Prosím o RADU

[holvyy]

Zdravím,
jak se to stalo nestalo dlouho jsem pomoci nepotřeboval,ale asi ji potřebuji nejak semi to nezdá.Zasílám log.Logfile of random's system information tool 1.08 (written by random/random)
Run by Bohuslav at 2010-08-03 15:29:03
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 29 GB (38%) free of 76 GB
Total RAM: 767 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:31:49, on 3.8.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files\Seznam.cz\postak.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast5\setup\avast.setup
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\TuneUp Utilities 2010\OneClick.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Bohuslav\Plocha\RSIT.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Bohuslav.exe
C:\WINDOWS\system32\taskmgr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.inbox.com/homepage.aspx?tbid=80096&lng=cs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=cs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80096
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=cs
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80096
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.200.221:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll
O2 - BHO: Burn4Free Toolbar Helper - {D187A56B-A33F-4CBE-9D77-459FC0BAE012} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll
O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\core.2.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll
O3 - Toolbar: Burn4Free Toolbar - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_1.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: updpxe32.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\PROGRA~1\ICQTOO~1\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = pilsfree.czf
O17 - HKLM\Software\..\Telephony: DomainName = pilsfree.czf
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = pilsfree.czf
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = pilsfree.czf
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = pilsfree.czf
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: Domain = pilsfree.czf
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: msisnwcf.dll confcon.dll constat.dll,
O20 - Winlogon Notify: conmgr - conmgr32.dll (file missing)
O20 - Winlogon Notify: lprmneth - C:\WINDOWS\system32\lprmneth.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 12014 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\TRANSLAT\WEBIE.DLL [2004-11-17 360448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyA1.dll [2010-06-07 2515552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D187A56B-A33F-4CBE-9D77-459FC0BAE012}]
Burn4Free Toolbar Helper - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll [2010-03-20 815104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-06-17 848376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-21 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.2.dll [2010-03-01 1107608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\tbBS_1.dll [2010-06-07 2515552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLAT\WEBIE.DLL [2004-11-17 360448]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyA1.dll [2010-06-07 2515552]
{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - Burn4Free Toolbar - C:\Program Files\Burn4Free Toolbar\v3.3.0.3\Burn4Free_Toolbar.dll [2010-03-20 815104]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\tbBS_1.dll [2010-06-07 2515552]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-06-17 848376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-03-17 2166784]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-10-31 185872]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2010-04-07 79360]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2010-03-01 451224]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-03-17 3037696]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2010-03-25 2924544]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

C:\Documents and Settings\Bohuslav\Nabídka Start\Programy\Po spuštění
updpxe32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" msisnwcf.dll confcon.dll constat.dll,"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\conmgr]
conmgr32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\lprmneth]
C:\WINDOWS\system32\lprmneth.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli
scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\WinFast\WFDTV\DVBTAP.exe"="C:\Program Files\WinFast\WFDTV\DVBTAP.exe:*:Enabled:WinFast DTV Application"
"C:\Program Files\WinFast\WFDTV\LiveUpdate\LiveUpdate.exe"="C:\Program Files\WinFast\WFDTV\LiveUpdate\LiveUpdate.exe:*:Enabled:WF LiveUpdate Application"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Disabled:Crawler Spyware Terminator"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Documents and Settings\Bohuslav\Plocha\Skype.exe"="C:\Documents and Settings\Bohuslav\Plocha\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-08-03 15:29:10 ----D---- C:\Program Files\trend micro
2010-08-03 15:29:03 ----D---- C:\rsit
2010-08-03 03:50:28 ----A---- C:\WINDOWS\system32\drivers\lbrtfdc.sys
2010-08-03 03:50:18 ----A---- C:\WINDOWS\system32\drivers\i2omgmt.sys
2010-08-03 03:50:10 ----A---- C:\WINDOWS\system32\drivers\changer.sys
2010-08-03 03:49:35 ----A---- C:\WINDOWS\system32\drivers\sdljptvc.sys
2010-07-15 16:14:16 ----D---- C:\Program Files\Common Files\Skype
2010-07-13 18:30:14 ----HDC---- C:\WINDOWS\$NtUninstallWudf01009$
2010-07-13 18:29:16 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2010-07-13 18:21:17 ----D---- C:\Program Files\Common Files\PCSuite
2010-07-13 18:21:03 ----D---- C:\Program Files\Common Files\Nokia
2010-07-13 18:18:59 ----D---- C:\Program Files\DIFX
2010-07-13 18:18:57 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2010-07-13 18:18:41 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-13 18:18:27 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2010-07-13 18:18:24 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2010-07-13 18:18:23 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-07-13 18:18:23 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-07-13 18:18:23 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2010-07-10 13:40:27 ----D---- C:\Documents and Settings\Bohuslav\Data aplikací\Inbox Toolbar
2010-07-10 13:40:25 ----D---- C:\Program Files\Inbox Toolbar

======List of files/folders modified in the last 1 months======

2010-08-03 15:29:24 ----D---- C:\WINDOWS\Prefetch
2010-08-03 15:29:10 ----RD---- C:\Program Files
2010-08-03 14:36:15 ----D---- C:\WINDOWS\Temp
2010-08-03 14:36:15 ----D---- C:\WINDOWS
2010-08-03 08:45:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-03 08:45:47 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-03 05:50:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-08-03 03:55:16 ----D---- C:\Documents and Settings\Bohuslav\Data aplikací\Spyware Terminator
2010-08-03 03:52:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-03 03:52:09 ----D---- C:\WINDOWS\system32\drivers
2010-08-03 03:50:14 ----D---- C:\Program Files\DScaler
2010-08-03 03:49:32 ----D---- C:\WINDOWS\system32
2010-08-03 03:45:36 ----A---- C:\WINDOWS\TRNCOM.INI
2010-08-03 01:16:49 ----D---- C:\Documents and Settings\Bohuslav\Data aplikací\Vso
2010-08-02 19:45:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-02 14:06:58 ----D---- C:\Documents and Settings\Bohuslav\Data aplikací\Skype
2010-08-02 12:33:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-08-01 23:10:17 ----A---- C:\WINDOWS\system32\Dvbpws.dll
2010-08-01 22:32:51 ----D---- C:\WinFast WorkArea
2010-07-31 04:34:42 ----D---- C:\Program Files\Spyware Terminator
2010-07-28 14:18:52 ----RASH---- C:\boot.ini
2010-07-28 13:31:19 ----SHD---- C:\WINDOWS\Installer
2010-07-28 13:31:18 ----D---- C:\Program Files\Ask.com
2010-07-28 13:31:17 ----SD---- C:\WINDOWS\Tasks
2010-07-27 22:10:00 ----SD---- C:\Documents and Settings\Bohuslav\Data aplikací\Microsoft
2010-07-27 13:11:16 ----A---- C:\WINDOWS\cdplayer.ini
2010-07-27 12:33:19 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-07-25 08:13:24 ----D---- C:\Program Files\Mozilla Firefox
2010-07-19 18:32:22 ----D---- C:\Documents and Settings\Bohuslav\Data aplikací\ICQ
2010-07-15 16:14:16 ----D---- C:\Program Files\Common Files
2010-07-15 16:13:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-07-15 16:13:26 ----D---- C:\Program Files\Skype
2010-07-13 18:30:44 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-07-13 18:30:29 ----HD---- C:\WINDOWS\inf
2010-07-13 18:30:07 ----D---- C:\Documents and Settings\Bohuslav\Data aplikací\Nokia
2010-07-13 18:29:58 ----D---- C:\WINDOWS\system32\drivers\UMDF
2010-07-13 18:29:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2010-07-13 18:21:49 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-13 18:21:06 ----D---- C:\Program Files\Nokia
2010-07-13 18:18:57 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-13 18:16:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2010-07-13 05:03:15 ----D---- C:\Program Files\Burn4Free
2010-07-07 17:35:20 ----D---- C:\Program Files\ICQ7.1

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [2006-08-25 36528]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-08-27 685816]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-04-14 225664]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 BT848;WinFast TV2000 XP WDM Video Capture; C:\WINDOWS\system32\drivers\wf2kvcap.sys [2006-04-20 59776]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner; C:\WINDOWS\system32\drivers\wf2ktunr.sys [2006-04-20 19456]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar; C:\WINDOWS\system32\drivers\wf2kxbar.sys [2006-04-20 9600]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-14 404736]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-21 462940]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 EL90X;3Com EtherLink XL 90X Adapter Driver; C:\WINDOWS\System32\DRIVERS\el90xnd5.sys [2001-10-24 153631]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-03-01 47360]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 ASFWHide;ASFWHide; \??\C:\DOCUME~1\Bohuslav\LOCALS~1\Temp\ASFWHide []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\DScaler\DSDrv4.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 hcwPVRP2;Hauppauge WinTV-PVR PCI II (Encoder-16); C:\WINDOWS\system32\DRIVERS\hcwPVRP2.sys [2005-09-15 824512]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\System32\DRIVERS\sermouse.sys [2001-10-25 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20050610.011\symidsco.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbser;USB Modem Driver; C:\WINDOWS\System32\DRIVERS\usbser.sys [2008-04-14 26112]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2004-04-14 14432]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2006-11-10 99936]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-03-17 488960]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-21 153376]
S2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2004-05-17 184320]
S2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-03-30 435016]

-----------------EOF-----------------

[motji]

Dobrý večer

Copak se Vám nepozdává?

Odinstalujte všechny toolbary, které nepoužíváte
MyAshampoo Toolbar
Burn4Free Toolbar Helper
Inbox Toolbar


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

[holvyy]

Dobrý večer,
mam pochybnost -Avast našel vir a nedokázal ho odstranit opravit anebo uložit.Použil jsem antivir v modrém balení po restartu
po skončení se sám restartoval a již nenaběhl.Ani v nouzovém režimu až po posle.konf.funk.Windows (...)
Jinak po registraci na Viry..Cclaner užívám již pres 2 roky.Teť jdu na provedení Vašich rad.Zatim..

[motji]

V jakém souboru Avast vir našel?

[holvyy]

Vše provedeno dle rad.jsem zvědáv jestli to bude ok.Kdyby nebylo písnu zatím děkuji

[motji]

V jakém souboru Avast vir našel?

To je dost důležité, byla bych ráda, kdyby jste se podíval do virové truhly avastu

[holvyy]

Win32:Bubnix-H[Rtk]/10x naleyen +Win32:[Crzp]/jednou

[motji]

V jakých souborech?

[holvyy]

Neumím přenést/kopírovat vir. truhlu de to?

[motji]

Dejte screen

[holvyy]

1.C:WINDOWS\system32\drivers -hodně krát
2.C

[motji]

jejdanánku , já vím že jsem hrozně otravná,ale potřebuju přímo názvy těch souborů .
Pokud Vám nechtěl počítač naběhnout, musel antivir dát do karantény něco systémového.

Nebudu Vás dále trápit, pustíme tam combofix a uvidíme, jestli tam něco zbylo.

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

[holvyy]

trval víc a zapoměl jsem vypnout wind.firewal zdeComboFix 10-08-03.01 - Bohuslav 04.08.2010 0:04.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.767.392 [GMT 2:00]
Spuštěný z: c:\documents and settings\Bohuslav\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Kerio Personal Firewall *disabled* {CB8DE467-2367-41d1-87BA-D0AE12284F9A}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\INSTALL.LOG
c:\windows\system32\Dvbpws.dll
c:\windows\system32\Thumbs.db

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-03 do 2010-08-03 )))))))))))))))))))))))))))))))
.

2010-08-03 13:29 . 2010-08-03 13:31 -------- d-----w- c:\program files\trend micro
2010-08-03 13:29 . 2010-08-03 13:33 -------- d-----w- C:\rsit
2010-08-03 01:50 . 2008-04-13 22:10 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-08-03 01:50 . 2008-04-13 22:10 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys
2010-08-03 01:50 . 2008-04-13 22:11 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-08-03 01:50 . 2008-04-13 22:11 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-08-03 01:50 . 2008-04-13 22:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-08-03 01:50 . 2008-04-13 22:11 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2010-08-03 01:49 . 2010-08-03 08:12 0 ----a-w- c:\windows\system32\drivers\sdljptvc.sys
2010-07-15 14:14 . 2010-07-15 14:14 -------- d-----w- c:\program files\Common Files\Skype
2010-07-13 16:21 . 2010-07-13 16:21 -------- d-----w- c:\program files\Common Files\PCSuite
2010-07-13 16:21 . 2010-07-13 16:21 -------- d-----w- c:\program files\Common Files\Nokia
2010-07-13 16:18 . 2010-07-13 16:18 -------- d-----w- c:\program files\DIFX
2010-07-13 16:18 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-07-13 16:18 . 2010-07-13 16:18 -------- d-----w- c:\program files\PC Connectivity Solution
2010-07-13 16:18 . 2010-02-26 12:32 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-07-13 16:18 . 2010-02-26 12:32 22528 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-07-13 16:18 . 2010-02-26 12:32 662016 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-07-13 16:18 . 2010-02-26 12:32 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-07-13 16:18 . 2010-02-26 12:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-03 01:50 . 2010-06-07 14:29 -------- d-----w- c:\program files\DScaler
2010-08-02 17:45 . 2001-10-25 12:00 47410 ----a-w- c:\windows\system32\perfc005.dat
2010-08-02 17:45 . 2001-10-25 12:00 312606 ----a-w- c:\windows\system32\perfh005.dat
2010-07-31 02:34 . 2010-03-17 16:15 -------- d-----w- c:\program files\Spyware Terminator
2010-07-28 11:31 . 2010-03-20 03:17 -------- d-----w- c:\program files\Ask.com
2010-07-27 10:33 . 2010-03-29 22:08 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-07-15 14:13 . 2005-09-15 19:28 -------- d-----w- c:\program files\Skype
2010-07-13 16:30 . 2010-07-13 16:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-07-13 16:30 . 2010-07-13 16:30 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-07-13 16:29 . 2010-07-13 16:29 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-07-13 16:29 . 2010-07-13 16:29 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-07-13 16:21 . 2008-02-12 00:01 -------- d-----w- c:\program files\Nokia
2010-07-13 03:03 . 2010-03-20 03:45 -------- d-----w- c:\program files\Burn4Free
2010-07-12 03:19 . 2010-07-12 03:19 113322 ----a-w- c:\program files\_JPOD, 6. dub 1931.sav
2010-07-07 15:35 . 2010-03-25 09:14 -------- d-----w- c:\program files\ICQ7.1
2010-07-01 14:05 . 2007-12-09 15:24 -------- d-----w- c:\program files\GRETECH
2010-06-28 20:57 . 2010-06-29 06:07 38848 ----a-w- c:\windows\avastSS.scr
2010-06-28 20:57 . 2010-04-28 13:25 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2010-04-28 13:25 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2010-04-28 13:25 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2010-04-28 13:25 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2010-04-28 13:25 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 20:32 . 2010-04-28 13:25 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 20:32 . 2010-04-28 13:25 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 20:32 . 2010-04-28 13:25 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-24 15:25 . 2004-04-01 20:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-23 14:48 . 2010-06-23 14:48 -------- d-----w- c:\program files\Common Files\ArcSoft
2010-06-23 14:48 . 2010-06-23 14:48 -------- d-----w- c:\program files\Common Files\Ulead Systems
2010-06-23 14:48 . 2010-06-23 14:47 -------- d-----w- c:\program files\WinFast
2010-06-23 14:48 . 2010-06-23 14:48 -------- d-----w- c:\program files\Windows Sidebar
2010-06-23 14:41 . 2010-06-23 14:41 -------- d-----w- c:\program files\Leadtek Research Inc
2010-06-23 14:08 . 2010-06-07 13:21 -------- d-----w- c:\program files\Driver Genius
2010-06-23 13:50 . 2010-06-23 13:50 -------- d-----w- c:\program files\win fst
2010-06-23 13:36 . 2010-06-07 13:58 -------- d-----w- c:\program files\ChrisTV PVR
2010-06-14 15:47 . 2010-06-13 20:29 -------- d-----w- c:\program files\LifeView MVP
2010-06-13 18:10 . 2006-01-24 17:45 -------- d-----w- c:\program files\CCleaner
2010-06-12 19:55 . 2010-03-01 17:20 -------- d-----w- c:\program files\Ashampoo
2010-06-08 10:08 . 2010-06-08 10:08 -------- d-----w- c:\program files\Common Files\NacreWare
2010-06-08 10:08 . 2010-06-08 10:08 -------- d-----w- c:\program files\AMC2000
2010-06-07 14:02 . 2010-05-05 10:16 4456 ----a-w- c:\windows\system32\d3d9caps.dat
2010-06-07 14:00 . 2010-04-21 12:02 -------- d-----w- c:\program files\BS_Player
2010-06-07 13:17 . 2010-06-07 13:17 -------- d-----w- c:\program files\ATI Technologies
2008-08-18 08:55 . 2008-08-18 08:55 148766 ----a-w- c:\program files\PC Tools Firewall Plus_40045_cz.exe
2008-08-18 08:37 . 2008-08-18 08:37 2405 ----a-w- c:\program files\Přečti si!.txt
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2010-06-07 14:00 2515552 ----a-w- c:\program files\BS_Player\tbBS_1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_1.dll" [2010-06-07 2515552]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_1.dll" [2010-06-07 2515552]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-03-01 451224]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-03-17 3037696]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2010-03-25 2924544]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-03-17 2166784]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-31 185872]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2010-04-07 79360]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Bohuslav\Nabˇdka Start\Programy\Po spuçtŘnˇ\
updpxe32.exe [2008-4-14 32256]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="c:\program files\ICQ7.1\ICQ.exe" silent loginmode=4
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"SoundMan"=SOUNDMAN.EXE
"WinampAgent"=c:\program files\Winamp\winampa.exe
"DTVRemote"="c:\program files\LifeView MVP\RemoteControl.exe"
"ChrisTV Agent"="c:\program files\ChrisTV PVR\ChrisTV_Agent.exe" /SILENT

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\DVBTAP.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\LiveUpdate\\LiveUpdate.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\Bohuslav\\Plocha\\Skype.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [28.4.2010 15:25 165456]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [17.3.2010 18:15 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28.4.2010 15:25 17744]
R2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [23.6.2010 16:41 59776]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [23.6.2010 16:41 19456]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [23.6.2010 16:41 9600]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [25.2.2010 10:18 10064]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.8.2007 22:37 685816]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
utvmhdnl

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9CD2822B-5E90-0FD3-7957-4DAA46499ED8}]
2010-04-08 08:58 3131655 ----a-w- c:\program files\windfcyg\windfcyg.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.inbox.com/homepage.aspx?tbid=80096&lng=cs
uInternet Settings,ProxyServer = 192.168.200.221:3128
IE: &ICQ Toolbar Search - c:\progra~1\ICQTOO~1\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://portal.mpsv.cz/sz/obcane/vmjedno
FF - prefs.js: keyword.URL - hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=sf&tmpl=11&tbid=80096&language=cs&qkw=
FF - component: c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Notify-conmgr - conmgr32.dll
Notify-lprmneth - c:\windows\system32\lprmneth.dll
SafeBoot-WudfPf
SafeBoot-WudfRd



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-04 00:14
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...


c:\documents and settings\Bohuslav\Nabídka Start\Programy\Po spuštění\updpxe32.exe 32256 bytes executable

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\ASFWHide]
"ImagePath"="\??\c:\docume~1\Bohuslav\LOCALS~1\Temp\ASFWHide"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG06.00.00.01WORKSTATION"="BEDF0E162D592E52B7BAEC663700D6CC162A0B998B7A3A05471626057DE6BF7A1F7FCC5C48F133D3934FD843F437292DC3433D6109AAB1FD52E1A112079E5E888C014FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808FEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D140700F9F580EE9F7A3F509BB07F5125FBB180A42937C0B26B9F8A1A02A1A309A0A413872200E3F2285D9B7BB1595FEEC2CCB7D8A957E9A7011FD7F8F360E03868AFA89B16944ECBA769F4A7718F997FDE75A9B815FB4C2178315904157763308C00590683492FBED5686E05E1E7CB913E7A035D3BC71E9FEF9372A8BB06E8577D64E629E15AEE3597D1420ABB5BA532D5A394743892F6768CF7AE6A7FE29464B018337CEABAD8EED113CAC4F99A3CC69DA7543E65E8D54EF6843BDEBE15EB642250458A9C8E1CFB708A08D45A0787048FB5DB90E3881AA2DCD26A301A59DA39CCB24773B9AF4C42608C9DEEE0B66575ABEBE55618E58BC16D72311DF5A0AE96355C09EA472B617C96E1545BD4F514F9F663D389AAA9D2515EE3AAF6FB0E98865E59FDB7904435B688C418F541C138C3F8212BBD062C7C48671E14A5997CB164522FBAB5A3EE0855B068F7AE74CD5BDABBA49498DB017AF2460BCFA18076F26220D4FB5251D47E0C8E6DA90A037E6A9850DDDD519F6821703B87E37AA4BDBA84D8332193B0541EE4236E82A0C270B3ACCA3276B60ADBABB48A66F8524046CB23912CAA8E1C7E53BEF6F57F1F5072ED9941FA74A91706B7887CEEDDDF4FB94C6C641042EE32186CCA130440C50A8430364F848F9F8647C4855FD8846B1471465FEE27B0F3D49C9E8D870E8AE613DFF5AC1690A522DBB0399D02D383D59382A8D1D2ACE67228B78063657AC3ECD26DA17CB8D3B74D600D5E92B981920F16ADC66B3550F5CF194B0C7745267853734DF6785E7769D4A0D6617EDF77121F296D552BC0B2150854ED234DC0615A2B65509D47339705FAEBBCD44BD040029F1E6DEEDF236D202A4C6887B976EFBB18DB7DA2E36646779A5622ACBA6C5A0ABD8A0E932F8C0A15DA37376166890993524D10761D2C885020389F435E9736F23EC6652391B38897CF8F0DBBD29FD900A5F3F4EC143BD6C58E2E80D41EBB3BA975F03AE6D4D25BEDD3135006CEE402BF735051BEC1509F307998C384B74543424EE90A8798A5E883C7449893010715B62F26F888EFAB428C0B1A9CD6B8241C7147D50592D0F00DE61F68359C63381CEC61FAF7CABD8E147B001C73B387CD8791719E107CC77717CBDE8AA5BAC2AF118E261B8C691E435EC1AA4AE36B59B93B207571C29A1A834987A479A1EE422867EAAE15A82ED6135E4A6F153D2DBB66E23F0BBFE9A7B863DA951F45129C56E07FF53E3CF343"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(640)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3488)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\progra~1\ALWILS~1\Avast5\avastUI.exe
c:\program files\Alwil Software\Avast5\setup\avast.setup
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\oodag.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wscntfy.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Celkový čas: 2010-08-04 00:36:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-08-03 22:36

Před spuštěním: Volných bajtů: 30 069 080 064
Po spuštění: Volných bajtů: 30 043 271 168

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

Current=4 Default=4 Failed=1 LastKnownGood=3 Sets=1,2,3,4
- - End Of File - - ED18A7EC356FCF6D1A7D0B7CDCAC19CF

[motji]

Já s eomlouvám, musím od počítače, večer Vám napíšu ještě skript na dočištění.
Jak to vypadá s počítačem?

[motji]

Tak jsem to stihla dřív.


Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Collect::
c:\documents and settings\Bohuslav\Nabídka Start\Programy\Po spuštění\updpxe32.exe 
c:\program files\windfcyg\windfcyg.exe

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9CD2822B-5E90-0FD3-7957-4DAA46499ED8}]

Firefox::
FF - ProfilePath - c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://toolbar.inbox.com/search/dispatc ... ge=cs&qkw=

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci



Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.