\Windows\System32\wpa.dbl
2012-07-04 13:10 - 2007-06-01 18:01 - 00000116 ____A C:\Windows\NeroDigital.ini
2012-06-25 15:37 - 2011-07-17 09:59 - 00138873 ____A C:\Windows\setupapi.log

========================= Bamital & volsnap Check ============

C:\Windows\explorer.exe
[2004-08-17 16:49] - [2004-08-17 16:49] - 1032704 ____A (Microsoft Corporation) 53114d57ab73a406ac7f602227781a99

C:\Windows\System32\winlogon.exe
[2004-08-17 16:49] - [2004-08-17 16:49] - 0502272 ____A (Microsoft Corporation) 221c29ae1b4cc61d11d8b27de78b2307

C:\Windows\System32\svchost.exe
[2004-08-17 16:49] - [2004-08-17 16:49] - 0014336 ____A (Microsoft Corporation) dfba2915b0bf58abb288cd4c9318cb3f

C:\Windows\System32\services.exe
[2004-08-17 16:49] - [2009-02-09 12:11] - 0111104 ____A (Microsoft Corporation) 4f9f7b567970b524f31d9970a23f7c24

C:\Windows\System32\User32.dll
[2004-08-17 16:49] - [2004-08-17 16:49] - 0577024 ____A (Microsoft Corporation) 1b4ccc59980da34e75f20e42b283b027

C:\Windows\System32\userinit.exe
[2004-08-17 16:49] - [2004-08-17 16:49] - 0024576 ____A (Microsoft Corporation) 836f7960362ff95c5d49e40b891f2cfc

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-17 16:44] - [2004-08-17 16:44] - 0052480 ____A (Microsoft Corporation) cd8cce067f7e9cbd762c00bdddecaa34


==================== Restore Points (XP) =====================

RP: -> 2012-07-16 22:32 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP936

RP: -> 2012-07-16 11:29 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP935

RP: -> 2012-07-15 10:20 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP934

RP: -> 2012-07-12 21:30 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP933

RP: -> 2012-07-11 20:02 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP932

RP: -> 2012-07-10 12:38 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP931

RP: -> 2012-07-09 12:14 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP930

RP: -> 2012-07-08 11:36 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP929

RP: -> 2012-07-06 18:28 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP928

RP: -> 2012-07-05 13:28 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP927

RP: -> 2012-07-04 12:31 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP926

RP: -> 2012-07-02 10:39 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP925

RP: -> 2012-06-30 12:27 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP924

RP: -> 2012-06-28 20:27 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP923

RP: -> 2012-06-26 17:10 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP922

RP: -> 2012-06-25 16:50 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP921

RP: -> 2012-06-24 12:08 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP920

RP: -> 2012-06-21 21:50 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP919

RP: -> 2012-06-20 17:09 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP918

RP: -> 2012-06-18 16:38 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP917

RP: -> 2012-06-17 12:43 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP916

RP: -> 2012-06-16 12:37 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP915

RP: -> 2012-06-14 18:57 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP914

RP: -> 2012-06-13 08:04 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP913

RP: -> 2012-06-11 15:27 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP912

RP: -> 2012-06-08 15:32 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP911

RP: -> 2012-06-05 15:37 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP910

RP: -> 2012-05-31 19:32 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP909

RP: -> 2012-05-29 19:53 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP908

RP: -> 2012-05-28 19:48 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP907

RP: -> 2012-05-26 20:58 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP906

RP: -> 2012-05-25 18:32 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP905

RP: -> 2012-05-24 17:44 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP904

RP: -> 2012-05-22 19:28 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP903

RP: -> 2012-05-21 18:31 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP902

RP: -> 2012-05-20 11:05 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP901

RP: -> 2012-05-19 10:34 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP900

RP: -> 2012-05-18 07:51 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP899

RP: -> 2012-05-16 19:01 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP898

RP: -> 2012-05-13 12:21 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP897

RP: -> 2012-05-12 11:38 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP896

RP: -> 2012-05-10 18:24 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP895

RP: -> 2012-05-08 12:36 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP894

RP: -> 2012-05-07 12:15 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP893

RP: -> 2012-05-05 12:33 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP892

RP: -> 2012-05-02 21:25 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP891

RP: -> 2012-05-01 11:09 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP890

RP: -> 2012-04-29 12:05 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP889

RP: -> 2012-04-28 10:21 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP888

RP: -> 2012-04-26 19:49 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP887

RP: -> 2012-04-25 19:35 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP886

RP: -> 2012-04-24 19:04 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP885

RP: -> 2012-04-23 18:55 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP884

RP: -> 2012-04-22 12:39 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP883

RP: -> 2012-04-20 19:57 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP882

RP: -> 2012-04-19 19:29 - 024576 _restore{AA7D1794-595F-4164-8673-96E93923CCFA}\RP881


========================= Memory info ======================

Percentage of memory in use: 54%
Total physical RAM: 1022.41 MB
Available physical RAM: 469.02 MB
Total Pagefile: 2458.55 MB
Available Pagefile: 1997.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 2003.89 MB

======================= Partitions =========================

2 Drive c: () (Fixed) (Total:298.08 GB) (Free:159.08 GB) NTFS ==>[Drive with boot components (Windows XP)]

V poźˇtaźi: PUR-E722624FA40
Disk ### Stav Velikost Voln‚ Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Probˇh  ukonźenˇ programu DiskPart...

Partitions of Disk 0:
===============

V poźˇtaźi: PUR-E722624FA40
Nynˇ je vybr n disk 0.
Oddˇl ### Typ Velikost Posunutˇ
------------- ---------------- ------- -------
Oddˇl 1 Prim rnˇ 298 GB 32 KB
Probˇh  ukonźenˇ programu DiskPart...

==================================================================================
======================= End Of Log ==========================

[patricia11]

log z MiniToolbox

MiniToolBox by Farbar Version: 15-07-2012
Ran by Administrator (administrator) on 17-07-2012 at 12:18:17
Systém Microsoft Windows XP Professional Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/16/2012 08:43:03 PM) (Source: crypt32) (User: )
Description: Načtení automatické aktualizace pořadového čísla kořenového seznamu jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt> se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.

Error: (07/16/2012 07:29:16 PM) (Source: Application Error) (User: )
Description: Chybující aplikace iexplore.exe, verze 6.0.2900.2180, chybující modul unknown, verze 0.0.0.0, adresa chyby 0x022e5a30.
Zpracování události, specifické pro médium ([iexplore.exe!ws!])

Error: (07/10/2012 10:49:47 AM) (Source: PerfNet) (User: )
Description: Nelze otevřít službu serveru. Data o výkonu serveru nejsou
k dispozici. Vrácený chybový kód je v datech DWORD 0.


System errors:
=============
Error: (07/17/2012 00:03:47 PM) (Source: Dhcp) (User: )
Description: Zapůjčení adresy IP 192.168.100.104 pro síťovou kartu s adresou 0019DB2084CF byla
serverem DHCP 192.168.100.99 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error: (07/16/2012 10:32:10 PM) (Source: Service Control Manager) (User: )
Description: Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/16/2012 10:32:10 PM) (Source: Service Control Manager) (User: )
Description: Služba TomTomHOMEService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/16/2012 10:32:10 PM) (Source: Service Control Manager) (User: )
Description: Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/16/2012 10:32:10 PM) (Source: Service Control Manager) (User: )
Description: Služba NOD32 Kernel Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (07/16/2012 10:32:10 PM) (Source: Service Control Manager) (User: )
Description: Služba Machine Debug Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/16/2012 10:32:10 PM) (Source: Service Control Manager) (User: )
Description: Služba LVCOMSer byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/16/2012 10:32:10 PM) (Source: Service Control Manager) (User: )
Description: Služba Process Monitor byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/16/2012 10:12:41 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu %%1084 při pokusu o spuštění služby EventSystem s argumenty
za účelem spuštění serveru:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (07/16/2012 10:04:14 PM) (Source: DCOM) (User: PUR-E722624FA40)
Description: Služba DCOM zjistila chybu %%1084 při pokusu o spuštění služby StiSvc s argumenty
za účelem spuštění serveru:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}


Microsoft Office Sessions:
=========================
Error: (07/16/2012 08:43:03 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/m ... eq.txtDaná operace se vrátila, protože vypršel časový limit.

Error: (07/16/2012 07:29:16 PM) (Source: Application Error)(User: )
Description: iexplore.exe6.0.2900.2180unknown0.0.0.0022e5a30

Error: (07/10/2012 10:49:47 AM) (Source: PerfNet)(User: )
Description:


=========================== Installed Programs ============================

AbiWord 2.7.7 (Version: 2.7.7)
ACDSee 6.0 PowerPack (Version: 6.0.0)
Adobe Acrobat 7.0 Professional - English, Français, Deutsch (Version: 7.0.0)
Adobe Flash Player 10 Plugin (Version: 10.3.181.34)
Adobe Reader 9.1 - Czech (Version: 9.1.0)
Aktualizace systému Windows XP (KB898461) (Version: 1)
Aktualizace systému Windows XP (KB955759) (Version: 1)
Aktualizace systému Windows XP (KB967715) (Version: 1)
Aktualizace systému Windows XP (KB968389) (Version: 1)
Aktualizace systému Windows XP (KB973687) (Version: 1)
Aktualizace systému Windows XP (KB973815) (Version: 1)
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)
Aktualizace zabezpečení produktu Windows XP (KB941569)
Aktualizace zabezpečení systému Windows XP (KB2229593) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB923561) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB944338-v2) (Version: 2)
Aktualizace zabezpečení systému Windows XP (KB946648) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB950762) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB950974) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB951376-v2) (Version: 2)
Aktualizace zabezpečení systému Windows XP (KB951748) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB952004) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB952954) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB955069) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB956572) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB956803) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB956844) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB958470) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB958644) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB958869) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB959426) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB960803) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB960859) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB961501) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB969059) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB970238) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB971032) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB971468) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB971657) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB971961) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB972270) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB973507) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB973869) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB973904) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB974112) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB974318) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB974392) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB974571) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB975025) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB975467) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB975560) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB975561) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB975562) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB977816) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB977914) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB978037) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB978338) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB978542) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB978601) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB978706) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB979309) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB979482) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB979559) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB979683) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB980195) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB980218) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB980232) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB981350) (Version: 1)
Aktualizace zabezpečení systému Windows XP (KB982381) (Version: 1)
Antivírusový systém NOD32
ArcSoft PhotoStudio 5.5
Avax Vector ActiveX R1
Boiling Point - Cesta do pekel
BSPlayer
Canon MP Navigator 3.0
Canon Utilities Easy-PhotoPrint
Codec Pack - All In 1 6.0.3.0
Conduit Engine (Version: 6.3.3.3)
ConvertXtoDVD 4.1.19.365 (Version: 4.1.19.365)
DevalVR plugin for Netscape and compatible browsers
Easy-WebPrint
ESET Online Scanner v3
Facebook Plug-In
Ghost Recon
Gimp 2.6.1
Google Earth (Version: 4.2.205.5730)
Google Earth (Version: 4.3.7284.3916)
Google Chrome (Version: 20.0.1132.57)
Google Update Helper (Version: 1.3.21.111)
HD Tune 2.55
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
Inkscape 0.46 (Version: 0.46)
iQ-VIEW 2.5.0.47 (Version: 2.5.0.47)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Java Auto Updater (Version: 2.0.5.1)
Java(TM) 6 Update 26 (Version: 6.0.260)
JRAID (Version: 1.00.0000)
Lingea Lexicon 2000
Logitech Desktop Messenger (Version: 2.54.11)
Logitech QuickCam (Version: 11.50.1169)
Logitech QuickCam Driver Package
MathType 5 (Version: 5.2)
MicroDicom 0.1.5 (Version: 0.1.5)
Microsoft CART Precision Racing Trial
Microsoft Office Professional Edition 2003 (Version: 11.0.5614.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Mozilla Firefox (3.6.27) (Version: 3.6.27 (cs))
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
Nero 7 Premium (Version: 7.01.0735)
NVIDIA Drivers
Oprava Hotfix systému Windows XP (KB935448) (Version: 1)
Oprava Hotfix systému Windows XP (KB952287) (Version: 1)
Oprava Hotfix systému Windows XP (KB981793) (Version: 1)
Oprava Hotfix systému Windows XP číslo KB885884 (Version: 20040924.025457)
Origin 6.0
PowerDVD
RadLight 4.0 FINAL (Version: FINAL)
RealPlayer
Realtek High Definition Audio Driver
Recuva (Version: 1.39)
Registrace uživatele zařízení Canon MP460
ScanSoft OmniPage SE 4.0 (Version: 15.00.0020)
Skype Click to Call (Version: 5.6.8312)
Skype™ 5.5 (Version: 5.5.119)
TomTom HOME 2.7.5.2014 (Version: 2.7.5.2014)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Total Commander (Remove or Repair)
VideoLAN VLC media player 0.8.6h (Version: 0.8.6h)
WebFldrs XP (Version: 9.50.7523)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
WinPcap 4.1.1 (Version: 4.1.0.1753)
WinRAR

========================= Devices: ================================


**** End of log ****

[patricia11]

Zatiaľ ho nereštartovalo, len dvakrát zamrzol pri písaní správy v tomto fóre......

[stell]

1:Podla tohto navodu od kolegu odinstaluj combofix a vycisti pocitac, pouzit vsetky nastroje co su tam uvedene,
http://forum.viry.cz/viewtopic.php?f=13 ... 6#p1129021

2:Doinstaluj ServicePack 3
http://windows.microsoft.com/cs-CZ/wind ... pack-3-sp3

3:Ak to budes mat hotove napis .