Prosím kontrolu logu

[pstreda]

V poslední době se PC chová nestandardně, větrák běží v podstatě pořád, i když nejsou spuštěny žádné náročnější aplikace. Prosím o kontrolu logu.

Děkuji


Logfile of random's system information tool 1.09 (written by random/random)
Run by Jirka at 2011-11-07 22:40:47
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 33 GB (42%) free of 78 GB
Total RAM: 2039 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:41:04, on 7.11.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\ADVANC~1\wh_exec.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\vVX1000.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\PrtScr\PrtScr.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Spb Backup\SpbBackupSync.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\WINDOWS\system32\CNAC3RPK.EXE
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\SMART Technologies\SMART Product Drivers\Aware.exe
C:\Program Files\SMART Technologies\SMART Product Drivers\Marker.exe
C:\Program Files\Kooperativa\Services\KoopPDFServer.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe
C:\Program Files\SMART Technologies\SMART Product Drivers\UCService.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Jirka\Plocha\RSIT.exe
C:\Program Files\trend micro\Jirka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://idnes.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.avast.com/i_kat_227.php?lang=CZE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\PC Translat\WEBIE.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PC Translat\WEBIE.DLL
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WheelMouse] C:\ADVANC~1\wh_exec.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [PrtScr by FireStarter] C:\Program Files\PrtScr\PrtScr.exe /Tray
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Kooperativa - PDF Server.lnk = C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: Nástroje aplikace Notebook.lnk = C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe
O4 - Global Startup: Spb Backup Sync.lnk = C:\Program Files\Spb Backup\SpbBackupSync.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: Nastavení aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\PC Translat\WEBIE.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Program Files\PC Translat\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Program Files\PC Translat\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC Translat\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC Translat\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC Translat\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC Translat\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC Translat\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC Translat\WEBIE.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {2AB1C516-6654-4D3A-B3D6-2185BBCEB409} (Cisco SSL VPN Relay Loader) - https://vpngw1.allianz.cz/+CSCOL+/csvrloader32.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 3845958515
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0024348328
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - C:\WINDOWS\system32\flcdlock.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: KoopPdfService - Unknown owner - C:\Program Files\Kooperativa\Services\KoopPDFServer.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Služba SMART Board (SMART Board Service) - SMART Technologies - C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe
O23 - Service: SMART Display Controller - SMART Technologies ULC - C:\Program Files\SMART Technologies\SMART Product Drivers\UCService.exe
O23 - Service: SMART SNMP Agent Service - SMART Technologies ULC - C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 18307 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{E3430533-6183-4872-9962-2615D3124D1E}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\92p8gp1v.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.idnes.cz/"
prefs.js - "extensions.enabledItems" - "xmlfiller@software602.cz:3.16.1, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {D6D05E6F-D5C1-4e03-8E33-73F92B05E262}:10.2, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0, 2020Player@2020Technologies.com:4.5.2.0, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, toolbar@ask.com:3.11.3.15590, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.babylon.com/?babsrc=toolbar2&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{2224E955-00E9-4613-A844-CE69FCCAAE91}"=C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF
"{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}"=C:\Program Files\Media Access Startup\1.5.0.850\FF
"{000a9d1c-beef-4f90-9363-039d445309b8}"=C:\Program Files\Google\Google Gears\Firefox\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.4]
"Description"=Office Live Update v1.4
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/wpi,version=1.0]
"Description"=
"Path"=C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.449]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
FlashGet3.xpi
nppl3260.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
nprpjplug.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\92p8gp1v.default\extensions\
2020Player@2020Technologies.com
2020Player_IKEA@2020Technologies.com
ffxtlbr@babylon.com
{20a82645-c095-46ed-80e3-08825760534b}
{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
{EEE6C361-6118-11DC-9C72-001320C79847}

C:\Documents and Settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\92p8gp1v.default\searchplugins\
hledat-s-kliknicz.xml
icqplugin.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Program Files\PC Translat\WEBIE.DLL [2009-07-28 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll [2010-02-23 2121728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Program Files\PC Translat\WEBIE.DLL [2009-07-28 491520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PTHOSTTR"=C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2007-01-09 145184]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2008-05-12 318488]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2011-02-10 1871872]
"Cpqset"=C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [2008-05-14 61440]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-03 177456]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2008-04-21 197904]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2003-12-13 33792]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-10-07 2171904]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-06-13 73728]
"WrtMon.exe"=C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe [2006-09-20 20480]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
"WheelMouse"=C:\ADVANC~1\wh_exec.exe [2008-10-08 147456]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-02-23 3451496]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1040384]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"VX1000"=C:\WINDOWS\vVX1000.exe [2006-10-13 707376]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2006-10-13 277296]
"HPUsageTrackingLEDM"=C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [2009-08-04 30264]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-05-22 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-05-22 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-05-22 137752]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-05 872448]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2010-12-03 141368]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-06-28 32768]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PrtScr by FireStarter"=C:\Program Files\PrtScr\PrtScr.exe [2008-03-19 1375744]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000]
"ISUSPM"=C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-07-12 226904]
"TuneUp MemOptimizer"=C:\Program Files\TuneUp Utilities 2008\MemOptimizer.exe [2008-07-01 148480]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
Nástroje aplikace Notebook.lnk - C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe
Spb Backup Sync.lnk - C:\Program Files\Spb Backup\SpbBackupSync.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\Jirka\Nabídka Start\Programy\Po spuštění
Kooperativa - PDF Server.lnk - C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
C:\WINDOWS\system32\DeviceNP.dll [2007-06-08 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-03-17 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Kooperativa\KalkZiv\Kalk_ziv.exe"="C:\Program Files\Kooperativa\KalkZiv\Kalk_ziv.exe:*:Enabled:Kalk_ziv"
"C:\Cibis\CibisWebStandalone\programs\jdk1.5.0_11\bin\java.exe"="C:\Cibis\CibisWebStandalone\programs\jdk1.5.0_11\bin\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\system32\CNAC3RPK.exe"="C:\WINDOWS\system32\CNAC3RPK.exe:*:Enabled:Canon LBP5200 RPC Server Process"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"$INSTDIR\FlvDetector.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlvDetector.exe:*:Enabled:FGFlvDetector"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\MOBILedit!\WebVideoDownloader.exe"="C:\Program Files\MOBILedit!\WebVideoDownloader.exe:*:Enabled:MobilEdit! Web Video Downloader Proxy"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Documents and Settings\Jirka\Plocha\Counter-Strike 1.6 + Half-Life\hl.exe"="C:\Documents and Settings\Jirka\Plocha\Counter-Strike 1.6 + Half-Life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\Program Files\SMART Technologies\SMART Product Drivers\UCGui.exe"="C:\Program Files\SMART Technologies\SMART Product Drivers\UCGui.exe:*:Enabled:SMART Universal Controller Interface"
"C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe"="C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe:*:Enabled:SMART SNMPAgent"
"C:\Program Files\SMART Technologies\SMART Product Drivers\UCService.exe"="C:\Program Files\SMART Technologies\SMART Product Drivers\UCService.exe:*:Enabled:SMART Universal Controller Service"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Documents and Settings\Jirka\Plocha\Přehrávač\vlc-1.0.3\vlc.exe"="C:\Documents and Settings\Jirka\Plocha\Přehrávač\vlc-1.0.3\vlc.exe:*:Enabled:VLC media player"
"C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\update\sweetimsetup.exe"="C:\Documents and Settings\All Users\Data aplikací\SweetIM\Messenger\update\sweetimsetup.exe:*:Enabled:SweetIM Installer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.DIVX"=divx.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave8"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux5"=wdmaud.drv
"vidc.tscc"=tsccvid.dll

======File associations======

.js - edit -
.js - open -
.txt - open - C:\Program Files\Lingea\Grammaticon\grammaticon.exe "%1"

======List of files/folders created in the last 1 month======

2011-11-07 22:40:48 ----D---- C:\Program Files\trend micro
2011-11-07 22:40:47 ----D---- C:\rsit
2011-11-04 20:30:41 ----D---- C:\Documents and Settings\Jirka\Data aplikací\Cocoon Software
2011-10-21 18:32:25 ----D---- C:\Program Files\Common Files\Java
2011-10-21 18:32:02 ----A---- C:\WINDOWS\system32\javaws.exe
2011-10-21 18:32:02 ----A---- C:\WINDOWS\system32\javaw.exe
2011-10-21 18:32:02 ----A---- C:\WINDOWS\system32\java.exe
2011-10-19 17:37:17 ----D---- C:\Documents and Settings\Jirka\Data aplikací\TeamViewer
2011-10-15 14:52:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2011-10-15 14:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2011-10-15 14:45:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$

======List of files/folders modified in the last 1 month======

2011-11-07 22:40:48 ----RD---- C:\Program Files
2011-11-07 22:14:21 ----D---- C:\WINDOWS\Temp
2011-11-07 22:08:45 ----D---- C:\WINDOWS\Minidump
2011-11-07 22:08:45 ----D---- C:\WINDOWS
2011-11-07 22:07:13 ----D---- C:\Program Files\CCleaner
2011-11-07 22:02:24 ----D---- C:\Program Files\Spyware Terminator
2011-11-07 22:02:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-11-07 21:58:38 ----D---- C:\Documents and Settings\Jirka\Data aplikací\Spyware Terminator
2011-11-07 21:38:42 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-11-07 21:37:55 ----D---- C:\WINDOWS\system32
2011-11-07 20:47:24 ----D---- C:\WINDOWS\Prefetch
2011-11-07 20:42:15 ----A---- C:\WINDOWS\MAILTRAN.INI
2011-11-07 13:56:25 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-11-07 12:44:56 ----D---- C:\WINDOWS\system32\CatRoot2
2011-11-06 11:31:33 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-11-04 21:00:01 ----D---- C:\Program Files\VDownloader
2011-11-04 20:32:53 ----D---- C:\Program Files\QuickMediaConverter
2011-11-04 20:31:01 ----A---- C:\WINDOWS\win.ini
2011-10-29 16:14:07 ----D---- C:\WINDOWS\inf
2011-10-26 16:48:39 ----D---- C:\Documents and Settings\Jirka\Data aplikací\Skype
2011-10-26 12:48:56 ----SHD---- C:\WINDOWS\Installer
2011-10-26 12:48:56 ----HD---- C:\Config.Msi
2011-10-26 12:48:49 ----RD---- C:\Program Files\Skype
2011-10-22 18:05:53 ----D---- C:\WINDOWS\system32\config
2011-10-22 12:13:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-22 11:58:39 ----D---- C:\Documents and Settings\Jirka\Data aplikací\uTorrent
2011-10-22 11:57:18 ----D---- C:\WINDOWS\Debug
2011-10-22 11:35:07 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-10-22 11:35:07 ----D---- C:\Program Files\Microsoft
2011-10-22 11:32:40 ----SD---- C:\WINDOWS\Tasks
2011-10-21 18:32:25 ----D---- C:\Program Files\Common Files
2011-10-21 18:31:56 ----D---- C:\Program Files\Java
2011-10-16 20:32:07 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-10-16 20:22:33 ----D---- C:\Program Files\KA10
2011-10-16 18:16:30 ----RSD---- C:\WINDOWS\assembly
2011-10-16 18:16:30 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-15 16:03:29 ----D---- C:\Program Files\Microsoft Silverlight
2011-10-15 16:03:29 ----D---- C:\Program Files\Internet Explorer
2011-10-15 14:51:08 ----D---- C:\WINDOWS\WinSxS
2011-10-15 14:45:51 ----A---- C:\WINDOWS\system32\MRT.exe
2011-10-15 14:45:32 ----D---- C:\WINDOWS\system32\drivers
2011-10-15 14:45:27 ----D---- C:\WINDOWS\$hf_mig$
2011-10-15 14:45:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-10-15 14:43:30 ----D---- C:\WINDOWS\ie8updates

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2003-10-28 20016]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-07-01 54280]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2001-08-10 3252]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]
R2 cpuz135;cpuz135; \??\C:\WINDOWS\system32\drivers\cpuz135_x32.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-07-01 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-07-01 71688]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-04-24 281600]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-11-21 1204128]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2008-12-23 1287552]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-02-14 530861]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-02-14 30459]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-02-14 868298]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-02-14 149123]
R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-02-14 47907]
R3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2007-02-14 30285]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-02-14 67960]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-12 250776]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-03-17 5955872]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-03-28 224672]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
R3 whfltr2k;WheelMouse USB Lower Filter Driver; C:\WINDOWS\system32\DRIVERS\whfltr2k.sys [2007-01-25 6784]
S2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Jirka\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 DAMDrv;DAMDrv; C:\WINDOWS\system32\DRIVERS\DAMDrv.sys [2007-06-08 30008]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-10-24 117760]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 mvusbews;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2010-10-14 17408]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-01-06 47360]
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys []
S3 slabbus;USB Data Cable driver (WDM); C:\WINDOWS\system32\DRIVERS\slabbus.sys [2004-08-09 51040]
S3 slabser;USB Data Cable Drivers; C:\WINDOWS\system32\DRIVERS\slabser.sys [2004-08-09 82768]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VX1000;VX-1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [2006-10-13 1966000]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 whmice2k;Advanced Wheel Mouse Upper Filter Driver; C:\WINDOWS\system32\DRIVERS\whmice2k.sys [2004-04-26 6885]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2008-03-18 13312]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-02-23 42184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-02-06 266295]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2009-10-06 65536]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2008-05-01 165192]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 KoopPdfService;KoopPdfService; C:\Program Files\Kooperativa\Services\KoopPDFServer.exe [2010-09-22 450560]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2011-04-16 73728]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2006-10-13 207664]
R2 MSSQL$EWAYSQL;SQL Server (EWAYSQL); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-05-12 576024]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 SMART Board Service;Služba SMART Board; C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe [2011-01-25 5893488]
R2 SMART Display Controller;SMART Display Controller; C:\Program Files\SMART Technologies\SMART Product Drivers\UCService.exe [2011-01-25 846704]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-10-07 487424]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2011-02-10 24064]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2009-10-06 1532000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-22 136176]
S2 HP LaserJet Service;HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-24 136704]
S2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; C:\WINDOWS\system32\flcdlock.exe [2007-06-08 172131]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-22 136176]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-10-24 145248]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 SMART SNMP Agent Service;SMART SNMP Agent Service; C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe [2011-01-25 1678704]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-12-02 355584]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Roli]

Zdravím, tohle fixni v HJT :

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.avast.com/i_kat_227.php?lang=CZE
R3 - URLSearchHook: (no name) - - (no file)
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Of
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)

HJT najdeš zde :

C:\Program Files\trend micro\Jirka.exe

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Spustit >> napiš - services.msc >> OK. Najdi službu :

Google Update Service (gupdate)

Služba Google Update (gupdatem)

IviRegMgr - InterVideo

Nero BackItUp Scheduler 4.0

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.


P.S. v mezičase zkontroluj zda jsou všechny chladící otvory volné, případně je opatrně vyluxuj.

[pstreda]

Udělal jsem vše podle návodu, zde je log z Combofixu:

ComboFix 11-11-09.02 - Jirka 09.11.2011 21:32:15.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2039.1309 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jirka\Plocha\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\System Search Dispatcher
c:\program files\System Search Dispatcher\1.3.0.840\Data\eacore.mx
c:\program files\System Search Dispatcher\1.3.0.840\Data\URLDynamic.mx
c:\program files\System Search Dispatcher\1.3.0.840\Data\URLStatic.mx
c:\program files\System Search Dispatcher\1.3.0.840\unins000.dat
c:\program files\System Search Dispatcher\1.3.0.840\unins000.exe
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\ST6UNST.000
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-09 do 2011-11-09 )))))))))))))))))))))))))))))))
.
.
2011-11-08 13:51 . 2011-11-08 14:03 -------- d-----w- C:\Data-KA10
2011-11-07 21:40 . 2011-11-07 21:41 -------- d-----w- c:\program files\trend micro
2011-11-07 21:40 . 2011-11-07 21:41 -------- d-----w- C:\rsit
2011-11-04 19:32 . 2011-11-04 19:32 -------- d-----w- c:\documents and settings\Jirka\Data aplikacÝ
2011-11-04 19:30 . 2011-11-04 19:30 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\Cocoon Software
2011-10-21 17:32 . 2011-10-21 17:32 -------- d-----w- c:\program files\Common Files\Java
2011-10-19 16:37 . 2011-10-19 16:37 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\TeamViewer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-22 10:04 . 2011-06-13 19:24 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2008-12-23 01:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-03 03:06 . 2010-04-20 15:08 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 00:37 . 2009-10-31 16:08 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-26 09:41 . 2007-10-09 12:03 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 11:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 11:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2008-04-14 06:51 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 14:10 . 2008-04-14 05:45 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 23:41 . 2008-04-14 06:52 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-22 23:41 . 2008-04-14 06:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 11:56 . 2008-04-14 05:50 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2008-04-13 22:49 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2010-01-26 09:11 . 2011-01-17 19:21 444283 -c--a-w- c:\program files\Common Files\WinPcapNmap.exe
2011-11-09 13:35 . 2011-04-04 11:52 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 14:04 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PrtScr by FireStarter"="c:\program files\PrtScr\PrtScr.exe" [2008-03-19 1375744]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"ISUSPM"="c:\documents and settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]
"TuneUp MemOptimizer"="c:\program files\TuneUp Utilities 2008\MemOptimizer.exe" [2008-07-01 148480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-05-12 318488]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2011-02-10 1871872]
"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2008-05-14 61440]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-10-07 2171904]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-06-13 73728]
"WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"WheelMouse"="c:\advanc~1\wh_exec.exe" [2008-10-08 147456]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-02-23 3451496]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1040384]
"VX1000"="c:\windows\vVX1000.exe" [2006-10-13 707376]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2006-10-13 277296]
"HPUsageTrackingLEDM"="c:\program files\HP\HP UT LEDM\bin\hppusg.exe" [2009-08-04 30264]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-05-22 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-05-22 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-05-22 137752]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" [2010-12-03 141368]
.
c:\documents and settings\Jirka\Nabídka Start\Programy\Po spuštění\
Kooperativa - PDF Server.lnk - c:\program files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe [2011-1-19 2499072]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213]
Nástroje aplikace Notebook.lnk - c:\program files\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe [2011-1-25 13320560]
Spb Backup Sync.lnk - c:\program files\Spb Backup\SpbBackupSync.exe [2010-11-17 430080]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2007-06-08 08:04 49152 ----a-r- c:\windows\system32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Kooperativa\\KalkZiv\\Kalk_ziv.exe"=
"c:\\Cibis\\CibisWebStandalone\\programs\\jdk1.5.0_11\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\CNAC3RPK.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"$INSTDIR\\FlvDetector.exe"= c:\\Program Files\\FlashGet Network\\FlashGet 3\\FlvDetector.exe
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Documents and Settings\\Jirka\\Plocha\\Counter-Strike 1.6 + Half-Life\\hl.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Program Files\\SMART Technologies\\SMART Product Drivers\\UCGui.exe"=
"c:\\Program Files\\SMART Technologies\\SMART Product Drivers\\SMARTSNMPAgent.exe"=
"c:\\Program Files\\SMART Technologies\\SMART Product Drivers\\UCService.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Documents and Settings\\Jirka\\Plocha\\Přehrávač\\vlc-1.0.3\\vlc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12001:UDP"= 12001:UDP:SMART WebServer Handshake Multicast Port
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [6.4.2011 11:04 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.2.2009 18:53 301528]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [23.12.2008 21:31 142592]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 9:28 73728]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.2.2009 18:53 19544]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [15.1.2011 21:50 21992]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R2 MSSQL$EWAYSQL;SQL Server (EWAYSQL);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [10.12.2010 17:29 29293408]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27.1.2010 3:09 50704]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [23.12.2008 3:49 576024]
R2 SMART Display Controller;SMART Display Controller;c:\program files\SMART Technologies\SMART Product Drivers\UCService.exe [25.1.2011 17:10 846704]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [23.12.2008 3:59 193840]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
R3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\drivers\whfltr2k.sys [25.1.2007 16:45 6784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [24.6.2009 10:57 136704]
S2 KoopPdfService;KoopPdfService;c:\program files\Kooperativa\Services\KoopPDFServer.exe [6.4.2010 10:29 450560]
S3 DAMDrv;DAMDrv;c:\windows\system32\drivers\DAMDrv.sys [23.12.2008 3:44 30008]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [8.6.2007 9:06 172131]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [22.1.2011 17:04 36608]
S3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [28.1.2011 14:30 17408]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [16.12.2009 21:56 47360]
S3 SMART SNMP Agent Service;SMART SNMP Agent Service;c:\program files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe [25.1.2011 17:13 1678704]
S3 whmice2k;Advanced Wheel Mouse Upper Filter Driver;c:\windows\system32\drivers\whmice2k.sys [26.4.2004 8:38 6885]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [22.7.2010 20:44 136176]
S4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [22.7.2010 20:44 136176]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - GUPDATEM
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-04-16 10:07 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-11-09 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:09]
.
2011-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-22 19:44]
.
2011-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-22 19:44]
.
2011-11-09 c:\windows\Tasks\User_Feed_Synchronization-{E3430533-6183-4872-9962-2615D3124D1E}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://idnes.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\program files\PC Translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\program files\PC Translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\program files\PC Translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\program files\PC Translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\program files\PC Translat\WEBIE.DLL
Trusted Zone: cpp.cz\sus
Trusted Zone: mpss.cz\portal
TCP: DhcpNameServer = 10.255.255.10 10.255.255.20
DPF: {2AB1C516-6654-4D3A-B3D6-2185BBCEB409} - hxxps://vpngw1.allianz.cz/+CSCOL+/csvrloader32.cab
FF - ProfilePath - c:\documents and settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\92p8gp1v.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.idnes.cz/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=toolbar2&q=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 300
FF - user.js: content.notify.interval - 100000
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.switch.threshold - 650000
.
.
------- Asociace souborů -------
.
.txt=Grammaticon
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-IDOS - MHD České Budějovice - c:\windows\IsUn0405.exe
AddRemove-IDOS - ProgramTT - c:\windows\IsUn0405.exe
AddRemove-{C421738F-4326-4835-9060-34D16F090BAB}_is1 - c:\docume~1\Jirka\LOCALS~1\Temp\is-12G0M.tmp\KA10\unins000.exe
AddRemove-{C5096216-7703-409E-B85A-8A6EE7395128}}_is1 - c:\program files\System Search Dispatcher\1.3.0.840\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-09 21:42
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe???????????????????????|?M?|?????M?|??@
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1116)
c:\windows\system32\DeviceNP.dll
.
Celkový čas: 2011-11-09 21:47:35
ComboFix-quarantined-files.txt 2011-11-09 20:47
.
Před spuštěním: Volných bajtů: 34 235 871 232
Po spuštění: Volných bajtů: 34 216 013 824
.
- - End Of File - - CC8CF37F9C583B7C89EA7F5E60AB8537

[Roli]

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

FireFox::
FF - ProfilePath - c:\documents and settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\92p8gp1v.default\
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=toolbar2&q=

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci



P.S. je tohle stolní PC nebo notebook

Podle toho co vidím asi notebook, tak by to chtělo opatrně vyluxovat všechny větrací otvory.

[pstreda]

Další krok splněn, další log přikládám.

P.S. jde o notebook


ComboFix 11-11-10.03 - Jirka 10.11.2011 23:57:24.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2039.1343 [GMT 1:00]
Spuštěný z: c:\documents and settings\Jirka\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Jirka\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-10 do 2011-11-10 )))))))))))))))))))))))))))))))
.
.
2011-11-10 21:28 . 2011-11-10 21:28 9310 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2011-11-10 21:28 . 2011-11-10 21:28 8646 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2011-11-10 21:28 . 2011-11-10 21:28 6429 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2011-11-10 21:28 . 2011-11-10 21:28 63115 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2011-11-10 21:28 . 2011-11-10 21:28 4599 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2011-11-10 21:28 . 2011-11-10 21:28 8613 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2011-11-10 21:28 . 2011-11-10 21:28 6910 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2011-11-10 21:28 . 2011-11-10 21:28 5927 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2011-11-10 21:28 . 2011-11-10 21:28 1651 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2011-11-10 21:28 . 2011-11-10 21:28 8288 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2011-11-10 21:28 . 2011-11-10 21:28 6208 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2011-11-10 21:28 . 2011-11-10 21:28 18541 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2011-11-10 21:27 . 2011-11-10 21:27 51852 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2011-11-10 21:27 . 2011-11-10 21:27 23327 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2011-11-10 21:27 . 2011-11-10 21:27 20719 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2011-11-10 21:27 . 2011-11-10 21:27 8782 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2011-11-10 21:27 . 2011-11-10 21:27 7271 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2011-11-10 08:14 . 2003-02-14 18:14 110592 ----a-w- c:\windows\system32\tsccvid.dll
2011-11-10 08:12 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2011-11-10 08:12 . 2011-11-10 08:12 -------- d-----w- c:\windows\Logs
2011-11-10 08:12 . 2011-11-10 08:12 -------- d-----w- c:\program files\National Instruments
2011-11-10 08:03 . 2011-11-10 08:03 -------- d-----w- c:\documents and settings\All Users\SMART Technologies
2011-11-08 13:51 . 2011-11-08 14:03 -------- d-----w- C:\Data-KA10
2011-11-07 21:40 . 2011-11-07 21:41 -------- d-----w- c:\program files\trend micro
2011-11-07 21:40 . 2011-11-07 21:41 -------- d-----w- C:\rsit
2011-11-04 19:32 . 2011-11-04 19:32 -------- d-----w- c:\documents and settings\Jirka\Data aplikacÝ
2011-11-04 19:30 . 2011-11-04 19:30 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\Cocoon Software
2011-10-21 17:32 . 2011-10-21 17:32 -------- d-----w- c:\program files\Common Files\Java
2011-10-19 16:37 . 2011-10-19 16:37 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\TeamViewer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-22 10:04 . 2011-06-13 19:24 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2008-12-23 01:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-03 03:06 . 2010-04-20 15:08 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 00:37 . 2009-10-31 16:08 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-26 09:41 . 2007-10-09 12:03 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 11:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 11:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-09 09:12 . 2008-04-14 06:51 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 14:10 . 2008-04-14 05:45 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-08-22 23:41 . 2008-04-14 06:52 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2008-04-14 06:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-22 23:41 . 2008-04-14 06:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 11:56 . 2008-04-14 05:50 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2008-04-13 22:49 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2010-01-26 09:11 . 2011-01-17 19:21 444283 -c--a-w- c:\program files\Common Files\WinPcapNmap.exe
2011-11-09 13:35 . 2011-04-04 11:52 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-09_20.43.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-10 08:01 . 2011-11-10 08:01 66976 c:\windows\WinSxS\x86_smarttech.zlib.vc100.1.2_9ca15c999435ee05_1.0.1.0_x-ww_bdce9461\zlib1-vc100-mt-1.2.dll
+ 2011-11-10 08:12 . 2011-11-10 08:12 33192 c:\windows\WinSxS\x86_smarttech.xalan.vc100.1.10b_9ca15c999435ee05_1.0.1.0_x-ww_eda42499\xalanmsg-vc100-1_10.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 40352 c:\windows\WinSxS\x86_smarttech.icu.vc100.3.8_9ca15c999435ee05_1.0.1.0_x-ww_a4a09a3b\icuio38.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 54184 c:\windows\WinSxS\x86_smarttech.boostthread.vc100.1.44_9ca15c999435ee05_1.0.1.0_x-ww_223d02ca\boost_thread-vc100-mt-1_44.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 22440 c:\windows\WinSxS\x86_smarttech.boostsystem.vc100.1.44_9ca15c999435ee05_1.0.1.0_x-ww_63c41565\boost_system-vc100-mt-1_44.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 53680 c:\windows\WinSxS\x86_smarttech.boostsignals.vc100.1.44_9ca15c999435ee05_1.0.1.0_x-ww_36e3f87f\boost_signals-vc100-mt-1_44.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 51120 c:\windows\WinSxS\x86_smarttech.boostdatetime.vc100.1.44_9ca15c999435ee05_1.0.1.0_x-ww_c41aee2c\boost_date_time-vc100-mt-1_44.dll
+ 2011-11-10 21:27 . 2011-11-10 21:27 16384 c:\windows\Temp\Perflib_Perfdata_ae4.dat
- 2007-03-14 02:06 . 2007-03-14 02:06 19968 c:\windows\system32\spool\prtprocs\w32x86\BuEProNT.dll
+ 2007-03-14 03:06 . 2007-03-14 03:06 19968 c:\windows\system32\spool\prtprocs\w32x86\BuEProNT.dll
- 2007-03-15 09:47 . 2007-03-15 09:47 53760 c:\windows\system32\spool\drivers\w32x86\BuEResNT.dll
+ 2007-03-15 10:47 . 2007-03-15 10:47 53760 c:\windows\system32\spool\drivers\w32x86\BuEResNT.dll
+ 2007-03-14 03:06 . 2007-03-14 03:06 90624 c:\windows\system32\spool\drivers\w32x86\BuEDRVNT.dll
- 2007-03-14 02:06 . 2007-03-14 02:06 90624 c:\windows\system32\spool\drivers\w32x86\BuEDrvNT.dll
- 2007-03-15 09:47 . 2007-03-15 09:47 53760 c:\windows\system32\spool\drivers\w32x86\2\BuEResNT.dll
+ 2007-03-15 10:47 . 2007-03-15 10:47 53760 c:\windows\system32\spool\drivers\w32x86\2\BuEResNT.dll
- 2007-03-14 02:06 . 2007-03-14 02:06 90624 c:\windows\system32\spool\drivers\w32x86\2\BuEDrvNT.dll
+ 2007-03-14 03:06 . 2007-03-14 03:06 90624 c:\windows\system32\spool\drivers\w32x86\2\BuEDRVNT.dll
- 2011-06-09 06:04 . 2011-01-25 16:15 22768 c:\windows\system32\DRVSTORE\smartlowri_360AF12BA550DABF74159B21B318F61109C265F2\i386\NWLowRider.sys
+ 2011-11-10 08:04 . 2011-07-13 20:17 22768 c:\windows\system32\DRVSTORE\smartlowri_360AF12BA550DABF74159B21B318F61109C265F2\i386\NWLowRider.sys
+ 2011-11-10 08:12 . 2011-05-12 08:37 21160 c:\windows\system32\DRVSTORE\smartdocca_42CAA05CE2DEAE3E68476426B901ED9E6923BCA9\SMARTDocCamera.sys
- 2011-06-09 06:04 . 2010-08-12 08:56 21160 c:\windows\system32\DRVSTORE\smartdocca_42CAA05CE2DEAE3E68476426B901ED9E6923BCA9\SMARTDocCamera.sys
+ 2011-11-10 08:12 . 2011-05-12 08:44 23280 c:\windows\system32\DRVSTORE\smartdocca_3D74C8B5272B39120E0EA6C30CBEB067D0310C27\SMARTDocCamGen2.sys
- 2007-03-15 09:47 . 2007-03-15 09:47 53760 c:\windows\system32\BuEResNT.dll
+ 2007-03-15 10:47 . 2007-03-15 10:47 53760 c:\windows\system32\BuEResNT.dll
+ 2011-11-10 08:12 . 2011-11-10 08:12 63384 c:\windows\Installer\{ED0FF410-41B9-441F-B457-4AC81782E8BF}\WCShortcut_C584A195554E46CA990D5552346B3A72.exe
+ 2011-11-10 08:04 . 2011-11-10 08:04 75672 c:\windows\Installer\{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}\SnapShotShortcut_7195F4632B3F4B8A996B4018DDC42082.exe
+ 2011-11-10 08:04 . 2011-11-10 08:04 47000 c:\windows\Installer\{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}\PointerShortcut_700484D21AC24040A654BEEC1C62FCA6.exe
+ 2011-11-10 08:04 . 2011-11-10 08:04 71576 c:\windows\Installer\{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}\DCShortcut_A5A5D37B0F5E4E3EB85FA8912ABBC76D.exe
+ 2011-11-10 08:13 . 2011-11-10 08:13 59288 c:\windows\Installer\{65F93E53-1BF8-42CC-B34E-ADE8F38A5DDD}\ARPPRODUCTICON.exe
+ 2011-11-10 08:04 . 2011-07-13 20:17 9712 c:\windows\system32\DRVSTORE\smartlowri_360AF12BA550DABF74159B21B318F61109C265F2\i386\hidkmdf.sys
- 2011-06-09 06:04 . 2011-01-25 16:15 9712 c:\windows\system32\DRVSTORE\smartlowri_360AF12BA550DABF74159B21B318F61109C265F2\i386\hidkmdf.sys
+ 2011-11-10 08:01 . 2011-11-10 08:01 469416 c:\windows\WinSxS\x86_smarttech.ziparchive.vc100.3.1_9ca15c999435ee05_1.0.1.0_x-ww_dc59ac78\ZipArchive.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 235424 c:\windows\WinSxS\x86_smarttech.ssce.vc60.5.16_9ca15c999435ee05_1.0.1.0_x-ww_4e2de1b2\ssce5532.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 363936 c:\windows\WinSxS\x86_smarttech.qt.vc100.4.7_9ca15c999435ee05_1.0.1.0_x-ww_b2691301\QtXml4.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 948128 c:\windows\WinSxS\x86_smarttech.qt.vc100.4.7_9ca15c999435ee05_1.0.1.0_x-ww_b2691301\QtNetwork4.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 197544 c:\windows\WinSxS\x86_smarttech.openssl.vc100.0.9.8_9ca15c999435ee05_1.0.1.0_x-ww_1f2c1caa\ssleay32-vc100-0_9_8i.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 216480 c:\windows\WinSxS\x86_smarttech.openssl.0.9.8_9ca15c999435ee05_1.0.1.0_x-ww_d56396d4\SSLeay32.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 771488 c:\windows\WinSxS\x86_smarttech.ms.vc100.crt_9ca15c999435ee05_1.0.1.0_x-ww_8798010c\msvcr100.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 422304 c:\windows\WinSxS\x86_smarttech.ms.vc100.crt_9ca15c999435ee05_1.0.1.0_x-ww_8798010c\msvcp100.dll
+ 2011-11-10 08:12 . 2011-11-10 08:12 354208 c:\windows\WinSxS\x86_smarttech.js.vc70.1.8_9ca15c999435ee05_1.0.1.0_x-ww_72ec9bd3\MSVCR71.DLL
+ 2011-11-10 08:01 . 2011-11-10 08:01 915360 c:\windows\WinSxS\x86_smarttech.icu.vc100.3.8_9ca15c999435ee05_1.0.1.0_x-ww_a4a09a3b\icuuc38.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 909216 c:\windows\WinSxS\x86_smarttech.icu.vc100.3.8_9ca15c999435ee05_1.0.1.0_x-ww_a4a09a3b\icuin38.dll
+ 2011-11-10 08:12 . 2011-11-10 08:12 358816 c:\windows\WinSxS\x86_smarttech.glew.vc100.1.5_9ca15c999435ee05_1.0.1.0_x-ww_58e13850\glew-vc100-mt-1.5.dll
+ 2011-11-10 08:12 . 2011-11-10 08:12 398240 c:\windows\WinSxS\x86_smarttech.ftgl.vc100.2.1_9ca15c999435ee05_1.0.1.0_x-ww_41228489\ftgl-vc100-mt-2.1.dll
+ 2011-11-10 08:12 . 2011-11-10 08:12 524712 c:\windows\WinSxS\x86_smarttech.boostregex.vc100.1.44_9ca15c999435ee05_1.0.1.0_x-ww_b573fc23\boost_regex-vc100-mt-1_44.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 145328 c:\windows\WinSxS\x86_smarttech.boostfilesystem.vc100.1.44_9ca15c999435ee05_1.0.1.0_x-ww_63375869\boost_filesystem-vc100-mt-1_44.dll
- 2008-03-13 21:53 . 2008-03-13 21:53 221184 c:\windows\system32\Tiff32.dll
+ 2008-03-13 22:53 . 2008-03-13 22:53 221184 c:\windows\system32\TIFF32.DLL
- 2008-03-13 21:53 . 2008-03-13 21:53 221184 c:\windows\system32\spool\drivers\w32x86\Tiff32.dll
+ 2008-03-13 22:53 . 2008-03-13 22:53 221184 c:\windows\system32\spool\drivers\w32x86\TIFF32.DLL
- 2008-03-13 21:53 . 2008-03-13 21:53 110592 c:\windows\system32\spool\drivers\w32x86\JPeg32.dll
+ 2008-03-13 22:53 . 2008-03-13 22:53 110592 c:\windows\system32\spool\drivers\w32x86\JPEG32.DLL
+ 2007-03-14 03:06 . 2007-03-14 03:06 178176 c:\windows\system32\spool\drivers\w32x86\BuEUifNT.dll
- 2007-03-14 02:06 . 2007-03-14 02:06 178176 c:\windows\system32\spool\drivers\w32x86\BuEUifNT.dll
- 2008-03-13 21:53 . 2008-03-13 21:53 221184 c:\windows\system32\spool\drivers\w32x86\2\Tiff32.dll
+ 2008-03-13 22:53 . 2008-03-13 22:53 221184 c:\windows\system32\spool\drivers\w32x86\2\TIFF32.DLL
- 2008-03-13 21:53 . 2008-03-13 21:53 110592 c:\windows\system32\spool\drivers\w32x86\2\JPeg32.dll
+ 2008-03-13 22:53 . 2008-03-13 22:53 110592 c:\windows\system32\spool\drivers\w32x86\2\JPEG32.DLL
+ 2007-03-14 03:06 . 2007-03-14 03:06 178176 c:\windows\system32\spool\drivers\w32x86\2\BuEUifNT.dll
- 2007-03-14 02:06 . 2007-03-14 02:06 178176 c:\windows\system32\spool\drivers\w32x86\2\BuEUifNT.dll
+ 2011-07-13 20:14 . 2011-07-13 20:14 329072 c:\windows\system32\Smart Bulb Saver.scr
+ 2008-03-13 22:53 . 2008-03-13 22:53 110592 c:\windows\system32\JPEG32.DLL
- 2008-03-13 21:53 . 2008-03-13 21:53 110592 c:\windows\system32\JPeg32.dll
- 2008-12-23 02:43 . 2011-10-15 15:03 317152 c:\windows\system32\FNTCACHE.DAT
+ 2008-12-23 02:43 . 2011-11-10 21:26 317152 c:\windows\system32\FNTCACHE.DAT
+ 2011-11-10 08:04 . 2011-07-13 20:17 131440 c:\windows\system32\DRVSTORE\smartlowri_360AF12BA550DABF74159B21B318F61109C265F2\i386\NWTransLibLR.sys
- 2011-06-09 06:04 . 2011-01-25 16:15 131440 c:\windows\system32\DRVSTORE\smartlowri_360AF12BA550DABF74159B21B318F61109C265F2\i386\NWTransLibLR.sys
+ 2007-03-14 02:58 . 2007-03-14 02:58 245760 c:\windows\system32\BuERmvNT.dll
- 2007-03-14 01:58 . 2007-03-14 01:58 245760 c:\windows\system32\BuERmvNT.dll
+ 2007-03-14 03:06 . 2007-03-14 03:06 222208 c:\windows\system32\BuEMonNT.dll
- 2007-03-14 02:06 . 2007-03-14 02:06 222208 c:\windows\system32\BuEMonNT.dll
+ 2007-03-14 03:06 . 2007-03-14 03:06 143360 c:\windows\system32\BuEAppNT.exe
- 2007-03-14 02:06 . 2007-03-14 02:06 143360 c:\windows\system32\BuEAppNT.exe
- 2007-02-21 10:17 . 2007-02-21 10:17 225280 c:\windows\system32\BiImgUser.dll
+ 2007-02-21 11:17 . 2007-02-21 11:17 225280 c:\windows\system32\BiImgUser.dll
+ 2011-11-10 08:13 . 2011-11-10 08:13 657920 c:\windows\Installer\8a896.msi
+ 2011-11-10 08:12 . 2011-11-10 08:12 411544 c:\windows\Installer\{ED0FF410-41B9-441F-B457-4AC81782E8BF}\ProgramGroupShortc_CADC6125E7B9450EB1F28DB23A9A66FB.exe
+ 2011-11-10 08:12 . 2011-11-10 08:12 411544 c:\windows\Installer\{ED0FF410-41B9-441F-B457-4AC81782E8BF}\DeskTopShortcut_D7119F716C41415F8974B79B252BB608.exe
+ 2011-11-10 08:12 . 2011-11-10 08:12 411544 c:\windows\Installer\{ED0FF410-41B9-441F-B457-4AC81782E8BF}\BridgitShortcut_FA4C725DA7B14090AF4B33F3AE468C49.exe
+ 2011-11-10 08:12 . 2011-11-10 08:12 411544 c:\windows\Installer\{ED0FF410-41B9-441F-B457-4AC81782E8BF}\ARPPRODUCTICON.exe
+ 2011-11-10 08:04 . 2011-11-10 08:04 411544 c:\windows\Installer\{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}\VideoPlyerShortcut_073B17DB79834D7BB9CF2D04D969210C.exe
+ 2011-11-10 08:04 . 2011-11-10 08:04 411544 c:\windows\Installer\{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}\SpotlightShortcut_F2F4CFC9AFDD4662AEECD5B988EF878F.exe
+ 2011-11-10 08:04 . 2011-11-10 08:04 411544 c:\windows\Installer\{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}\ScreenShadeShortcu_A2C3CEC4270B403D8881B1DFA451D575.exe
+ 2011-11-10 08:04 . 2011-11-10 08:04 411544 c:\windows\Installer\{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}\SBT_Shortcut_54C96668BC584D59B632C32F566397E1.exe
+ 2011-11-10 08:04 . 2011-11-10 08:04 411544 c:\windows\Installer\{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}\RecorderShortcut_F4692AD7CADD4B6AB1802D2E03F199E9.exe
+ 2011-11-10 08:04 . 2011-11-10 08:04 411544 c:\windows\Installer\{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}\OrientShortcut_65D3985178EF461395C54B015645289D.exe
+ 2011-11-10 08:04 . 2011-11-10 08:04 411544 c:\windows\Installer\{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}\MagnifierShortcut_E067F5D1E4DF408F9AEF6AD5CEB542ED.exe
+ 2011-11-10 08:04 . 2011-11-10 08:04 411544 c:\windows\Installer\{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}\CPShortcut_95A2066DFEA54BF38E6201A16A51B2AC.exe
+ 2011-11-10 08:04 . 2011-11-10 08:04 411544 c:\windows\Installer\{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}\BridgitShortcut_84DF25D161BE4BCD8495492D33C3F60D.exe
+ 2011-11-10 08:04 . 2011-11-10 08:04 411544 c:\windows\Installer\{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}\ARPPRODUCTICON.exe
+ 2011-11-10 08:01 . 2011-11-10 08:01 411544 c:\windows\Installer\{0E5DD7A3-BE29-430C-970B-C553F4A58C39}\SPUShortcut_D12A8EC24A2F429DA7DE0D66BF170728.exe
+ 2011-11-10 08:12 . 2011-11-10 08:12 2364840 c:\windows\WinSxS\x86_smarttech.xqilla.vc100.1.1_9ca15c999435ee05_1.0.1.0_x-ww_115db9e6\xqilla-vc100-1_0.dll
+ 2011-11-10 08:12 . 2011-11-10 08:12 1911720 c:\windows\WinSxS\x86_smarttech.xerces.vc100.2.8b_9ca15c999435ee05_1.0.1.0_x-ww_d34bb9ed\xercesc-vc100-2_8.dll
+ 2011-11-10 08:12 . 2011-11-10 08:12 2848680 c:\windows\WinSxS\x86_smarttech.xalan.vc100.1.10b_9ca15c999435ee05_1.0.1.0_x-ww_eda42499\xalanc-vc100-1_10.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 2310056 c:\windows\WinSxS\x86_smarttech.redland.vc100.1.0_9ca15c999435ee05_1.0.1.0_x-ww_77050792\redland-vc100-1_0_9.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 8266656 c:\windows\WinSxS\x86_smarttech.qt.vc100.4.7_9ca15c999435ee05_1.0.1.0_x-ww_b2691301\QtGui4.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 2296736 c:\windows\WinSxS\x86_smarttech.qt.vc100.4.7_9ca15c999435ee05_1.0.1.0_x-ww_b2691301\QtCore4.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 1019816 c:\windows\WinSxS\x86_smarttech.openssl.vc100.0.9.8_9ca15c999435ee05_1.0.1.0_x-ww_1f2c1caa\libeay32-vc100-0_9_8i.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 1034656 c:\windows\WinSxS\x86_smarttech.openssl.0.9.8_9ca15c999435ee05_1.0.1.0_x-ww_d56396d4\Libeay32.dll
+ 2011-11-10 08:01 . 2011-11-10 08:01 4367264 c:\windows\WinSxS\x86_smarttech.ms.mfc.vc100_9ca15c999435ee05_1.0.1.0_x-ww_7a516011\mfc100u.dll
+ 2011-11-10 08:12 . 2011-11-10 08:12 1030048 c:\windows\WinSxS\x86_smarttech.js.vc70.1.8_9ca15c999435ee05_1.0.1.0_x-ww_72ec9bd3\js32.dll
+ 2011-11-10 08:12 . 2011-11-10 08:12 2362280 c:\windows\WinSxS\x86_smarttech.FreeImage.vc100.3.14_9ca15c999435ee05_1.0.1.0_x-ww_4ee64e80\FreeImage-vc100-mt-3.14.dll
+ 2011-11-10 08:04 . 2011-06-16 19:00 1461992 c:\windows\system32\DRVSTORE\smartlowri_360AF12BA550DABF74159B21B318F61109C265F2\i386\WdfCoInstaller01009.dll
- 2011-06-09 06:04 . 2011-01-25 15:46 1461992 c:\windows\system32\DRVSTORE\smartlowri_360AF12BA550DABF74159B21B318F61109C265F2\i386\WdfCoInstaller01009.dll
+ 2011-11-10 08:04 . 2011-11-10 08:04 9166336 c:\windows\Installer\89eeb.msi
+ 2011-11-10 08:01 . 2011-11-10 08:01 1630720 c:\windows\Installer\89b2b.msi
+ 2011-11-10 08:01 . 2011-11-10 08:01 11184032 c:\windows\WinSxS\x86_smarttech.icu.vc100.3.8_9ca15c999435ee05_1.0.1.0_x-ww_a4a09a3b\icudt38.dll
+ 2011-11-10 08:12 . 2011-11-10 08:12 12833280 c:\windows\Installer\8a890.msi
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 14:04 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PrtScr by FireStarter"="c:\program files\PrtScr\PrtScr.exe" [2008-03-19 1375744]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"ISUSPM"="c:\documents and settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]
"TuneUp MemOptimizer"="c:\program files\TuneUp Utilities 2008\MemOptimizer.exe" [2008-07-01 148480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2008-05-12 318488]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2011-02-10 1871872]
"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2008-05-14 61440]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-10-07 2171904]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-06-13 73728]
"WrtMon.exe"="c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
"WheelMouse"="c:\advanc~1\wh_exec.exe" [2008-10-08 147456]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2011-02-23 3451496]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1040384]
"VX1000"="c:\windows\vVX1000.exe" [2006-10-13 707376]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2006-10-13 277296]
"HPUsageTrackingLEDM"="c:\program files\HP\HP UT LEDM\bin\hppusg.exe" [2009-08-04 30264]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-05-22 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-05-22 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-05-22 137752]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" [2010-12-03 141368]
"SMART Board Tools"="c:\program files\SMART Technologies\Education Software\SMARTBoardTools.exe" [2011-06-23 9800560]
.
c:\documents and settings\Jirka\Nabídka Start\Programy\Po spuštění\
Kooperativa - PDF Server.lnk - c:\program files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe [2011-1-19 2499072]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-6 561213]
Spb Backup Sync.lnk - c:\program files\Spb Backup\SpbBackupSync.exe [2010-11-17 430080]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2007-06-08 08:04 49152 ----a-r- c:\windows\system32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Kooperativa\\KalkZiv\\Kalk_ziv.exe"=
"c:\\Cibis\\CibisWebStandalone\\programs\\jdk1.5.0_11\\bin\\java.exe"=
"c:\\WINDOWS\\system32\\CNAC3RPK.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"$INSTDIR\\FlvDetector.exe"= c:\\Program Files\\FlashGet Network\\FlashGet 3\\FlvDetector.exe
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Documents and Settings\\Jirka\\Plocha\\Counter-Strike 1.6 + Half-Life\\hl.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Documents and Settings\\Jirka\\Plocha\\Přehrávač\\vlc-1.0.3\\vlc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\UCGui.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\SMARTSNMPAgent.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\UCService.exe"=
"c:\\Program Files\\SMART Technologies\\Education Software\\VantageService.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12001:UDP"= 12001:UDP:SMART WebServer Handshake Multicast Port
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [6.4.2011 11:04 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.2.2009 18:53 301528]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [23.12.2008 21:31 142592]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 9:28 73728]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.2.2009 18:53 19544]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [15.1.2011 21:50 21992]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R2 MSSQL$EWAYSQL;SQL Server (EWAYSQL);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [10.12.2010 17:29 29293408]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27.1.2010 3:09 50704]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [23.12.2008 3:49 576024]
R2 SMART Display Controller;SMART Display Controller;c:\program files\SMART Technologies\Education Software\UCService.exe [13.7.2011 21:14 311664]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [23.12.2008 3:59 193840]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
R3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\drivers\whfltr2k.sys [25.1.2007 16:45 6784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [24.6.2009 10:57 136704]
S2 KoopPdfService;KoopPdfService;c:\program files\Kooperativa\Services\KoopPDFServer.exe [6.4.2010 10:29 450560]
S3 DAMDrv;DAMDrv;c:\windows\system32\drivers\DAMDrv.sys [23.12.2008 3:44 30008]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [8.6.2007 9:06 172131]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [22.1.2011 17:04 36608]
S3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [28.1.2011 14:30 17408]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [16.12.2009 21:56 47360]
S3 whmice2k;Advanced Wheel Mouse Upper Filter Driver;c:\windows\system32\drivers\whmice2k.sys [26.4.2004 8:38 6885]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [22.7.2010 20:44 136176]
S4 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [22.7.2010 20:44 136176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-04-16 10:07 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-11-10 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:09]
.
2011-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-22 19:44]
.
2011-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-22 19:44]
.
2011-11-10 c:\windows\Tasks\User_Feed_Synchronization-{E3430533-6183-4872-9962-2615D3124D1E}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://idnes.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\program files\PC Translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\program files\PC Translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\program files\PC Translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\program files\PC Translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\program files\PC Translat\WEBIE.DLL
Trusted Zone: cpp.cz\sus
Trusted Zone: mpss.cz\portal
TCP: DhcpNameServer = 10.255.255.10 10.255.255.20
DPF: {2AB1C516-6654-4D3A-B3D6-2185BBCEB409} - hxxps://vpngw1.allianz.cz/+CSCOL+/csvrloader32.cab
FF - ProfilePath - c:\documents and settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\92p8gp1v.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.idnes.cz/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 300
FF - user.js: content.notify.interval - 100000
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.switch.threshold - 650000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-11 00:09
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe???????????????????????|?M?|?????M?|??@
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1120)
c:\windows\system32\DeviceNP.dll
.
- - - - - - - > 'explorer.exe'(428)
c:\program files\ScanSoft\OmniPageSE4\OpHookSE4.dll
c:\windows\system32\btmmhook.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-11-11 00:14:02
ComboFix-quarantined-files.txt 2011-11-10 23:13
ComboFix2.txt 2011-11-09 20:47
.
Před spuštěním: Volných bajtů: 33 103 749 120
Po spuštění: Volných bajtů: 33 105 088 512
.
- - End Of File - - 0DB590831361907B65DCCC559C154BAC

[Roli]

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jaký je stav PC.

[pstreda]

Zdá se, že notebook ztichl a běží zase normálně, tzn. zvýšený chod větráku se koná pouze při zvýšení výkonu a při běhu náročnějších aplikací.

Děkuji za pomoc

[Roli]

Není zač.