Prosím o kontrolu logu

Zpráva

jardinero · #1 Příspěvek od **jardinero** » 10 led 2011 19:50

Dobrý večer,
prosím o kontrolu logu, omylem jsem ho napsal do horní sekce..

Děkuji moc

Logfile of random's system information tool 1.08 (written by random/random)
Run by Kubajs at 2011-01-10 19:39:38
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (8%) free of 191 GB
Total RAM: 2047 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:39:46, on 10.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS1\System32\smss.exe
C:\WINDOWS1\system32\winlogon.exe
C:\WINDOWS1\system32\services.exe
C:\WINDOWS1\system32\lsass.exe
C:\WINDOWS1\system32\svchost.exe
C:\WINDOWS1\System32\svchost.exe
C:\WINDOWS1\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS1\Explorer.EXE
C:\WINDOWS1\system32\ZoneLabs\vsmon.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS1\system32\spoolsv.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS1\system32\CTHELPER.EXE
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS1\system32\rundll32.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\PROGRA~2\AVG\AVG9\avgtray.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\PROGRA~2\MICROS~4\rapimgr.exe
C:\WINDOWS1\system32\ctfmon.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bluetooth Software\BTTray.exe
C:\Program Files\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS1\system32\CTsvcCDA.exe
C:\WINDOWS1\system32\FsUsbExService.Exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS1\system32\nvsvc32.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Transoft Solutions\License Server\TransoftLS.exe
C:\WINDOWS1\system32\MsPMSPSv.exe
C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS1\system32\wbem\wmiapsrv.exe
C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\totalcmd 7.04\TOTALCMD.EXE
c:\DC\RSIT.exe
C:\Program Files\trend micro\Kubajs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
R3 - URLSearchHook: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WINXML2 Class - {314A5833-8490-4a3b-904A-110444F25E50} - C:\WINDOWS1\winxml2a.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: D - {D23C6D0E-9A1E-3801-8228-6A9C4967A987} - C:\WINDOWS1\system32\xwr61816.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS1\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS1\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS1\UpdReg.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Acronis True Image Monitor] "C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS1\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [TViXNetShare] C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS1\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~2\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~2\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~2\MICROS~4\INetRepl.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS1\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS1\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{8041D8AF-9966-4517-B07D-5FE650DF7723}: NameServer = 10.11.0.251,10.11.1.101
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = brevnov.czf,czf
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = brevnov.czf,czf
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = brevnov.czf,czf
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = brevnov.czf,czf
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS1\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS1\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS1\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS1\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate1c98f8165f2db53) (gupdate1c98f8165f2db53) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS1\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Transoft Solutions License Server V1.6 - Unknown owner - C:\Program Files\Transoft Solutions\License Server\TransoftLS.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS1\system32\ZoneLabs\vsmon.exe

--
End of file - 14338 bytes

======Scheduled tasks folder======

C:\WINDOWS1\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS1\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-09-22 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-10-16 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{314A5833-8490-4a3b-904A-110444F25E50}]
WINXML2 Class - C:\WINDOWS1\winxml2a.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-11-24 1623392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]
ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZone.dll [2010-05-09 2517088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-10-06 2475336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D23C6D0E-9A1E-3801-8228-6A9C4967A987}]
D - C:\WINDOWS1\system32\xwr61816.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-07-29 1153024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-10-06 2475336]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - ZoneAlarm Spy Blocker Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-10-16 333192]
{66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - ZoneAlarm Toolbar - C:\Program Files\ZoneAlarm\tbZone.dll [2010-05-09 2517088]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-05-26 591336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS1\system32\NvCpl.dll [2005-07-20 7110656]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS1\system32\NvMcTray.dll [2005-07-20 86016]
"CTSysVol"=C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe [2003-09-17 57344]
"CTDVDDET"=C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE [2003-06-18 45056]
"CTHelper"=C:\WINDOWS1\system32\CTHELPER.EXE [2003-10-06 24576]
"SBDrvDet"=C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe [2002-12-03 45056]
"UpdReg"=C:\WINDOWS1\UpdReg.EXE [2000-05-11 90112]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]
"Acronis True Image Monitor"=C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe [2008-05-22 475990]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2008-05-22 65536]
"NeroFilterCheck"=C:\WINDOWS1\system32\NeroCheck.exe [2001-07-09 155648]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2007-08-07 200704]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-07-29 1024512]
"AVG9_TRAY"=C:\PROGRA~2\AVG\AVG9\avgtray.exe [2010-11-24 2069344]
"NPSStartup"= []
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 153608]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-06-23 1043968]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2010-05-26 730600]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RemoteCenter"=C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE [2003-10-08 139264]
"Start WingMan Profiler"= []
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe -NoStart []
"TViXNetShare"=C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe [2008-02-14 858624]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-12-22 106952]
"ctfmon.exe"=C:\WINDOWS1\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users.WINDOWS1\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
BTTray.lnk - C:\Program Files\Bluetooth Software\BTTray.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS1\system32\avgrsstx.dll [2010-07-18 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS1\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=0xFFFFFFFF

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\Autodesk\Backburner\monitor.exe"="C:\Program Files\Autodesk\Backburner\monitor.exe:*:Enabled:backburner 2.3 monitor"
"C:\Program Files\Autodesk\Backburner\manager.exe"="C:\Program Files\Autodesk\Backburner\manager.exe:*:Enabled:backburner 2.3 manager"
"C:\Program Files\Autodesk\Backburner\server.exe"="C:\Program Files\Autodesk\Backburner\server.exe:*:Enabled:backburner 2.3 server"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe"="C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe:*:Enabled:TViXNetShare"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\WINDOWS1\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS1\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.scr - open - "C:\WINDOWS1\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-01-10 19:39:38 ----D---- C:\rsit
2011-01-10 19:39:38 ----D---- C:\Program Files\trend micro
2011-01-10 17:19:42 ----SHD---- C:\Config.Msi
2011-01-09 19:50:34 ----A---- C:\WINDOWS1\system32\msonpmon.dll
2011-01-09 19:43:21 ----D---- C:\Documents and Settings\All Users.WINDOWS1\Data aplikací\Microsoft Help
2011-01-05 18:42:11 ----D---- C:\Documents and Settings\Kubajs\Data aplikací\pdf995
2011-01-05 18:42:11 ----A---- C:\WINDOWS1\pdf995.ini
2011-01-05 18:33:36 ----D---- C:\Documents and Settings\All Users.WINDOWS1\Data aplikací\pdf995
2011-01-05 18:33:36 ----A---- C:\WINDOWS1\system32\pdfmona.dll
2011-01-05 18:33:36 ----A---- C:\WINDOWS1\system32\pdf995mon.dll
2011-01-05 18:33:35 ----D---- C:\Program Files\pdf995
2010-12-26 21:53:47 ----A---- C:\WINDOWS1\system32\javaws.exe
2010-12-26 21:53:47 ----A---- C:\WINDOWS1\system32\javaw.exe
2010-12-26 21:53:47 ----A---- C:\WINDOWS1\system32\java.exe

======List of files/folders modified in the last 1 months======

2011-01-10 19:39:47 ----D---- C:\WINDOWS1\Prefetch
2011-01-10 19:39:40 ----D---- C:\WINDOWS1\Internet Logs
2011-01-10 19:39:38 ----RD---- C:\Program Files
2011-01-10 19:39:16 ----A---- C:\WINDOWS1\wincmd.ini
2011-01-10 19:39:07 ----D---- C:\DC
2011-01-10 18:58:00 ----D---- C:\WINDOWS1\Temp
2011-01-10 17:25:18 ----D---- C:\Dokumenty
2011-01-10 17:24:55 ----SHD---- C:\WINDOWS1\Installer
2011-01-10 17:22:52 ----RSD---- C:\WINDOWS1\assembly
2011-01-10 17:22:36 ----SD---- C:\Documents and Settings\All Users.WINDOWS1\Data aplikací\Microsoft
2011-01-10 17:22:36 ----D---- C:\Program Files\Microsoft Office
2011-01-10 17:22:36 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-10 17:22:35 ----D---- C:\Program Files\Microsoft.NET
2011-01-10 17:22:20 ----D---- C:\WINDOWS1\ShellNew
2011-01-10 17:21:34 ----D---- C:\Program Files\MSBuild
2011-01-10 17:21:18 ----RSD---- C:\WINDOWS1\Fonts
2011-01-10 17:21:17 ----D---- C:\WINDOWS1\system32
2011-01-10 17:20:01 ----D---- C:\Program Files\Common Files\System
2011-01-10 17:19:57 ----A---- C:\WINDOWS1\win.ini
2011-01-10 17:18:34 ----HD---- C:\WINDOWS1\inf
2011-01-10 17:04:26 ----D---- C:\Documents and Settings\Kubajs\Data aplikací\uTorrent
2011-01-10 16:24:15 ----D---- C:\WINDOWS1\system32\drivers\Avg
2011-01-10 16:18:13 ----D---- C:\WINDOWS1
2011-01-10 16:17:44 ----D---- C:\WINDOWS1\system32\CatRoot2
2011-01-10 16:16:35 ----A---- C:\WINDOWS1\SchedLgU.Txt
2011-01-09 20:01:14 ----SD---- C:\Documents and Settings\Kubajs\Data aplikací\Microsoft
2011-01-09 19:50:15 ----D---- C:\WINDOWS1\system32\config
2011-01-04 19:27:08 ----A---- C:\WINDOWS1\NeroDigital.ini
2010-12-26 21:53:45 ----D---- C:\Program Files\Java
2010-12-19 23:38:43 ----D---- C:\Program Files\uTorrent
2010-12-19 20:05:07 ----D---- C:\Documents and Settings\Kubajs\Data aplikací\Adobe
2010-12-19 19:38:31 ----D---- C:\Documents and Settings\All Users.WINDOWS1\Data aplikací\Adobe
2010-12-17 17:13:54 ----D---- C:\Program Files\Opera
2010-12-13 17:06:16 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTKRNL;Bluetooth Protocol Stack; C:\WINDOWS1\system32\drivers\btkrnl.sys [2003-10-15 1257418]
R0 d347bus;d347bus; C:\WINDOWS1\system32\DRIVERS\d347bus.sys [2004-08-22 155136]
R0 d347prt;d347prt; C:\WINDOWS1\System32\Drivers\d347prt.sys [2004-08-22 5248]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS1\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 giveio;giveio; C:\WINDOWS1\system32\giveio.sys [1996-04-03 5248]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS1\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS1\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS1\system32\DRIVERS\snapman.sys [2008-05-22 78752]
R0 timounter;Acronis TrueImage Backup Archive Explorer; C:\WINDOWS1\system32\DRIVERS\timntr.sys [2008-05-22 202528]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS1\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 Asapi;Asapi; C:\WINDOWS1\system32\drivers\Asapi.sys [2002-04-17 11264]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS1\System32\Drivers\avgldx86.sys [2010-07-18 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS1\System32\Drivers\avgmfx86.sys [2010-06-02 29584]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS1\System32\Drivers\avgtdix.sys [2010-07-18 243024]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS1\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SCDEmu;SCDEmu; C:\WINDOWS1\system32\drivers\SCDEmu.sys [2007-08-07 33052]
R1 StarOpen;StarOpen; C:\WINDOWS1\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 vsdatant;vsdatant; C:\WINDOWS1\System32\vsdatant.sys [2010-05-13 532224]
R2 ASPI32;ASPI32; C:\WINDOWS1\system32\drivers\ASPI32.sys [2002-07-17 16877]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS1\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS1\system32\drivers\btslbcsp.sys []
R2 HPFECP13;HPFECP13; C:\WINDOWS1\System32\drivers\HPFECP13.SYS [1998-09-25 52800]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys []
R2 PfDetNT;PfDetNT; \??\C:\WINDOWS1\system32\drivers\PfModNT.sys []
R2 tifsfilter;Acronis TrueImage FS Filter; C:\WINDOWS1\system32\DRIVERS\tifsfilt.sys [2008-05-22 28064]
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS1\SYSTEM32\DRIVERS\WibuKey.sys [2007-08-21 72704]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS1\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 btaudio;Bluetooth Audio; C:\WINDOWS1\system32\drivers\btaudio.sys [2003-10-15 21861]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS1\system32\DRIVERS\btport.sys [2003-10-15 30235]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS1\system32\DRIVERS\btwdndis.sys [2003-10-15 146812]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS1\system32\drivers\ctac32k.sys [2003-11-05 645392]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS1\system32\drivers\ctaud2k.sys [2003-11-19 366160]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS1\system32\drivers\ctprxy2k.sys [2003-10-08 6096]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS1\system32\drivers\ctsfm2k.sys [2003-10-08 130288]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS1\system32\drivers\emupia2k.sys [2003-10-13 145488]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS1\system32\FsUsbExDisk.SYS []
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS1\system32\drivers\ha10kx2k.sys [2003-10-21 904496]
R3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS1\system32\drivers\hap16v2k.sys [2003-10-21 148432]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS1\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS1\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS1\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS1\system32\DRIVERS\nv4_mini.sys [2005-07-20 3198368]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS1\system32\drivers\ctoss2k.sys [2003-10-08 178672]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS1\System32\Drivers\Pcouffin.sys [2010-07-29 47360]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS1\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS1\system32\DRIVERS\Rtlnicxp.sys [2004-10-15 71168]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS1\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS1\system32\drivers\WmBEnum.sys [2009-09-11 22792]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS1\system32\drivers\WmFilter.sys [2009-09-11 35592]
R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS1\system32\drivers\WmHidLo.sys [2009-09-11 31752]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS1\system32\drivers\WmVirHid.sys [2009-09-11 14984]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS1\system32\drivers\WmXlCore.sys [2009-09-11 66056]
S0 srescan;srescan; C:\WINDOWS1\system32\ZoneLabs\srescan.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS1\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS1\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS1\System32\Drivers\BTHport.sys [2008-04-14 272896]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS1\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 btwhid;btwhid; C:\WINDOWS1\system32\DRIVERS\btwhid.sys []
S3 BTWUSB;USB Bluetooth Driver; C:\WINDOWS1\System32\Drivers\btwusb.sys [2003-10-15 51848]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS1\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS1\system32\drivers\ctdvda2k.sys [2003-10-14 332800]
S3 HCF_MSFT;HCF_MSFT; C:\WINDOWS1\system32\DRIVERS\HCF_MSFT.sys [2001-10-24 907456]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS1\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS1\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS1\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS1\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS1\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS1\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS1\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RivaTunerEx;RivaTunerEx; \??\C:\Program Files\RivaTuner v2.0 RC 15.5\RivaTunerEx.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS1\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS1\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS1\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS1\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS1\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS1\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbser;USB Modem Driver; C:\WINDOWS1\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS1\system32\DRIVERS\usbser_lowerfltj.sys [2009-12-30 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS1\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS1\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS1\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS1\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS1\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2008-05-22 114688]
R2 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe [2008-10-16 464264]
R2 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-05 85096]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-18 308136]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS1\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\Bluetooth Software\bin\btwdins.exe [2003-10-15 135168]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS1\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS1\system32\FsUsbExService.Exe [2009-12-22 238040]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2010-05-26 493032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 MSSQL$TRANSOFT;SQL Server (TRANSOFT); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
R2 NVSvc;WinFast(R) Display Driver Service; C:\WINDOWS1\system32\nvsvc32.exe [2005-07-20 127043]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 Transoft Solutions License Server V1.6;Transoft Solutions License Server V1.6; C:\Program Files\Transoft Solutions\License Server\TransoftLS.exe [2009-07-01 376832]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS1\system32\ZoneLabs\vsmon.exe [2010-06-23 2435592]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS1\system32\MsPMSPSv.exe [2000-06-26 53520]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS1\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S2 gupdate1c98f8165f2db53;Google Update Service (gupdate1c98f8165f2db53); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-15 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS1\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-10-06 517448]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS1\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-31 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS1\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS1\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS1\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **eda** » 11 led 2011 08:52

Dobré ráno.

1) Spusťte tento program: C:\Program Files\trend micro\Kubajs.exe
vyjukne na vás HiJackThis. Klikněte na Do a system scan and save a logfile. Vybafne na vás log v textovém editoru. Ten zavřete a v samotném HJT zatrhněte čtverečky vedle těchto položek a potom klikněte na Fix Checked:

R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WINXML2 Class - {314A5833-8490-4a3b-904A-110444F25E50} - C:\WINDOWS1\winxml2a.dll (file missing)
O2 - BHO: D - {D23C6D0E-9A1E-3801-8228-6A9C4967A987} - C:\WINDOWS1\system32\xwr61816.dll (file missing)
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)

V HiJackThis: Main Menu - Open the Misc Tools Section - Delete an NT service a do okna vložte ASKService a potvrďte.

Odinstalujte tento program: C:\Program Files\AskBarDis

Potom restartujte počítač, klikněte na MBAM v mém podpise a proveďte scan. Log z MBAM sem vložte.

jardinero · #3 Příspěvek od **jardinero** » 11 led 2011 18:06

Dobrý den,

poprvé když jsem spustil mbam tak mi to našlo celkem 21 škodlivých z toho 3 byly už zaškrtnuté a ty jsem smazal, po restartu jsem udělal tento nový log.
Zatím díky.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5504

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

11.1.2011 18:04:37
mbam-log-2011-01-11 (18-04-28).txt

Typ kontroly: Rychlý test
Testované objekty: 205840
Uplynulý čas: 7 minut, 41 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 6
Infikované hodnoty v registru: 6
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 3

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\PDFFORGE TOOLBAR\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\PDFFORGE TOOLBAR\SEARCHSETTINGS.DLL (PUP.Dealio) -> Value: SEARCHSETTINGS.DLL -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> No action taken.

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\program files\pdfforge toolbar\searchsettings.exe (PUP.Dealio) -> No action taken.
c:\program files\pdfforge toolbar\pdfforgetoolbarie.dll (PUP.Dealio) -> No action taken.
c:\program files\pdfforge toolbar\searchsettings.dll (PUP.Dealio) -> No action taken.

#4 Příspěvek od **eda** » 12 led 2011 08:20

Můžete to smazat.

Pokud nepoužíváte, můžete odinstalovat zbytečné toolbary.

jardinero · #5 Příspěvek od **jardinero** » 12 led 2011 08:42

Děkuji, ale nevím jestli to dobře chápu, když mi mbam přímo zaškrtne soubory k odstranění, tak je můžu smazat, ale pak ještě řekne že jsou další infikované, ty už nejsou automaticky zaškrtnuté. Můžu je označit (infikované klíče či hodnoty v registru) a smazat?
Děkuji moc

#6 Příspěvek od **eda** » 13 led 2011 12:43

Všechno, co MBAM najde, sám odstraní. Z logu je vidět, že su mu nelíbí hlavně toto: c:\program files\pdfforge toolbar.

Paranoidně to označuje za škodlivou věc. Úplně škodlivé to není, jen reklama a otravná věc. Nic jiného MBAM nenašel. Počítač by měl být čistý. To, co MBAM našel, můžete přes něj nechat smazat.

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu