nejspíše Facebook vir

[wehiq]

Dobrý den, mám v PC nejspíše FB vir, ale nejsem si tím tak uplně jistý. Někdo si na mém pc na Facebooku psal s tím botem v domnění, že je to jeho kamarád, který si z něj dělá srandu.. Nevím, jestli rozklikl ten odkaz, ale je to možný. Od té doby se pc spouští výrazně delší dobu, celkově se zpomalil a trhá se zvuk. Zkoušel jsem Combofix, ale během skenování pc spadnul. Přikládám log, díky za jeho případné zkontrolování




Logfile of random's system information tool 1.09 (written by random/random)
Run by Honza at 2011-07-31 13:36:46
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 8 GB (17%) free of 50 GB
Total RAM: 2047 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:36:49, on 31.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\wscntfy.exe
D:\Software\Mozilla Firefox\firefox.exe
D:\Software\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Honza\Plocha\RSIT(1).exe
C:\Program Files\trend micro\Honza.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Software\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Software\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Software\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Software\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Software\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Software\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: gebawwu - gebawwu.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: SAMSUNG KiesAllShare Service (KiesAllShare) - Unknown owner - D:\Software\Samsung\Kies\WiselinkPro\WiselinkPro.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.cfxxe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - D:\Software\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 5661 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-789336058-682003330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-746137067-789336058-682003330-1004UA.job
C:\WINDOWS\tasks\{47D60B30-7947-4114-811A-39EE7E00BF0F}_WINXP_Honza.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\rspj0jhw.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {20a82645-c095-46ed-80e3-08825760534b}:0.0.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=D:\Software\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

D:\Software\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}

D:\Software\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

D:\Software\Mozilla Firefox\plugins\
np32dsw.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
ShockwavePlugin.class

D:\Software\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\rspj0jhw.default\extensions\
maps@ovi.com

C:\Documents and Settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\rspj0jhw.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin.xml
qip-search.xml
web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Software\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-07-18 56712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"JMB36X IDE Setup"=C:\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864]
"JMB36X Configure"=C:\WINDOWS\system32\JMRaidSetup.exe [2006-10-30 1953792]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gebawwu]
gebawwu.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{415D402F-A6FC-4CA2-927B-2323BAAFB966}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Software\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Software\Samsung\Samsung New PC Studio\npsasvr.exe"="D:\Software\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"D:\Software\Samsung\Samsung New PC Studio\npsvsvr.exe"="D:\Software\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"D:\Hry\Valve\hl.exe"="D:\Hry\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Hry\FireFly Studios\Stronghold\Stronghold.EXE"="D:\Hry\FireFly Studios\Stronghold\Stronghold.EXE:*:Enabled:Stronghold"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\Hry\EA SPORTS\FIFA 08\FIFA08.exe"="D:\Hry\EA SPORTS\FIFA 08\FIFA08.exe:*:Enabled:FIFA08"
"D:\Hry\FireFly Studios\Stronghold Crusader\Stronghold Crusader.exe"="D:\Hry\FireFly Studios\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"D:\Hry\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"D:\Software\Steam\Steam.exe"="D:\Software\Steam\Steam.exe:*:Enabled:Steam"
"D:\Software\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Software\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Software\Microsoft Office\Office12\GROOVE.EXE"="D:\Software\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Software\Microsoft Office\Office12\ONENOTE.EXE"="D:\Software\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Hry\Valve\hlds.exe"="D:\Hry\Valve\hlds.exe:*:Enabled:HLDS Launcher"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Software\EA Sports\FIFA 11\Game\fifa.exe"="D:\Software\EA Sports\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11"
"D:\Software\Pinnacle\Studio 14\Programs\RM.exe"="D:\Software\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"D:\Software\Pinnacle\Studio 14\Programs\Studio.exe"="D:\Software\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"D:\Software\Pinnacle\Studio 14\Programs\umi.exe"="D:\Software\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"J:\Nová složka\iTunes.exe"="J:\Nová složka\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\pesFanatic2011-komu.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\pesFanatic2011-komu.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\pesFanatic2011.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\pesFanatic2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Hry\FireFly Studios\Stronghold 2\Stronghold2.exe"="D:\Hry\FireFly Studios\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2"
"D:\Software\Mozilla Firefox\firefox.exe"="D:\Software\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\csp2011.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\csp2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\CSP\csp2011.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\CSP\csp2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Software\Mozilla Firefox\plugin-container.exe"="D:\Software\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"D:\Software\QIP Infium JadrisPack\qip.exe"="D:\Software\QIP Infium JadrisPack\qip.exe:*:Enabled:QIP Infium"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"D:\Software\iTunes\iTunes.exe"="D:\Software\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"msacm.vorbis"=vorbis.acm

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2011-07-31 13:36:46 ----D---- C:\rsit
2011-07-31 13:34:52 ----D---- C:\Program Files\trend micro
2011-07-27 21:18:42 ----SD---- C:\ComboFix
2011-07-27 20:37:21 ----SHD---- C:\Config.Msi
2011-07-24 20:30:15 ----RASHD---- C:\cmdcons
2011-07-24 20:17:05 ----A---- C:\WINDOWS\zip.exe
2011-07-24 20:17:05 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-07-24 20:17:05 ----A---- C:\WINDOWS\SWSC.exe
2011-07-24 20:17:05 ----A---- C:\WINDOWS\SWREG.exe
2011-07-24 20:17:05 ----A---- C:\WINDOWS\sed.exe
2011-07-24 20:17:05 ----A---- C:\WINDOWS\PEV.exe
2011-07-24 20:17:05 ----A---- C:\WINDOWS\NIRCMD.exe
2011-07-24 20:17:05 ----A---- C:\WINDOWS\MBR.exe
2011-07-24 20:17:05 ----A---- C:\WINDOWS\grep.exe
2011-07-21 21:51:15 ----D---- C:\Program Files\iPod
2011-07-18 19:55:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-07-18 19:40:35 ----D---- C:\Program Files\Common Files\Java
2011-07-18 19:40:19 ----A---- C:\WINDOWS\system32\javaws.exe
2011-07-18 19:40:19 ----A---- C:\WINDOWS\system32\javaw.exe
2011-07-18 19:40:19 ----A---- C:\WINDOWS\system32\java.exe
2011-07-18 18:43:21 ----D---- C:\Documents and Settings\Honza\Data aplikací\Opera
2011-07-14 06:50:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-14 06:45:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-06 01:00:33 ----D---- C:\Program Files\Microsoft Office

======List of files/folders modified in the last 1 month======

2011-07-31 13:34:52 ----RD---- C:\Program Files
2011-07-31 12:26:12 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-31 12:25:40 ----D---- C:\WINDOWS\temp
2011-07-29 15:31:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-28 16:33:29 ----D---- C:\Documents and Settings\Honza\Data aplikací\Audacity
2011-07-27 22:45:49 ----D---- C:\WINDOWS\Prefetch
2011-07-27 21:37:37 ----D---- C:\WINDOWS\Minidump
2011-07-27 21:37:20 ----D---- C:\WINDOWS
2011-07-27 21:24:45 ----D---- C:\WINDOWS\system32\drivers
2011-07-27 21:24:45 ----D---- C:\WINDOWS\system32
2011-07-27 21:24:45 ----D---- C:\WINDOWS\AppPatch
2011-07-27 21:24:44 ----D---- C:\Program Files\Common Files
2011-07-27 20:59:55 ----D---- C:\Program Files\Canon
2011-07-27 20:52:05 ----SHD---- C:\WINDOWS\Installer
2011-07-27 20:46:57 ----D---- C:\Program Files\Java
2011-07-27 20:45:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-27 20:36:33 ----HD---- C:\WINDOWS\inf
2011-07-27 20:35:23 ----A---- C:\WINDOWS\NeroDigital.ini
2011-07-27 20:34:26 ----D---- C:\Documents and Settings\Honza\Data aplikací\Skype
2011-07-27 20:33:11 ----D---- C:\Documents and Settings\Honza\Data aplikací\skypePM
2011-07-27 20:30:35 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-27 20:29:35 ----RSD---- C:\WINDOWS\Fonts
2011-07-27 20:23:51 ----D---- C:\WINDOWS\twain_32
2011-07-27 20:23:51 ----D---- C:\Documents and Settings\Honza\Data aplikací\Canon
2011-07-24 20:30:23 ----RASH---- C:\boot.ini
2011-07-22 06:59:45 ----D---- C:\Program Files\Apple Software Update
2011-07-21 21:51:14 ----D---- C:\Program Files\Common Files\Apple
2011-07-21 21:43:12 ----SD---- C:\WINDOWS\Tasks
2011-07-18 19:40:06 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-07-16 01:30:28 ----A---- C:\WINDOWS\hms_odpocet.ini
2011-07-14 06:50:27 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-14 06:46:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-07-14 06:45:34 ----A---- C:\WINDOWS\imsins.BAK
2011-07-13 16:22:55 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-01 09:54:42 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JGOGO;JMicron Hot-Plug Driver; C:\WINDOWS\system32\DRIVERS\JGOGO.sys [2006-02-07 6912]
R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2006-10-30 43648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-10-14 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-07-27 83712]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2011-05-10 42496]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 ATP;Comodo EasyVPN Miniport Driver; C:\WINDOWS\system32\DRIVERS\cmdatp.sys []
S3 auu9y8v0;auu9y8v0; C:\WINDOWS\system32\drivers\auu9y8v0.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Honza\LOCALS~1\Temp\catchme.sys []
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 ESLvnic1;ESLvnic Virtual Network 32 Bit; C:\WINDOWS\system32\DRIVERS\ESLvnic.sys [2010-03-02 24504]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-12-02 18304]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-12-02 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-12-02 137600]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2010-01-20 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2010-01-20 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2010-01-20 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\WINDOWS\system32\DRIVERS\ss_bserd.sys [2010-01-20 100224]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2010-04-27 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2010-04-27 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2010-04-27 132424]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-12-02 8192]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-12-02 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S3 XDva327;XDva327; \??\C:\WINDOWS\system32\XDva327.sys []
S3 XDva332;XDva332; \??\C:\WINDOWS\system32\XDva332.sys []
S3 XDva336;XDva336; \??\C:\WINDOWS\system32\XDva336.sys []
S3 XDva337;XDva337; \??\C:\WINDOWS\system32\XDva337.sys []
S3 XDva341;XDva341; \??\C:\WINDOWS\system32\XDva341.sys []
S3 XDva342;XDva342; \??\C:\WINDOWS\system32\XDva342.sys []
S3 XDva343;XDva343; \??\C:\WINDOWS\system32\XDva343.sys []
S3 XDva344;XDva344; \??\C:\WINDOWS\system32\XDva344.sys []
S3 XDva346;XDva346; \??\C:\WINDOWS\system32\XDva346.sys []
S3 XDva347;XDva347; \??\C:\WINDOWS\system32\XDva347.sys []
S3 XDva348;XDva348; \??\C:\WINDOWS\system32\XDva348.sys []
S3 XDva349;XDva349; \??\C:\WINDOWS\system32\XDva349.sys []
S3 XDva352;XDva352; \??\C:\WINDOWS\system32\XDva352.sys []
S3 XDva358;XDva358; \??\C:\WINDOWS\system32\XDva358.sys []
S3 XDva359;XDva359; \??\C:\WINDOWS\system32\XDva359.sys []
S3 XDva361;XDva361; \??\C:\WINDOWS\system32\XDva361.sys []
S3 XDva367;XDva367; \??\C:\WINDOWS\system32\XDva367.sys []
S3 XDva379;XDva379; \??\C:\WINDOWS\system32\XDva379.sys []
S3 XDva380;XDva380; \??\C:\WINDOWS\system32\XDva380.sys []
S3 XDva382;XDva382; \??\C:\WINDOWS\system32\XDva382.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2006-09-04 241664]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-12-22 217088]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2011-07-18 161664]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\pev.cfxxe [2011-06-26 256000]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-07-19 821096]
S3 KiesAllShare;SAMSUNG KiesAllShare Service; D:\Software\Samsung\Kies\WiselinkPro\WiselinkPro.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Software\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; D:\Software\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-06-23 435016]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[cernohous13]

Zdravím,

1. vir FB tam nemáš
2. co je úloha C:\WINDOWS\tasks\{47D60B30-7947-4114-811A-39EE7E00BF0F}_WINXP_Honza.job
3. Stáhni a spusť T-cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
Po spuštění ignoruj případné varování antiviru - je to v pořádku
Po provedení akce T-cleaner smažeš

[wehiq]

Tak jsem to projel tim T-Cleanerem. Žádné extra změny se nestaly, pořád se trhá zvuk a je to pomalejší. Vůbec netuším co je to za úlohu

[cernohous13]

Stáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe

Spusť program „OTM.exe“ (pro Vistu a Win7 – pravým a „Run As Administrator“).
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „Moveit!“

Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\

Script OTM

Kód: Vybrat vše

:Commands
[emptytemp]

:Files
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\WINDOWS\Tasks\*.job
gebawwu.dll /s

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D5D47440-0750-463D-BAEF-A47D02414806}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"KernelFaultCheck"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gebawwu]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{415D402F-A6FC-4CA2-927B-2323BAAFB966}"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

:Services
XDva327
XDva332
XDva336
XDva337
XDva341
XDva342
XDva343
XDva344
XDva346
XDva347
XDva348
XDva349
XDva352
XDva358
XDva359
XDva361
XDva367
XDva379
XDva380
XDva382
JavaQuickStarterService
PEVSystemStart

[wehiq]

Pořád žádná změna.. Přikládám log z OTM


All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Administrator.WINXP
->Temporary Internet Files folder emptied: 32768 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Honza
->Temp folder emptied: 68459 bytes
->Temporary Internet Files folder emptied: 1704338 bytes
->Java cache emptied: 2112747 bytes
->FireFox cache emptied: 588626871 bytes
->Google Chrome cache emptied: 131521366 bytes
->Flash cache emptied: 6852 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 165197034 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 4277883 bytes
%systemroot%\System32 .tmp files removed: 24693704 bytes
%systemroot%\System32\dllcache .tmp files removed: 2280174 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 116770338 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 989,00 mb

========== FILES ==========
========== FILES ==========
DllUnregisterServer procedure not found in C:\WINDOWS\system32\_000006_.tmp.dll
DllUnregisterServer procedure not found in C:\WINDOWS\system32\_000007_.tmp.dll
DllUnregisterServer procedure not found in C:\WINDOWS\system32\_000008_.tmp.dll
DllUnregisterServer procedure not found in C:\WINDOWS\system32\_000009_.tmp.dll
DllUnregisterServer procedure not found in C:\WINDOWS\system32\_000010_.tmp.dll
DllUnregisterServer procedure not found in C:\WINDOWS\system32\_000011_.tmp.dll
LoadLibrary failed for C:\WINDOWS\system32\_000013_.tmp.dll
DllUnregisterServer procedure not found in C:\WINDOWS\system32\_000016_.tmp.dll
LoadLibrary failed for C:\WINDOWS\system32\_000017_.tmp.dll
LoadLibrary failed for C:\WINDOWS\system32\_000018_.tmp.dll
C:\WINDOWS\system32\_000006_.tmp.dll moved successfully.
C:\WINDOWS\system32\_000007_.tmp.dll moved successfully.
C:\WINDOWS\system32\_000008_.tmp.dll moved successfully.
C:\WINDOWS\system32\_000009_.tmp.dll moved successfully.
C:\WINDOWS\system32\_000010_.tmp.dll moved successfully.
C:\WINDOWS\system32\_000011_.tmp.dll moved successfully.
C:\WINDOWS\system32\_000013_.tmp.dll moved successfully.
C:\WINDOWS\system32\_000016_.tmp.dll moved successfully.
C:\WINDOWS\system32\_000017_.tmp.dll moved successfully.
C:\WINDOWS\system32\_000018_.tmp.dll moved successfully.
C:\WINDOWS\system32\wbem\SETED0.tmp moved successfully.
C:\WINDOWS\system32\wbem\SETED1.tmp moved successfully.
C:\WINDOWS\system32\wbem\SETED2.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\setb0a.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\setf51.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\setf52.tmp moved successfully.
C:\WINDOWS\AppPatch\SETB0A.tmp moved successfully.
C:\WINDOWS\AppPatch\SETF51.tmp moved successfully.
C:\WINDOWS\AppPatch\SETF52.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1403.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP257.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP36F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP440.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4CAB.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4CCD.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4CE4.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP51.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6AA.tmp folder moved successfully.
C:\WINDOWS\Globalization\tl-PH-Nokia.tmp0 moved successfully.
C:\WINDOWS\Installer\MSI11F.tmp moved successfully.
C:\WINDOWS\Installer\MSI125.tmp moved successfully.
C:\WINDOWS\Installer\MSIDA.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt6E.tmp moved successfully.
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-789336058-682003330-1004Core.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-789336058-682003330-1004UA.job moved successfully.
C:\WINDOWS\Tasks\{47D60B30-7947-4114-811A-39EE7E00BF0F}_WINXP_Honza.job moved successfully.
File/Folder gebawwu.dll not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gebawwu\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{415D402F-A6FC-4CA2-927B-2323BAAFB966} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{415D402F-A6FC-4CA2-927B-2323BAAFB966}\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service XDva327 stopped successfully!
Service XDva327 deleted successfully!
Service XDva332 stopped successfully!
Service XDva332 deleted successfully!
Service XDva336 stopped successfully!
Service XDva336 deleted successfully!
Service XDva337 stopped successfully!
Service XDva337 deleted successfully!
Service XDva341 stopped successfully!
Service XDva341 deleted successfully!
Service XDva342 stopped successfully!
Service XDva342 deleted successfully!
Service XDva343 stopped successfully!
Service XDva343 deleted successfully!
Service XDva344 stopped successfully!
Service XDva344 deleted successfully!
Service XDva346 stopped successfully!
Service XDva346 deleted successfully!
Service XDva347 stopped successfully!
Service XDva347 deleted successfully!
Service XDva348 stopped successfully!
Service XDva348 deleted successfully!
Service XDva349 stopped successfully!
Service XDva349 deleted successfully!
Service XDva352 stopped successfully!
Service XDva352 deleted successfully!
Service XDva358 stopped successfully!
Service XDva358 deleted successfully!
Service XDva359 stopped successfully!
Service XDva359 deleted successfully!
Service XDva361 stopped successfully!
Service XDva361 deleted successfully!
Service XDva367 stopped successfully!
Service XDva367 deleted successfully!
Service XDva379 stopped successfully!
Service XDva379 deleted successfully!
Service XDva380 stopped successfully!
Service XDva380 deleted successfully!
Service XDva382 stopped successfully!
Service XDva382 deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Error: No service named PEVSystemStart was found to stop!
Service\Driver key PEVSystemStart not found.

OTM by OldTimer - Version 3.1.18.0 log created on 08012011_120109

Files moved on Reboot...

Registry entries deleted on Reboot...

[cernohous13]

Dej mi aktuální RSIT

[wehiq]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Honza at 2011-08-01 13:31:14
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 11 GB (23%) free of 50 GB
Total RAM: 2047 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:31:22, on 1.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\System32\svchost.exe
D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Honza\Plocha\RSIT.exe
C:\Program Files\trend micro\Honza.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Software\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Software\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Software\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Software\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Software\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Software\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SAMSUNG KiesAllShare Service (KiesAllShare) - Unknown owner - D:\Software\Samsung\Kies\WiselinkPro\WiselinkPro.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - D:\Software\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 5034 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\rspj0jhw.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {20a82645-c095-46ed-80e3-08825760534b}:0.0.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=D:\Software\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

D:\Software\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}

D:\Software\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

D:\Software\Mozilla Firefox\plugins\
np32dsw.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
ShockwavePlugin.class

D:\Software\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\rspj0jhw.default\extensions\
maps@ovi.com

C:\Documents and Settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\rspj0jhw.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin.xml
qip-search.xml
web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Software\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-07-18 56712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"JMB36X IDE Setup"=C:\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864]
"JMB36X Configure"=C:\WINDOWS\system32\JMRaidSetup.exe [2006-10-30 1953792]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Software\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Software\Samsung\Samsung New PC Studio\npsasvr.exe"="D:\Software\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"D:\Software\Samsung\Samsung New PC Studio\npsvsvr.exe"="D:\Software\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"D:\Hry\Valve\hl.exe"="D:\Hry\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Hry\FireFly Studios\Stronghold\Stronghold.EXE"="D:\Hry\FireFly Studios\Stronghold\Stronghold.EXE:*:Enabled:Stronghold"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\Hry\EA SPORTS\FIFA 08\FIFA08.exe"="D:\Hry\EA SPORTS\FIFA 08\FIFA08.exe:*:Enabled:FIFA08"
"D:\Hry\FireFly Studios\Stronghold Crusader\Stronghold Crusader.exe"="D:\Hry\FireFly Studios\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"D:\Hry\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"D:\Software\Steam\Steam.exe"="D:\Software\Steam\Steam.exe:*:Enabled:Steam"
"D:\Software\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Software\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Software\Microsoft Office\Office12\GROOVE.EXE"="D:\Software\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Software\Microsoft Office\Office12\ONENOTE.EXE"="D:\Software\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Hry\Valve\hlds.exe"="D:\Hry\Valve\hlds.exe:*:Enabled:HLDS Launcher"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Software\EA Sports\FIFA 11\Game\fifa.exe"="D:\Software\EA Sports\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11"
"D:\Software\Pinnacle\Studio 14\Programs\RM.exe"="D:\Software\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"D:\Software\Pinnacle\Studio 14\Programs\Studio.exe"="D:\Software\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"D:\Software\Pinnacle\Studio 14\Programs\umi.exe"="D:\Software\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"J:\Nová složka\iTunes.exe"="J:\Nová složka\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\pesFanatic2011-komu.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\pesFanatic2011-komu.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\pesFanatic2011.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\pesFanatic2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Hry\FireFly Studios\Stronghold 2\Stronghold2.exe"="D:\Hry\FireFly Studios\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2"
"D:\Software\Mozilla Firefox\firefox.exe"="D:\Software\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\csp2011.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\csp2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\CSP\csp2011.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\CSP\csp2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Software\Mozilla Firefox\plugin-container.exe"="D:\Software\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"D:\Software\QIP Infium JadrisPack\qip.exe"="D:\Software\QIP Infium JadrisPack\qip.exe:*:Enabled:QIP Infium"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"D:\Software\iTunes\iTunes.exe"="D:\Software\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"msacm.vorbis"=vorbis.acm

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2011-08-01 13:31:14 ----D---- C:\rsit
2011-08-01 12:01:09 ----D---- C:\_OTM
2011-07-31 13:34:52 ----D---- C:\Program Files\trend micro
2011-07-27 20:37:21 ----SHD---- C:\Config.Msi
2011-07-24 20:30:15 ----RASHD---- C:\cmdcons
2011-07-21 21:51:15 ----D---- C:\Program Files\iPod
2011-07-18 19:55:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-07-18 19:40:35 ----D---- C:\Program Files\Common Files\Java
2011-07-18 19:40:19 ----A---- C:\WINDOWS\system32\javaws.exe
2011-07-18 19:40:19 ----A---- C:\WINDOWS\system32\javaw.exe
2011-07-18 19:40:19 ----A---- C:\WINDOWS\system32\java.exe
2011-07-18 18:43:21 ----D---- C:\Documents and Settings\Honza\Data aplikací\Opera
2011-07-14 06:50:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-14 06:45:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-06 01:00:33 ----D---- C:\Program Files\Microsoft Office

======List of files/folders modified in the last 1 month======

2011-08-01 13:31:18 ----D---- C:\WINDOWS\Prefetch
2011-08-01 12:09:25 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-01 12:07:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-01 12:06:12 ----SD---- C:\WINDOWS\Tasks
2011-08-01 12:06:05 ----SHD---- C:\WINDOWS\Installer
2011-08-01 12:06:05 ----D---- C:\WINDOWS\Globalization
2011-08-01 12:06:01 ----D---- C:\WINDOWS\AppPatch
2011-08-01 12:06:00 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-08-01 12:05:54 ----D---- C:\WINDOWS\system32\wbem
2011-08-01 12:05:52 ----D---- C:\WINDOWS\system32
2011-08-01 12:05:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-08-01 12:05:50 ----D---- C:\WINDOWS\temp
2011-08-01 12:05:50 ----D---- C:\WINDOWS
2011-07-31 23:49:43 ----D---- C:\WINDOWS\Minidump
2011-07-31 23:48:38 ----SHD---- C:\System Volume Information
2011-07-31 23:48:38 ----D---- C:\WINDOWS\system32\Restore
2011-07-31 13:34:52 ----RD---- C:\Program Files
2011-07-28 16:33:29 ----D---- C:\Documents and Settings\Honza\Data aplikací\Audacity
2011-07-27 21:24:45 ----D---- C:\WINDOWS\system32\drivers
2011-07-27 21:24:44 ----D---- C:\Program Files\Common Files
2011-07-27 20:59:55 ----D---- C:\Program Files\Canon
2011-07-27 20:46:57 ----D---- C:\Program Files\Java
2011-07-27 20:45:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-27 20:36:33 ----HD---- C:\WINDOWS\inf
2011-07-27 20:35:23 ----A---- C:\WINDOWS\NeroDigital.ini
2011-07-27 20:34:26 ----D---- C:\Documents and Settings\Honza\Data aplikací\Skype
2011-07-27 20:33:11 ----D---- C:\Documents and Settings\Honza\Data aplikací\skypePM
2011-07-27 20:30:35 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-27 20:29:35 ----RSD---- C:\WINDOWS\Fonts
2011-07-27 20:23:51 ----D---- C:\WINDOWS\twain_32
2011-07-27 20:23:51 ----D---- C:\Documents and Settings\Honza\Data aplikací\Canon
2011-07-24 20:30:23 ----RASH---- C:\boot.ini
2011-07-22 06:59:45 ----D---- C:\Program Files\Apple Software Update
2011-07-21 21:51:14 ----D---- C:\Program Files\Common Files\Apple
2011-07-18 19:40:06 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-07-16 01:30:28 ----A---- C:\WINDOWS\hms_odpocet.ini
2011-07-14 06:46:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-07-14 06:45:34 ----A---- C:\WINDOWS\imsins.BAK
2011-07-13 16:22:55 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JGOGO;JMicron Hot-Plug Driver; C:\WINDOWS\system32\DRIVERS\JGOGO.sys [2006-02-07 6912]
R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2006-10-30 43648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-10-14 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-07-27 83712]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2011-05-10 42496]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 ahvqntmx;ahvqntmx; C:\WINDOWS\system32\drivers\ahvqntmx.sys []
S3 ATP;Comodo EasyVPN Miniport Driver; C:\WINDOWS\system32\DRIVERS\cmdatp.sys []
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 ESLvnic1;ESLvnic Virtual Network 32 Bit; C:\WINDOWS\system32\DRIVERS\ESLvnic.sys [2010-03-02 24504]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-12-02 18304]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-12-02 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-12-02 137600]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2010-01-20 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2010-01-20 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2010-01-20 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\WINDOWS\system32\DRIVERS\ss_bserd.sys [2010-01-20 100224]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2010-04-27 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2010-04-27 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2010-04-27 132424]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-12-02 8192]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-12-02 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2006-09-04 241664]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-12-22 217088]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-07-19 821096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 KiesAllShare;SAMSUNG KiesAllShare Service; D:\Software\Samsung\Kies\WiselinkPro\WiselinkPro.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Software\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; D:\Software\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-06-23 435016]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[cernohous13]

v logu nevidím nic, co by mohlo způsobovat problémy

Stáhni a nainstaluj MBAM zde http://www.download.com/Malwarebytes-An ... tag=button
Spustit > na 3.záložce "Aktualizace" > Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení a program nech spuštěný

[wehiq]

Tak tady to je


Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

2.8.2011 13:07:29
mbam-log-2011-08-02 (13-07-27).txt

Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 229013
Uplynulý čas: 58 minut, 51 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 1
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[cernohous13]

- v MBAM dej Odstranit vybrané
- zkus znovu ComboFix
- pokud nepůjde, použij AVPTool
Stáhni http://www.viry.cz/forum/viewtopic.php?f=29&t=58179/
Návod http://img32.imageshack.us/img32/7604/93809819.gif

všechny logy sem

[wehiq]

Po combofixu spadne pc pokaždý když přestane skenovat a začne mazat soubory. AVPTool skenoval 6 hodin a je z toho log, který má 80MB, tak to sem asi dávat nebudu..

[cernohous13]

Dej mi alespoň nový RSIT

[wehiq]

Nevim jestli se něco změnilo.. Jestli ti to pomůže tak ten zvuk se trhá jen když např. pouštim nějaký program. Jakoby to nestíhal



Logfile of random's system information tool 1.09 (written by random/random)
Run by Honza at 2011-08-03 20:29:15
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 11 GB (22%) free of 50 GB
Total RAM: 2047 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:29:21, on 3.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\System32\svchost.exe
D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\wscntfy.exe
D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
D:\Software\Mozilla Firefox\firefox.exe
D:\Software\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Honza\Plocha\RSIT.exe
C:\Program Files\trend micro\Honza.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Software\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Software\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Software\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Software\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Software\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Software\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SAMSUNG KiesAllShare Service (KiesAllShare) - Unknown owner - D:\Software\Samsung\Kies\WiselinkPro\WiselinkPro.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - D:\Software\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 5288 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\rspj0jhw.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {20a82645-c095-46ed-80e3-08825760534b}:0.0.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=D:\Software\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

D:\Software\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}

D:\Software\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

D:\Software\Mozilla Firefox\plugins\
np32dsw.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
ShockwavePlugin.class

D:\Software\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\rspj0jhw.default\extensions\
maps@ovi.com

C:\Documents and Settings\Honza\Data aplikací\Mozilla\Firefox\Profiles\rspj0jhw.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin.xml
qip-search.xml
web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\Software\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-07-18 56712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"JMB36X IDE Setup"=C:\WINDOWS\JM\JMInsIDE.exe [2006-10-30 36864]
"JMB36X Configure"=C:\WINDOWS\system32\JMRaidSetup.exe [2006-10-30 1953792]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2007-01-05 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\Software\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Software\Samsung\Samsung New PC Studio\npsasvr.exe"="D:\Software\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"D:\Software\Samsung\Samsung New PC Studio\npsvsvr.exe"="D:\Software\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"D:\Hry\Valve\hl.exe"="D:\Hry\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Hry\FireFly Studios\Stronghold\Stronghold.EXE"="D:\Hry\FireFly Studios\Stronghold\Stronghold.EXE:*:Enabled:Stronghold"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\Hry\EA SPORTS\FIFA 08\FIFA08.exe"="D:\Hry\EA SPORTS\FIFA 08\FIFA08.exe:*:Enabled:FIFA08"
"D:\Hry\FireFly Studios\Stronghold Crusader\Stronghold Crusader.exe"="D:\Hry\FireFly Studios\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"D:\Hry\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"D:\Software\Steam\Steam.exe"="D:\Software\Steam\Steam.exe:*:Enabled:Steam"
"D:\Software\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Software\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Software\Microsoft Office\Office12\GROOVE.EXE"="D:\Software\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Software\Microsoft Office\Office12\ONENOTE.EXE"="D:\Software\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Hry\Valve\hlds.exe"="D:\Hry\Valve\hlds.exe:*:Enabled:HLDS Launcher"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Software\EA Sports\FIFA 11\Game\fifa.exe"="D:\Software\EA Sports\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11"
"D:\Software\Pinnacle\Studio 14\Programs\RM.exe"="D:\Software\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"D:\Software\Pinnacle\Studio 14\Programs\Studio.exe"="D:\Software\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"D:\Software\Pinnacle\Studio 14\Programs\umi.exe"="D:\Software\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"J:\Nová složka\iTunes.exe"="J:\Nová složka\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\pesFanatic2011-komu.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\pesFanatic2011-komu.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\pesFanatic2011.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\pesFanatic2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Hry\FireFly Studios\Stronghold 2\Stronghold2.exe"="D:\Hry\FireFly Studios\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2"
"D:\Software\Mozilla Firefox\firefox.exe"="D:\Software\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\csp2011.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\csp2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Hry\KONAMI\Pro Evolution Soccer 2011\CSP\csp2011.exe"="D:\Hry\KONAMI\Pro Evolution Soccer 2011\CSP\csp2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Software\Mozilla Firefox\plugin-container.exe"="D:\Software\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"D:\Software\QIP Infium JadrisPack\qip.exe"="D:\Software\QIP Infium JadrisPack\qip.exe:*:Enabled:QIP Infium"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"D:\Software\iTunes\iTunes.exe"="D:\Software\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"msacm.vorbis"=vorbis.acm

======List of files/folders created in the last 1 month======

2011-08-02 21:26:18 ----A---- C:\WINDOWS\zip.exe
2011-08-02 21:26:18 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-08-02 21:26:18 ----A---- C:\WINDOWS\SWSC.exe
2011-08-02 21:26:18 ----A---- C:\WINDOWS\SWREG.exe
2011-08-02 21:26:18 ----A---- C:\WINDOWS\sed.exe
2011-08-02 21:26:18 ----A---- C:\WINDOWS\PEV.exe
2011-08-02 21:26:18 ----A---- C:\WINDOWS\NIRCMD.exe
2011-08-02 21:26:18 ----A---- C:\WINDOWS\MBR.exe
2011-08-02 21:26:18 ----A---- C:\WINDOWS\grep.exe
2011-08-02 21:26:12 ----SD---- C:\ComboFix
2011-08-02 21:26:08 ----D---- C:\Qoobox
2011-08-01 21:28:59 ----D---- C:\Documents and Settings\Honza\Data aplikací\Malwarebytes
2011-08-01 21:28:50 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-08-01 21:28:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-08-01 21:28:46 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-08-01 13:31:14 ----D---- C:\rsit
2011-08-01 12:01:09 ----D---- C:\_OTM
2011-07-31 13:34:52 ----D---- C:\Program Files\trend micro
2011-07-27 20:37:21 ----SHD---- C:\Config.Msi
2011-07-24 20:30:15 ----RASHD---- C:\cmdcons
2011-07-21 21:51:15 ----D---- C:\Program Files\iPod
2011-07-18 19:55:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-07-18 19:40:35 ----D---- C:\Program Files\Common Files\Java
2011-07-18 19:40:19 ----A---- C:\WINDOWS\system32\javaws.exe
2011-07-18 19:40:19 ----A---- C:\WINDOWS\system32\javaw.exe
2011-07-18 19:40:19 ----A---- C:\WINDOWS\system32\java.exe
2011-07-18 18:43:21 ----D---- C:\Documents and Settings\Honza\Data aplikací\Opera
2011-07-14 06:50:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-14 06:45:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-06 01:00:33 ----D---- C:\Program Files\Microsoft Office

======List of files/folders modified in the last 1 month======

2011-08-03 20:07:39 ----D---- C:\WINDOWS\Prefetch
2011-08-03 20:05:24 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-03 20:05:18 ----D---- C:\WINDOWS
2011-08-03 20:03:23 ----D---- C:\WINDOWS\system32\drivers
2011-08-03 15:06:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-03 13:43:14 ----D---- C:\Documents and Settings\Honza\Data aplikací\Audacity
2011-08-03 11:40:55 ----D---- C:\WINDOWS\temp
2011-08-03 09:34:43 ----HD---- C:\WINDOWS\inf
2011-08-03 09:20:23 ----SHD---- C:\System Volume Information
2011-08-02 21:30:52 ----D---- C:\WINDOWS\system32
2011-08-02 21:30:52 ----D---- C:\WINDOWS\AppPatch
2011-08-02 21:30:44 ----D---- C:\Program Files\Common Files
2011-08-02 01:05:20 ----A---- C:\WINDOWS\hms_odpocet.ini
2011-08-01 12:06:12 ----SD---- C:\WINDOWS\Tasks
2011-08-01 12:06:05 ----SHD---- C:\WINDOWS\Installer
2011-08-01 12:06:05 ----D---- C:\WINDOWS\Globalization
2011-08-01 12:06:00 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-08-01 12:05:54 ----D---- C:\WINDOWS\system32\wbem
2011-08-01 12:05:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-31 23:49:43 ----D---- C:\WINDOWS\Minidump
2011-07-31 23:48:38 ----D---- C:\WINDOWS\system32\Restore
2011-07-31 13:34:52 ----RD---- C:\Program Files
2011-07-27 20:59:55 ----D---- C:\Program Files\Canon
2011-07-27 20:46:57 ----D---- C:\Program Files\Java
2011-07-27 20:45:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-27 20:35:23 ----A---- C:\WINDOWS\NeroDigital.ini
2011-07-27 20:34:26 ----D---- C:\Documents and Settings\Honza\Data aplikací\Skype
2011-07-27 20:33:11 ----D---- C:\Documents and Settings\Honza\Data aplikací\skypePM
2011-07-27 20:30:35 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-27 20:29:35 ----RSD---- C:\WINDOWS\Fonts
2011-07-27 20:23:51 ----D---- C:\WINDOWS\twain_32
2011-07-27 20:23:51 ----D---- C:\Documents and Settings\Honza\Data aplikací\Canon
2011-07-24 20:30:23 ----RASH---- C:\boot.ini
2011-07-22 06:59:45 ----D---- C:\Program Files\Apple Software Update
2011-07-21 21:51:14 ----D---- C:\Program Files\Common Files\Apple
2011-07-18 19:40:06 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-07-14 06:46:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-07-14 06:45:34 ----A---- C:\WINDOWS\imsins.BAK
2011-07-13 16:22:55 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JGOGO;JMicron Hot-Plug Driver; C:\WINDOWS\system32\DRIVERS\JGOGO.sys [2006-02-07 6912]
R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2006-10-30 43648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-10-14 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-07-27 83712]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 ao49etsg;ao49etsg; C:\WINDOWS\system32\drivers\ao49etsg.sys []
S3 ATP;Comodo EasyVPN Miniport Driver; C:\WINDOWS\system32\DRIVERS\cmdatp.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Honza\LOCALS~1\Temp\catchme.sys []
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys []
S3 ESLvnic1;ESLvnic Virtual Network 32 Bit; C:\WINDOWS\system32\DRIVERS\ESLvnic.sys [2010-03-02 24504]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-12-02 18304]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-12-02 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-12-02 137600]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2010-01-20 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2010-01-20 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2010-01-20 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\WINDOWS\system32\DRIVERS\ss_bserd.sys [2010-01-20 100224]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2010-04-27 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2010-04-27 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2010-04-27 132424]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-12-02 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-12-02 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2006-09-04 241664]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-12-22 217088]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; D:\Software\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-07-19 821096]
S3 KiesAllShare;SAMSUNG KiesAllShare Service; D:\Software\Samsung\Kies\WiselinkPro\WiselinkPro.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Software\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; D:\Software\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-06-23 435016]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[cernohous13]

Vidím jen WMP - předpokládám, že problémy se projevují v něm
zkusíme zastavit nadstavby - budou uloženy v záloze pro případné obnovení

Spusť program C:\Program Files\trend micro\Honza.exe
"Do a system scan only"
dej fajfku do čtverečků před řádky:
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
"Fix checked" -> OK

Teď už se nejedná o virový problém, proto uklidíme

ComboFix odinstalujeme
jdi Start -> Spustit... a zkopíruj ComboFix /Uninstall (pozor, za x je mezera) -> OK

Stáhni a spusť T-cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe - uklidí po použitých čističích.
Po spuštění ignoruj případné varování antiviru - je to v pořádku
Po provedení akce T-cleaner smažeš

Stáhni TempFolderCleaner http://oldtimer.geekstogo.com/TFC.exe
Zavři všechny programy a spusť. Po ukončení akce bude PC restartován.
Pokud ne, restartuj sám.
(čistí Temp složky , nečistí URL, historii, prefetch ani cookies)

stáhni program OTC tady: http://oldtimer.geekstogo.com/OTC.exe - spusť ho -> "CleanUp" (smaže dříve použité čističe)

Vypni Obnovení systému -> restart -> zapni Obnovení systému http://www.viry.cz/forum/viewtopic.php?t=47040

Mohu doporučit kontrolu a vyčištění Ccleanerem

Stáhni Ccleaner - http://www.slunecnice.cz/sw/ccleaner/
Při instalaci vyhodit fajfku u "Instalovat Yahoo! Toolbar"

zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.

Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx

Ten si můžeš nechat i na budoucí občasné čištění.

Po vyčištění by se hodila defragmentace
doporučuji http://www.slunecnice.cz/sw/defraggler/ + čeština

Kdyby něco z návodu nefungovalo, pokračuj dalším krokem.

[wehiq]

vše jsem udělal a bez výsledku:( Problémy se neprojevují jen ve WMP, používám hlavně iTunes. Navíc se trhá i ta klasická melodie při které se spuští windowsy a ta s WMP nemá nic společného, řekl bych. Teď jsem taky zjistil, že když zapnu pc a najedu na lištu tak se místo klasické myši objeví přesýpací hodiny a nejde kliknout ani na hlavní nabídku start.. Tohle se vyřeší vždycky tak cca 2 minuty po startu počítače, kdy se přehraje ta klasická spuštěcí melodie windowsů a přesýpací hodiny na liště zmizí. A přijde mi, že pc se pořád pouští pomaleji. Rychleji než předtím než jsem sem poprvé napsal, ale pořád to neni ono. Jen mi prosím neřikej, že budu muset reinstalovat windows..