PC-HELP.CZ

6 minut mi trvá načtení systému, prosím o kontrolu

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:57:26, on 16.11.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\ConMet\ConMet.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.atlas.cz/?from=icqhp
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - (no file)
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [ConMet] C:\Program Files\ConMet\ConMet.exe
O4 - HKLM\..\Run: [AdVantage Setup] C:\WINDOWS\Installer\MSI16.tmp
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: APC UPS Status.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 7437555218
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6856779218
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8139608121
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DA296C35-9602-496E-B75A-7D30844FCA9C}: NameServer = 192.168.1.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

--
End of file - 10573 bytes

//Opravil sem ti pravopisnou chybu v názvu. Sorry, ale hrozně to bije do očí.
//Rewqa

Fix v HJT:

Nic závadného.
vyčisti systém CCleanerem
a RegCleanerem
Aktualizuj javu:
Java SE Runtime Environment 6u10

Vyber OS ( předpokládám Windows), zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u10-windows-i586-p.exe
Ostatní javy odeber v přidat/odebrat programy.

Defragmentuj HDD.

Vše provedeno akorát po analýze defragmentece píše že svazek není potřeba defragmentovat.
Restart stále pomalí



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:42:10, on 17.11.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\tsnpstd3.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\ConMet\ConMet.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.atlas.cz/?from=icqhp
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQToolbar\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [ConMet] C:\Program Files\ConMet\ConMet.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: APC UPS Status.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 7437555218
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6856779218
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8139608121
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DA296C35-9602-496E-B75A-7D30844FCA9C}: NameServer = 192.168.1.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

--
End of file - 10973 bytes

Java aktualizovaná není...
Stáhni si SDFix
- Spusť ho a rozbalí se ti na disk kde je nainstalovaný Windows (typicky to je C:\SDfix)
- Pak restartuj PC do nouzového režimu (zvol možnost: Stav nouze, ne Stav nouze s práci v síti)
- Otevři adresář kde je vybalený SDFix a spusť soubor RunThis.bat tím spustíš program.
* Pak stiskni klávesu Y a pak Enter pro zahájení čistícího procesu.
* Pro dokončení kontroly budeš vyzván ke stisknutí libovolné klávesy a počítač se restartuje.
* Při nabíhání operačního systému se program spustí znovu a dokončí čistící proces. Až se objeví Finish, budeš muset po vyzvání stisknout libovolnou klávesu, tim se ukončí program a zobrazí se ti ikony na ploše
- Když se skončí načítání ikon na ploše, otevře se ti na obrazovce log z SDFix a zároveň ho uloží do adresáře kde je rozbalený SDFix jako soubor Report.txt
Pak sem zkopíruj jeho obsah + nový log z HJT+ mrkni se jestli ti pod Startem nechybí nějaké ikony, zobrazují se ti disky pod Tento počítač....

Po restartu SDFix píše Systém nemůže najít uvedený soubor. Pořád to hledá ale nic se neděje

Vypni rez. ochranu AVG.
Stáhni si ComboFix (by sUBs)

a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

ComboFix 08-11-16.05 - Petr 2008-11-17 17:28:28.5 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.1498 [GMT 1:00]
Spuštěný z: c:\documents and settings\Petr\Plocha\ComboFix.exe
* Vytvořen nový Bod Obnovení

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\install.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2008-10-17 do 2008-11-17 )))))))))))))))))))))))))))))))
.

2008-11-17 15:51 . 2008-11-17 15:51 <DIR> d-------- c:\windows\ERUNT
2008-11-17 15:47 . 2008-11-17 17:22 <DIR> d-------- C:\SDFix
2008-11-17 13:04 . 2008-11-17 13:04 <DIR> d-------- c:\program files\Java
2008-11-17 13:04 . 2008-11-17 13:04 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-17 13:04 . 2008-11-17 13:04 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-17 00:21 . 2008-11-17 00:21 <DIR> d-------- c:\program files\ICQToolbar
2008-11-17 00:19 . 2008-11-17 00:22 <DIR> d-------- c:\program files\ICQ6
2008-11-16 18:37 . 2008-08-14 14:26 2,191,360 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-16 18:37 . 2008-08-14 14:26 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-11-16 18:37 . 2008-08-14 14:26 2,068,224 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-16 18:37 . 2008-08-14 14:26 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-11-16 18:37 . 2007-03-08 06:09 1,024,000 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2008-11-16 18:37 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-16 18:35 . 2008-06-14 18:35 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2008-11-16 18:33 . 2008-07-18 22:10 45,768 --a------ c:\windows\system32\wups2.dll
2008-11-16 09:12 . 2008-04-14 07:52 219,648 --a------ c:\windows\system32\uxtheme.uxtender
2008-11-15 23:35 . 2001-10-25 13:00 1,875,968 --a--c--- c:\windows\system32\dllcache\msir3jp.lex
2008-11-15 23:34 . 2008-04-14 07:46 13,463,552 --a--c--- c:\windows\system32\dllcache\hwxjpn.dll
2008-11-15 23:33 . 2004-05-13 00:39 876,653 --a--c--- c:\windows\system32\dllcache\fp4awel.dll
2008-11-15 23:30 . 2008-11-15 23:30 749 -rah----- c:\windows\WindowsShell.Manifest
2008-11-15 23:30 . 2008-11-15 23:30 749 -rah----- c:\windows\system32\wuaucpl.cpl.manifest
2008-11-15 23:30 . 2008-11-15 23:30 749 -rah----- c:\windows\system32\sapi.cpl.manifest
2008-11-15 23:30 . 2008-11-15 23:30 749 -rah----- c:\windows\system32\nwc.cpl.manifest
2008-11-15 23:30 . 2008-11-15 23:30 749 -rah----- c:\windows\system32\ncpa.cpl.manifest
2008-11-15 23:30 . 2008-11-15 23:30 488 -rah----- c:\windows\system32\logonui.exe.manifest
2008-11-15 23:29 . 2001-10-25 13:00 16,384 --a--c--- c:\windows\system32\dllcache\isignup.exe
2008-11-15 22:57 . 2008-04-14 09:52 144,484 --a--c--- c:\windows\system32\dllcache\netfx.cat
2008-11-15 22:57 . 2008-04-14 09:59 105,628 --a--c--- c:\windows\system32\dllcache\tabletpc.cat
2008-11-15 22:57 . 2008-04-14 09:52 34,747 --a--c--- c:\windows\system32\dllcache\mediactr.cat
2008-11-15 22:57 . 2001-10-25 13:00 24,661 --a------ c:\windows\system32\spxcoins.dll
2008-11-15 22:57 . 2001-10-25 13:00 24,661 --a--c--- c:\windows\system32\dllcache\spxcoins.dll
2008-11-15 22:57 . 2001-10-25 13:00 13,312 --a------ c:\windows\system32\irclass.dll
2008-11-15 22:57 . 2001-10-25 13:00 13,312 --a--c--- c:\windows\system32\dllcache\irclass.dll
2008-11-15 22:57 . 2008-04-14 09:52 10,027 --a--c--- c:\windows\system32\dllcache\MSTSWEB.CAT
2008-11-15 22:57 . 2001-10-25 13:00 8,599 --a--c--- c:\windows\system32\dllcache\IASNT4.CAT
2008-11-15 22:57 . 2001-10-25 13:00 7,382 --a--c--- c:\windows\system32\dllcache\OEMBIOS.CAT
2008-11-15 22:43 . 2008-11-15 22:43 <DIR> d-------- c:\windows\system32\config\systemprofile\Data aplikací\FileSubmit
2008-11-15 22:43 . 2008-11-15 22:43 <DIR> d-------- c:\windows\system32\config\systemprofile\Data aplikací\FileSubmit
2008-11-15 22:33 . 2008-11-15 22:34 <DIR> d-------- c:\documents and settings\Petr\Data aplikací\FileSubmit
2008-11-15 22:33 . 2008-11-15 22:34 <DIR> d-------- c:\documents and settings\Petr\Data aplikací\FileSubmit
2008-11-15 22:30 . 2008-11-15 22:30 <DIR> d-------- c:\windows\icons
2008-11-15 22:30 . 2008-11-15 22:30 <DIR> d-------- c:\program files\FileSubmit
2008-11-15 20:30 . 2008-11-15 22:20 <DIR> d-------- c:\program files\Logon Loader
2008-11-15 17:33 . 2008-11-15 17:34 <DIR> d-------- C:\aleš foto
2008-11-14 12:33 . 2008-11-07 14:25 675,217,408 --a------ C:\WinXP-SP3.iso
2008-11-12 18:04 . 2008-11-12 18:04 <DIR> d-------- c:\program files\MSXML 4.0
2008-11-07 15:05 . 2008-11-07 15:05 <DIR> d-------- c:\program files\Empire Interactive
2008-11-07 15:00 . 2008-11-07 15:00 <DIR> d-------- c:\program files\DAEMON Tools Lite
2008-11-01 12:26 . 2008-11-01 12:26 <DIR> d--h----- C:\ConvertTemp
2008-10-30 15:04 . 2008-10-30 15:04 <DIR> d-------- c:\documents and settings\Petr\Data aplikací\Samsung
2008-10-30 15:04 . 2008-10-30 15:04 <DIR> d-------- c:\documents and settings\Petr\Data aplikací\Samsung
2008-10-29 20:04 . 2006-05-03 22:53 174,592 --a------ c:\windows\system32\framedyn.dll
2008-10-29 20:03 . 2008-10-30 15:00 5,632 --a------ c:\windows\system32\drivers\StarOpen.sys
2008-10-29 20:02 . 2008-10-29 20:03 <DIR> d-------- c:\windows\system32\Samsung_USB_Drivers
2008-10-29 20:02 . 2008-10-30 14:32 <DIR> d-------- c:\program files\Samsung
2008-10-29 20:02 . 2005-08-30 17:59 94,000 --a------ c:\windows\system32\drivers\ss_mdm.sys
2008-10-29 20:02 . 2005-08-30 17:57 58,320 --a------ c:\windows\system32\drivers\ss_bus.sys
2008-10-29 20:02 . 2005-08-30 17:58 8,304 --a------ c:\windows\system32\drivers\ss_mdfl.sys
2008-10-29 20:02 . 2005-08-30 17:58 6,144 --a------ c:\windows\system32\drivers\ss_cmnt.sys
2008-10-29 20:02 . 2005-08-30 17:58 6,144 --a------ c:\windows\system32\drivers\ss_cm.sys
2008-10-29 20:02 . 2005-08-30 17:57 5,808 --a------ c:\windows\system32\drivers\ss_whnt.sys
2008-10-29 20:02 . 2005-08-30 17:57 5,808 --a------ c:\windows\system32\drivers\ss_wh.sys
2008-10-29 20:02 . 2005-08-28 20:51 766 --a------ c:\windows\system32\Uninstall.ico
2008-10-29 15:31 . 2008-10-29 15:31 <DIR> d-------- c:\program files\ConMet
2008-10-27 11:41 . 2008-10-27 11:41 <DIR> d-------- c:\program files\Common Files\StarCam
2008-10-27 11:41 . 2006-06-27 13:50 10,148,480 --a------ c:\windows\system32\drivers\snpstd3.sys
2008-10-27 11:41 . 2006-05-12 11:27 831,488 --a------ c:\windows\vsnpstd3.exe
2008-10-27 11:41 . 2006-06-19 11:43 262,144 --a------ c:\windows\tsnpstd3.exe
2008-10-27 11:41 . 2006-04-12 12:11 147,456 --a------ c:\windows\system32\rsnpstd3.dll
2008-10-27 11:41 . 2004-11-08 13:41 94,208 --a------ c:\windows\amcap.exe
2008-10-27 11:41 . 2005-11-23 13:55 53,248 --a------ c:\windows\system32\csnpstd3.dll
2008-10-27 11:41 . 2004-02-27 17:36 15,498 --a------ c:\windows\snpstd3.ini
2008-10-27 11:41 . 2004-02-27 17:36 13,023 --a------ c:\windows\snpstd3.src
2008-10-27 10:12 . 2008-10-27 10:12 4,444 --a------ c:\windows\system32\pid.PNF
2008-10-27 10:02 . 2008-04-14 09:59 1,246,067 -ra------ c:\windows\SET62.tmp
2008-10-27 10:02 . 2008-04-14 09:52 1,088,840 -ra------ c:\windows\SET65.tmp
2008-10-27 10:02 . 2008-04-14 09:52 16,825 -ra------ c:\windows\SET72.tmp
2008-10-27 09:16 . 2008-10-27 09:18 <DIR> dr------- C:\Program na vytvoření Obrazů Disku
2008-10-26 22:25 . 2008-10-26 22:25 107,888 --a------ c:\windows\system32\CmdLineExt.dll
2008-10-26 22:23 . 2008-10-26 22:24 <DIR> d-------- c:\program files\GameSpy Arcade
2008-10-26 22:21 . 2008-10-26 22:21 <DIR> d-------- c:\program files\Firefly Studios
2008-10-24 19:19 . 2008-10-24 19:19 552 --a------ c:\windows\system32\d3d8caps.dat
2008-10-24 15:15 . 2008-10-24 16:17 <DIR> d-------- c:\documents and settings\Petr\Data aplikací\Aston
2008-10-24 15:15 . 2008-10-24 16:17 <DIR> d-------- c:\documents and settings\Petr\Data aplikací\Aston
2008-10-24 06:58 . 2008-10-24 08:21 <DIR> dr------- C:\Win XP Sp2
2008-10-22 20:43 . 2008-10-24 08:23 <DIR> d-------- c:\program files\nLite
2008-10-21 15:46 . 2008-10-21 15:46 <DIR> d-------- c:\program files\Sunbelt Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-17 16:23 --------- d-----w c:\documents and settings\Petr\Data aplikací\skypePM
2008-11-17 16:23 --------- d-----w c:\documents and settings\Petr\Data aplikací\skypePM
2008-11-17 16:23 --------- d-----w c:\documents and settings\Petr\Data aplikací\Skype
2008-11-17 16:23 --------- d-----w c:\documents and settings\Petr\Data aplikací\Skype
2008-11-17 16:23 --------- d-----w c:\documents and settings\Petr\Data aplikací\ConMet
2008-11-17 16:23 --------- d-----w c:\documents and settings\Petr\Data aplikací\ConMet
2008-11-17 16:23 --------- d-----w c:\documents and settings\All Users\Data aplikací\ConMet
2008-11-17 15:01 31,822 ----a-w c:\windows\system32\drivers\fwdrv.err
2008-11-17 12:11 --------- d-----w c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2008-11-16 08:12 219,648 ----a-w c:\windows\system32\uxtheme.dll
2008-11-15 22:26 --------- d-----w c:\program files\Windows Media Connect 2
2008-11-07 13:57 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-07 13:53 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2008-11-05 14:03 90,632 ----a-w c:\windows\system32\drivers\avgtdix.sys
2008-11-02 10:53 --------- d-----w c:\program files\Warcraft III
2008-10-30 13:32 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-30 11:18 98,440 ----a-w c:\windows\system32\drivers\avgldx86.sys
2008-10-27 10:36 --------- d-----w c:\program files\MSI
2008-10-25 16:08 --------- d-----w c:\documents and settings\All Users\Data aplikací\avg8
2008-10-24 14:28 0 ----a-w c:\program files\AstonWriteTest.txt
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 11:06 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-19 18:16 2,829 ----a-w c:\windows\War3Unin.pif
2008-10-19 18:16 139,264 ----a-w c:\windows\War3Unin.exe
2008-10-19 13:34 --------- d-----w c:\documents and settings\Petr\Data aplikací\Canon
2008-10-19 13:34 --------- d-----w c:\documents and settings\Petr\Data aplikací\Canon
2008-10-10 17:28 --------- d-----w c:\documents and settings\Petr\Data aplikací\Uniblue
2008-10-10 17:28 --------- d-----w c:\documents and settings\Petr\Data aplikací\Uniblue
2008-10-10 17:28 --------- d-----w c:\documents and settings\All Users\Data aplikací\DriverScanner
2008-10-08 20:21 --------- d-----w c:\documents and settings\All Users\Data aplikací\nView_Profiles
2008-10-07 19:11 --------- d-----w c:\program files\Common Files\Adobe
2008-10-06 14:56 --------- d-----w c:\program files\Counter-Strike Source
2008-10-05 08:18 --------- d-----w c:\program files\CCleaner
2008-10-05 08:03 --------- d-----w c:\program files\Yahoo!
2008-10-04 16:11 --------- d-----w c:\program files\Anti Trojan Elite
2008-10-04 15:59 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-10-04 15:59 --------- d-----w c:\documents and settings\Petr\Data aplikací\SUPERAntiSpyware.com
2008-10-04 15:59 --------- d-----w c:\documents and settings\Petr\Data aplikací\SUPERAntiSpyware.com
2008-10-04 12:24 --------- d-----w c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-29 17:41 --------- d-----w c:\documents and settings\All Users\Data aplikací\NVIDIA
2008-09-22 14:18 --------- d-----w c:\program files\Windows Live
2008-09-21 14:34 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2008-09-21 14:34 22,328 ----a-w c:\documents and settings\Petr\Data aplikací\PnkBstrK.sys
2008-09-21 14:34 22,328 ----a-w c:\documents and settings\Petr\Data aplikací\PnkBstrK.sys
2008-09-21 14:33 66,872 ----a-w c:\windows\system32\PnkBstrA.exe
2008-09-21 14:33 103,736 ----a-w c:\windows\system32\PnkBstrB.exe
2008-09-21 14:20 --------- d-----w c:\program files\Activision
2008-09-19 20:50 --------- d-----w c:\documents and settings\All Users\Data aplikací\WLInstaller
2008-09-15 15:27 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-11 16:56 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2008-09-10 01:16 1,307,648 ----a-w c:\windows\system32\msxml6.dll
2008-09-04 17:17 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-26 08:27 826,368 ----a-w c:\windows\system32\wininet.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-13 68856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-09-23 21755688]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-10-23 1235736]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2006-06-19 262144]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-05-12 831488]
"ConMet"="c:\program files\ConMet\ConMet.exe" [2008-10-29 3423232]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-17 136600]
"SDFix"="c:\sdfix\RunThis.bat" [2008-11-06 964661]
"nwiz"="nwiz.exe" [2008-05-16 c:\windows\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 c:\windows\soundman.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
"nltide_2"="shell32" [X]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-17 44544]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
APC UPS Status.lnk - c:\program files\APC\APC PowerChute Personal Edition\Display.exe [2008-09-11 221247]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\Drivers\avgrkx86.sys [2008-07-29 12936]
R0 BootScreen;BootScreen;\SystemRoot\\SystemRoot\System32\drivers\vidstub.sys []
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-07-29 98440]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-07-29 90632]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [2007-04-26 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [2007-04-26 72624]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2008-08-16 269736]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-10-23 874776]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-09-11 231704]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\DRIVERS\psched.sys [2008-04-13 69120]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [2008-08-16 65576]
S2 SPF4;Sunbelt Personal Firewall 4;"c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 1234480]
S3 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);c:\windows\system32\DRIVERS\ss_bus.sys [2008-10-29 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;c:\windows\system32\DRIVERS\ss_mdfl.sys [2008-10-29 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;c:\windows\system32\DRIVERS\ss_mdm.sys [2008-10-29 94000]
S3 TVICHW32;TVICHW32;\??\c:\windows\system32\DRIVERS\TVICHW32.SYS [2008-08-21 23600]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.atlas.cz/?from=icqhp
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
TCP: {DA296C35-9602-496E-B75A-7D30844FCA9C} = 192.168.1.1

c:\windows\Downloaded Program Files\sysreqlab3.dll - O16 -: {1E54D648-B804-468d-BC78-4AFFED8E262E}
hxxp://www.nvidia.com/content/DriverDow ... eqlab3.cab
c:\windows\Downloaded Program Files\SysReqLab3.osd

O16 -: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/L ... nstall.cab
c:\windows\Downloaded Program Files\MSIWDev.inf
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-17 17:34:14
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2008-11-17 17:36:40
ComboFix-quarantined-files.txt 2008-11-17 16:36:34

Před spuštěním: Volných bajtů: 97 848 266 752
Po spuštění: Volných bajtů: 97,876,611,072

263 --- E O F --- 2008-11-12 17:07:40

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

ComboFix 08-11-16.05 - Petr 2008-11-17 18:25:38.6 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.1558 [GMT 1:00]
Spuštěný z: c:\documents and settings\Petr\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Petr\Plocha\CFScript.txt
* Vytvořen nový Bod Obnovení

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\SDFix
c:\sdfix\Add_DBFix_RunOnce_key.inf
c:\sdfix\AdminCheck2.txt
c:\sdfix\apps\assosfix.reg
c:\sdfix\apps\Cghtme.exe
c:\sdfix\apps\cliptext.exe
c:\sdfix\apps\CSweg.exe
c:\sdfix\apps\DBFix.inf
c:\sdfix\apps\download.exe
c:\sdfix\apps\dummy.sys
c:\sdfix\apps\Enable_Command_Prompt.inf
c:\sdfix\apps\Enable_Command_Prompt.reg
c:\sdfix\apps\ERDNT.E_E
c:\sdfix\apps\ERDNTDOS.LOC
c:\sdfix\apps\ERDNTWIN.LOC
c:\sdfix\apps\ERUNT.EXE
c:\sdfix\apps\ERUNT.LOC
c:\sdfix\apps\fix.reg
c:\sdfix\apps\FixBeep.reg
c:\sdfix\apps\FixBH.reg
c:\sdfix\apps\FixComponents.reg
c:\sdfix\apps\FIXCU.reg
c:\sdfix\apps\FIXLM.reg
c:\sdfix\apps\FixPath.exe
c:\sdfix\apps\FixRedir.reg
c:\sdfix\apps\FixSchedule.reg
c:\sdfix\apps\FixWebCheck.reg
c:\sdfix\apps\fixXP.reg
c:\sdfix\apps\FixXPsp2.reg
c:\sdfix\apps\grep.exe
c:\sdfix\apps\HaxdFix.reg
c:\sdfix\apps\HPFix.reg
c:\sdfix\apps\HPFix2.reg
c:\sdfix\apps\HPFix3.reg
c:\sdfix\apps\HPFix4.reg
c:\sdfix\apps\HPFix5.reg
c:\sdfix\apps\HPFix6.reg
c:\sdfix\apps\HPFix7.reg
c:\sdfix\apps\HPFix8.reg
c:\sdfix\apps\HPFix9.reg
c:\sdfix\apps\Installed.txt
c:\sdfix\apps\isadmin.exe
c:\sdfix\apps\leg2.txt
c:\sdfix\apps\legacy.txt
c:\sdfix\apps\legacybk.txt
c:\sdfix\apps\locate.com
c:\sdfix\apps\LS.exe
c:\sdfix\apps\MD5File.exe
c:\sdfix\apps\moveex.exe
c:\sdfix\apps\MyGcpvFix.reg
c:\sdfix\apps\MyGkFix2.reg
c:\sdfix\apps\Process.exe
c:\sdfix\apps\procs.exe
c:\sdfix\apps\psservice.exe
c:\sdfix\apps\Rem.txt
c:\sdfix\apps\Rem2.txt
c:\sdfix\apps\Replace\regedit.exe
c:\sdfix\apps\Replace\w2k\AUTOEXEC.NT
c:\sdfix\apps\Replace\w2k\beep.sys
c:\sdfix\apps\Replace\w2k\command.com
c:\sdfix\apps\Replace\w2k\command.PIF
c:\sdfix\apps\Replace\w2k\CONFIG.NT
c:\sdfix\apps\Replace\w2k\null.sys
c:\sdfix\apps\Replace\xp\AUTOEXEC.NT
c:\sdfix\apps\Replace\xp\beep.sys
c:\sdfix\apps\Replace\xp\command.com
c:\sdfix\apps\Replace\xp\command.PIF
c:\sdfix\apps\Replace\xp\CONFIG.NT
c:\sdfix\apps\Replace\xp\null.sys
c:\sdfix\apps\Reset_AppInit_DLLs.reg
c:\sdfix\apps\RestartIt!.exe
c:\sdfix\apps\Restore_SafeBoot_Windows2000.reg
c:\sdfix\apps\Restore_SafeBoot_WindowsXP.reg
c:\sdfix\apps\Restore_SafeBoot_WindowsXP_SP2.reg
c:\sdfix\apps\Restore_SafeBoot_WindowsXP_SP3.reg
c:\sdfix\apps\Restore_SecurityCenter.reg
c:\sdfix\apps\Restore_SharedAccess.reg
c:\sdfix\apps\sc.exe
c:\sdfix\apps\sed.exe
c:\sdfix\apps\SF.exe
c:\sdfix\apps\shutdown.exe
c:\sdfix\apps\srv2.txt
c:\sdfix\apps\srv2bk.txt
c:\sdfix\apps\svc.txt
c:\sdfix\apps\svcbk.txt
c:\sdfix\apps\Swreg.exe
c:\sdfix\apps\swsc.exe
c:\sdfix\apps\UnRAR.exe
c:\sdfix\apps\unzip.exe
c:\sdfix\apps\vfind.exe
c:\sdfix\apps\WINMSG.EXE
c:\sdfix\apps\winsec.reg
c:\sdfix\apps\zip.exe
c:\sdfix\attrib.exe
c:\sdfix\backupreg\AppInit_DLLs.reg
c:\sdfix\backupreg\bat_shell_open.reg
c:\sdfix\backupreg\BHO.reg
c:\sdfix\backupreg\com_shell_open.reg
c:\sdfix\backupreg\ControlPanel_Load.reg
c:\sdfix\backupreg\Drivers32.reg
c:\sdfix\backupreg\exe_shell_open.reg
c:\sdfix\backupreg\HKCU_SOFTWARE_Policy.reg
c:\sdfix\backupreg\HKCU_WINDOWS_Policy.reg
c:\sdfix\backupreg\HKCURun.reg
c:\sdfix\backupreg\HKCURunServices.reg
c:\sdfix\backupreg\HKLM_SOFTWARE_Policy.reg
c:\sdfix\backupreg\HKLM_WINDOWS_Policy.reg
c:\sdfix\backupreg\HKLMRun.reg
c:\sdfix\backupreg\HKLMRunServices.reg
c:\sdfix\backupreg\IEDesktop.reg
c:\sdfix\backupreg\IEMain.reg
c:\sdfix\backupreg\Installed_Components.reg
c:\sdfix\backupreg\pif_shell_open.reg
c:\sdfix\backupreg\reg_shell_open.reg
c:\sdfix\backupreg\SecurityProviders.reg
c:\sdfix\backupreg\SharedTaskScheduler.reg
c:\sdfix\backupreg\ShellServiceObjectDelayLoad.reg
c:\sdfix\backupreg\SubSystems.reg
c:\sdfix\backupreg\txt_shell_open.reg
c:\sdfix\backupreg\Winlogon.reg
c:\sdfix\backupreg\WinlogonNotify.reg
c:\sdfix\beepFA0.TXT
c:\sdfix\beepFA1.TXT
c:\sdfix\beepFA2.TXT
c:\sdfix\beepFA3.TXT
c:\sdfix\beepFA4.TXT
c:\sdfix\beepxcodec0.TXT
c:\sdfix\beepxcodec1.TXT
c:\sdfix\beepxcodec2.TXT
c:\sdfix\beepxcodec3.TXT
c:\sdfix\beepxcodec4.TXT
c:\sdfix\bpTEST1.TXT
c:\sdfix\bpTEST3.TXT
c:\sdfix\catchme.exe
c:\sdfix\DBFix.bat
c:\sdfix\delavi0.txt
c:\sdfix\delzip0.txt
c:\sdfix\dest.txt
c:\sdfix\dnif.exe
c:\sdfix\dummy.exe
c:\sdfix\dummy.sys
c:\sdfix\editreg.exe
c:\sdfix\FilekillList1.txt
c:\sdfix\FileList1.txt
c:\sdfix\FileList2.txt
c:\sdfix\Find.txt
c:\sdfix\Findav2009.txt
c:\sdfix\Findav2009a.txt
c:\sdfix\Findbhos1.txt
c:\sdfix\FindIRCBrute.txt
c:\sdfix\Findroguerun1.txt
c:\sdfix\Findrun002.txt
c:\sdfix\Findrun002a.txt
c:\sdfix\Findrun30.txt
c:\sdfix\Findrun31.txt
c:\sdfix\Findrun31a.txt
c:\sdfix\Findrun31b.txt
c:\sdfix\Findrun32.txt
c:\sdfix\Findrunbifrose1.txt
c:\sdfix\Findrunbot1.txt
c:\sdfix\FindrunDW_Start.txt
c:\sdfix\Findzip.txt
c:\sdfix\HOSTS
c:\sdfix\Patched2a.txt
c:\sdfix\Patched2b.txt
c:\sdfix\Patched2c.txt
c:\sdfix\RemLat.txt
c:\sdfix\Remlat1.txt
c:\sdfix\Remlat2.txt
c:\sdfix\Remlat3.txt
c:\sdfix\Remlat4.txt
c:\sdfix\Remlat6a.txt
c:\sdfix\Remlat6b.txt
c:\sdfix\Remlat6c.txt
c:\sdfix\Remlat6d.txt
c:\sdfix\Report.txt
c:\sdfix\rtsdnif.exe
c:\sdfix\RunThis.bat
c:\sdfix\SDFIX_ReadMe_Online.url
c:\sdfix\TESTClbtds3A.txt
c:\sdfix\TESTSecProar.txt
c:\sdfix\TESTspreadbot1.TXT
c:\sdfix\TESTspreadbot2.TXT
c:\sdfix\TESTspreadbot3.TXT
c:\sdfix\TESTstartupusr.TXT
c:\sdfix\TESTtdsss1.TXT
c:\sdfix\TESTtdsss1a.TXT
c:\sdfix\TESTtdsss1b.TXT
c:\sdfix\TESTtdsss2.TXT
c:\sdfix\TESTtdsss2a.TXT
c:\sdfix\TESTtdsss2b.TXT
c:\sdfix\TESTtdsss2c.TXT
c:\sdfix\TESTtdsss2d.TXT
c:\sdfix\TESTtdsss2e.TXT
c:\sdfix\TESTtdsss2f.TXT
c:\sdfix\TESTtdsss2g.TXT
c:\sdfix\TESTtdsss2h.TXT
c:\sdfix\userinfix.reg
c:\sdfix\W2K_VirusAlert_Repair.inf
c:\sdfix\XP_VirusAlert_Repair.inf

.
((((((((((((((((((((((((( Soubory vytvořené od 2008-10-17 do 2008-11-17 )))))))))))))))))))))))))))))))
.

2008-11-17 17:46 . 2008-11-17 17:46 1,320 --a------ c:\windows\system32\spupdsvc.inf
2008-11-17 17:45 . 2008-11-17 17:45 <DIR> d-------- c:\windows\LastGood
2008-11-17 15:51 . 2008-11-17 15:51 <DIR> d-------- c:\windows\ERUNT
2008-11-17 13:04 . 2008-11-17 13:04 <DIR> d-------- c:\program files\Java
2008-11-17 13:04 . 2008-11-17 13:04 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-17 13:04 . 2008-11-17 13:04 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-17 00:21 . 2008-11-17 00:21 <DIR> d-------- c:\program files\ICQToolbar
2008-11-17 00:19 . 2008-11-17 00:22 <DIR> d-------- c:\program files\ICQ6
2008-11-16 18:37 . 2008-08-14 14:26 2,191,360 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-16 18:37 . 2008-08-14 14:26 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-11-16 18:37 . 2008-08-14 14:26 2,068,224 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-16 18:37 . 2008-08-14 14:26 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-11-16 18:37 . 2007-03-08 06:09 1,024,000 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2008-11-16 18:37 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-16 18:35 . 2008-06-14 18:35 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2008-11-16 18:33 . 2008-07-18 22:10 45,768 --a------ c:\windows\system32\wups2.dll
2008-11-16 09:12 . 2008-04-14 07:52 219,648 --a------ c:\windows\system32\uxtheme.uxtender
2008-11-15 23:35 . 2001-10-25 13:00 1,875,968 --a--c--- c:\windows\system32\dllcache\msir3jp.lex
2008-11-15 23:34 . 2008-04-14 07:46 13,463,552 --a--c--- c:\windows\system32\dllcache\hwxjpn.dll
2008-11-15 23:33 . 2004-05-13 00:39 876,653 --a--c--- c:\windows\system32\dllcache\fp4awel.dll
2008-11-15 23:30 . 2008-11-15 23:30 749 -rah----- c:\windows\WindowsShell.Manifest
2008-11-15 23:30 . 2008-11-15 23:30 749 -rah----- c:\windows\system32\wuaucpl.cpl.manifest
2008-11-15 23:30 . 2008-11-15 23:30 749 -rah----- c:\windows\system32\sapi.cpl.manifest
2008-11-15 23:30 . 2008-11-15 23:30 749 -rah----- c:\windows\system32\nwc.cpl.manifest
2008-11-15 23:30 . 2008-11-15 23:30 749 -rah----- c:\windows\system32\ncpa.cpl.manifest
2008-11-15 23:30 . 2008-11-15 23:30 488 -rah----- c:\windows\system32\logonui.exe.manifest
2008-11-15 23:29 . 2001-10-25 13:00 16,384 --a--c--- c:\windows\system32\dllcache\isignup.exe
2008-11-15 22:57 . 2008-04-14 09:52 144,484 --a--c--- c:\windows\system32\dllcache\netfx.cat
2008-11-15 22:57 . 2008-04-14 09:59 105,628 --a--c--- c:\windows\system32\dllcache\tabletpc.cat
2008-11-15 22:57 . 2008-04-14 09:52 34,747 --a--c--- c:\windows\system32\dllcache\mediactr.cat
2008-11-15 22:57 . 2001-10-25 13:00 24,661 --a------ c:\windows\system32\spxcoins.dll
2008-11-15 22:57 . 2001-10-25 13:00 24,661 --a--c--- c:\windows\system32\dllcache\spxcoins.dll
2008-11-15 22:57 . 2001-10-25 13:00 13,312 --a------ c:\windows\system32\irclass.dll
2008-11-15 22:57 . 2001-10-25 13:00 13,312 --a--c--- c:\windows\system32\dllcache\irclass.dll
2008-11-15 22:57 . 2008-04-14 09:52 10,027 --a--c--- c:\windows\system32\dllcache\MSTSWEB.CAT
2008-11-15 22:57 . 2001-10-25 13:00 8,599 --a--c--- c:\windows\system32\dllcache\IASNT4.CAT
2008-11-15 22:57 . 2001-10-25 13:00 7,382 --a--c--- c:\windows\system32\dllcache\OEMBIOS.CAT
2008-11-15 22:43 . 2008-11-15 22:43 <DIR> d-------- c:\windows\system32\config\systemprofile\Data aplikací\FileSubmit
2008-11-15 22:43 . 2008-11-15 22:43 <DIR> d-------- c:\windows\system32\config\systemprofile\Data aplikací\FileSubmit
2008-11-15 22:33 . 2008-11-15 22:34 <DIR> d-------- c:\documents and settings\Petr\Data aplikací\FileSubmit
2008-11-15 22:33 . 2008-11-15 22:34 <DIR> d-------- c:\documents and settings\Petr\Data aplikací\FileSubmit
2008-11-15 22:30 . 2008-11-15 22:30 <DIR> d-------- c:\windows\icons
2008-11-15 22:30 . 2008-11-15 22:30 <DIR> d-------- c:\program files\FileSubmit
2008-11-15 20:30 . 2008-11-15 22:20 <DIR> d-------- c:\program files\Logon Loader
2008-11-15 17:33 . 2008-11-15 17:34 <DIR> d-------- C:\aleš foto
2008-11-14 12:33 . 2008-11-07 14:25 675,217,408 --a------ C:\WinXP-SP3.iso
2008-11-12 18:04 . 2008-11-12 18:04 <DIR> d-------- c:\program files\MSXML 4.0
2008-11-07 15:05 . 2008-11-07 15:05 <DIR> d-------- c:\program files\Empire Interactive
2008-11-07 15:00 . 2008-11-07 15:00 <DIR> d-------- c:\program files\DAEMON Tools Lite
2008-11-01 12:26 . 2008-11-01 12:26 <DIR> d--h----- C:\ConvertTemp
2008-10-30 15:04 . 2008-10-30 15:04 <DIR> d-------- c:\documents and settings\Petr\Data aplikací\Samsung
2008-10-30 15:04 . 2008-10-30 15:04 <DIR> d-------- c:\documents and settings\Petr\Data aplikací\Samsung
2008-10-29 20:04 . 2006-05-03 22:53 174,592 --a------ c:\windows\system32\framedyn.dll
2008-10-29 20:03 . 2008-10-30 15:00 5,632 --a------ c:\windows\system32\drivers\StarOpen.sys
2008-10-29 20:02 . 2008-10-29 20:03 <DIR> d-------- c:\windows\system32\Samsung_USB_Drivers
2008-10-29 20:02 . 2008-10-30 14:32 <DIR> d-------- c:\program files\Samsung
2008-10-29 20:02 . 2005-08-30 17:59 94,000 --a------ c:\windows\system32\drivers\ss_mdm.sys
2008-10-29 20:02 . 2005-08-30 17:57 58,320 --a------ c:\windows\system32\drivers\ss_bus.sys
2008-10-29 20:02 . 2005-08-30 17:58 8,304 --a------ c:\windows\system32\drivers\ss_mdfl.sys
2008-10-29 20:02 . 2005-08-30 17:58 6,144 --a------ c:\windows\system32\drivers\ss_cmnt.sys
2008-10-29 20:02 . 2005-08-30 17:58 6,144 --a------ c:\windows\system32\drivers\ss_cm.sys
2008-10-29 20:02 . 2005-08-30 17:57 5,808 --a------ c:\windows\system32\drivers\ss_whnt.sys
2008-10-29 20:02 . 2005-08-30 17:57 5,808 --a------ c:\windows\system32\drivers\ss_wh.sys
2008-10-29 20:02 . 2005-08-28 20:51 766 --a------ c:\windows\system32\Uninstall.ico
2008-10-29 15:31 . 2008-10-29 15:31 <DIR> d-------- c:\program files\ConMet
2008-10-27 11:41 . 2008-10-27 11:41 <DIR> d-------- c:\program files\Common Files\StarCam
2008-10-27 11:41 . 2006-06-27 13:50 10,148,480 --a------ c:\windows\system32\drivers\snpstd3.sys
2008-10-27 11:41 . 2006-05-12 11:27 831,488 --a------ c:\windows\vsnpstd3.exe
2008-10-27 11:41 . 2006-06-19 11:43 262,144 --a------ c:\windows\tsnpstd3.exe
2008-10-27 11:41 . 2006-04-12 12:11 147,456 --a------ c:\windows\system32\rsnpstd3.dll
2008-10-27 11:41 . 2004-11-08 13:41 94,208 --a------ c:\windows\amcap.exe
2008-10-27 11:41 . 2005-11-23 13:55 53,248 --a------ c:\windows\system32\csnpstd3.dll
2008-10-27 11:41 . 2004-02-27 17:36 15,498 --a------ c:\windows\snpstd3.ini
2008-10-27 11:41 . 2004-02-27 17:36 13,023 --a------ c:\windows\snpstd3.src
2008-10-27 10:12 . 2008-10-27 10:12 4,444 --a------ c:\windows\system32\pid.PNF
2008-10-27 10:02 . 2008-04-14 09:59 1,246,067 -ra------ c:\windows\SET62.tmp
2008-10-27 10:02 . 2008-04-14 09:52 1,088,840 -ra------ c:\windows\SET65.tmp
2008-10-27 10:02 . 2008-04-14 09:52 16,825 -ra------ c:\windows\SET72.tmp
2008-10-27 09:16 . 2008-10-27 09:18 <DIR> dr------- C:\Program na vytvoření Obrazů Disku
2008-10-26 22:25 . 2008-10-26 22:25 107,888 --a------ c:\windows\system32\CmdLineExt.dll
2008-10-26 22:23 . 2008-10-26 22:24 <DIR> d-------- c:\program files\GameSpy Arcade
2008-10-26 22:21 . 2008-10-26 22:21 <DIR> d-------- c:\program files\Firefly Studios
2008-10-24 19:19 . 2008-10-24 19:19 552 --a------ c:\windows\system32\d3d8caps.dat
2008-10-24 15:15 . 2008-10-24 16:17 <DIR> d-------- c:\documents and settings\Petr\Data aplikací\Aston
2008-10-24 15:15 . 2008-10-24 16:17 <DIR> d-------- c:\documents and settings\Petr\Data aplikací\Aston
2008-10-24 06:58 . 2008-10-24 08:21 <DIR> dr------- C:\Win XP Sp2
2008-10-22 20:43 . 2008-10-24 08:23 <DIR> d-------- c:\program files\nLite
2008-10-21 15:46 . 2008-10-21 15:46 <DIR> d-------- c:\program files\Sunbelt Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-17 17:22 --------- d-----w c:\documents and settings\Petr\Data aplikací\Skype
2008-11-17 17:22 --------- d-----w c:\documents and settings\Petr\Data aplikací\Skype
2008-11-17 16:23 --------- d-----w c:\documents and settings\Petr\Data aplikací\skypePM
2008-11-17 16:23 --------- d-----w c:\documents and settings\Petr\Data aplikací\skypePM
2008-11-17 16:23 --------- d-----w c:\documents and settings\Petr\Data aplikací\ConMet
2008-11-17 16:23 --------- d-----w c:\documents and settings\Petr\Data aplikací\ConMet
2008-11-17 16:23 --------- d-----w c:\documents and settings\All Users\Data aplikací\ConMet
2008-11-17 15:01 31,822 ----a-w c:\windows\system32\drivers\fwdrv.err
2008-11-17 12:11 --------- d-----w c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2008-11-16 08:12 219,648 ----a-w c:\windows\system32\uxtheme.dll
2008-11-15 22:26 --------- d-----w c:\program files\Windows Media Connect 2
2008-11-07 13:57 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-07 13:53 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2008-11-05 14:03 90,632 ----a-w c:\windows\system32\drivers\avgtdix.sys
2008-11-02 10:53 --------- d-----w c:\program files\Warcraft III
2008-10-30 13:32 --------- d--h--w c:\program files\InstallShield Installation Information
2008-10-30 11:18 98,440 ----a-w c:\windows\system32\drivers\avgldx86.sys
2008-10-27 10:36 --------- d-----w c:\program files\MSI
2008-10-25 16:08 --------- d-----w c:\documents and settings\All Users\Data aplikací\avg8
2008-10-24 14:28 0 ----a-w c:\program files\AstonWriteTest.txt
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-23 11:06 --------- d-----w c:\program files\Microsoft Silverlight
2008-10-19 18:16 2,829 ----a-w c:\windows\War3Unin.pif
2008-10-19 18:16 139,264 ----a-w c:\windows\War3Unin.exe
2008-10-19 13:34 --------- d-----w c:\documents and settings\Petr\Data aplikací\Canon
2008-10-19 13:34 --------- d-----w c:\documents and settings\Petr\Data aplikací\Canon
2008-10-10 17:28 --------- d-----w c:\documents and settings\Petr\Data aplikací\Uniblue
2008-10-10 17:28 --------- d-----w c:\documents and settings\Petr\Data aplikací\Uniblue
2008-10-10 17:28 --------- d-----w c:\documents and settings\All Users\Data aplikací\DriverScanner
2008-10-08 20:21 --------- d-----w c:\documents and settings\All Users\Data aplikací\nView_Profiles
2008-10-07 19:11 --------- d-----w c:\program files\Common Files\Adobe
2008-10-06 14:56 --------- d-----w c:\program files\Counter-Strike Source
2008-10-05 08:18 --------- d-----w c:\program files\CCleaner
2008-10-05 08:03 --------- d-----w c:\program files\Yahoo!
2008-10-04 16:11 --------- d-----w c:\program files\Anti Trojan Elite
2008-10-04 15:59 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-10-04 15:59 --------- d-----w c:\documents and settings\Petr\Data aplikací\SUPERAntiSpyware.com
2008-10-04 15:59 --------- d-----w c:\documents and settings\Petr\Data aplikací\SUPERAntiSpyware.com
2008-10-04 12:24 --------- d-----w c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-29 17:41 --------- d-----w c:\documents and settings\All Users\Data aplikací\NVIDIA
2008-09-22 14:18 --------- d-----w c:\program files\Windows Live
2008-09-21 14:34 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2008-09-21 14:34 22,328 ----a-w c:\documents and settings\Petr\Data aplikací\PnkBstrK.sys
2008-09-21 14:34 22,328 ----a-w c:\documents and settings\Petr\Data aplikací\PnkBstrK.sys
2008-09-21 14:33 66,872 ----a-w c:\windows\system32\PnkBstrA.exe
2008-09-21 14:33 103,736 ----a-w c:\windows\system32\PnkBstrB.exe
2008-09-21 14:20 --------- d-----w c:\program files\Activision
2008-09-19 20:50 --------- d-----w c:\documents and settings\All Users\Data aplikací\WLInstaller
2008-09-15 15:27 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-11 16:56 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2008-09-10 01:16 1,307,648 ----a-w c:\windows\system32\msxml6.dll
2008-09-04 17:17 1,106,944 ----a-w c:\windows\system32\msxml3.dll
2008-08-26 08:27 826,368 ----a-w c:\windows\system32\wininet.dll
.

((((((((((((((((((((((((((((( snapshot@2008-11-17_17.35.04,19 )))))))))))))))))))))))))))))))))))))))))
.
- 2005-01-28 14:15:24 192,512 ----a-w c:\windows\inf\unregmp2.exe
+ 2007-01-05 19:55:34 316,416 ----a-w c:\windows\inf\unregmp2.exe
- 2005-01-28 14:15:34 8,192 ----a-w c:\windows\system32\asferror.dll
+ 2007-01-05 19:50:32 6,656 ----a-w c:\windows\system32\asferror.dll
- 2005-01-28 14:15:24 484,864 ----a-w c:\windows\system32\Audiodev.dll
+ 2006-10-18 20:47:08 276,992 ----a-w c:\windows\system32\audiodev.dll
- 2005-01-28 06:53:28 294,912 ----a-w c:\windows\system32\blackbox.dll
+ 2006-10-18 20:47:10 542,720 ----a-w c:\windows\system32\blackbox.dll
- 2005-01-28 06:53:20 164,864 ----a-w c:\windows\system32\cewmdm.dll
+ 2006-10-18 20:47:10 229,376 ----a-w c:\windows\system32\cewmdm.dll
- 2005-01-28 14:15:34 8,192 -c--a-w c:\windows\system32\dllcache\asferror.dll
+ 2007-01-05 19:50:32 6,656 -c--a-w c:\windows\system32\dllcache\asferror.dll
- 2005-01-28 06:53:28 294,912 -c--a-w c:\windows\system32\dllcache\blackbox.dll
+ 2006-10-18 20:47:10 542,720 -c--a-w c:\windows\system32\dllcache\blackbox.dll
- 2005-01-28 06:53:20 164,864 -c--a-w c:\windows\system32\dllcache\cewmdm.dll
+ 2006-10-18 20:47:10 229,376 -c--a-w c:\windows\system32\dllcache\cewmdm.dll
- 2005-01-28 06:53:38 502,272 -c--a-w c:\windows\system32\dllcache\drmv2clt.dll
+ 2006-10-18 20:47:10 991,744 -c--a-w c:\windows\system32\dllcache\drmv2clt.dll
- 2005-01-28 06:53:16 6,656 -c--a-w c:\windows\system32\dllcache\laprxy.dll
+ 2006-10-18 20:47:14 11,264 -c--a-w c:\windows\system32\dllcache\LAPRXY.dll
- 2005-01-27 23:21:46 96,768 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2006-10-18 19:03:58 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
- 2005-01-28 14:15:24 352,256 -c--a-w c:\windows\system32\dllcache\mpvis.dll
+ 2007-01-05 19:51:10 244,224 -c--a-w c:\windows\system32\dllcache\mpvis.dll
- 2005-01-28 06:53:22 142,336 -c--a-w c:\windows\system32\dllcache\msnetobj.dll
+ 2006-10-18 20:47:16 179,712 -c--a-w c:\windows\system32\dllcache\msnetobj.dll
- 2005-01-28 06:53:20 25,088 -c--a-w c:\windows\system32\dllcache\mspmsnsv.dll
+ 2006-10-18 20:47:16 27,136 -c--a-w c:\windows\system32\dllcache\mspmsnsv.dll
- 2005-01-28 06:53:20 173,568 -c--a-w c:\windows\system32\dllcache\mspmsp.dll
+ 2006-10-18 20:47:16 175,616 -c--a-w c:\windows\system32\dllcache\mspmsp.dll
- 2005-01-28 11:32:44 364,784 -c--a-w c:\windows\system32\dllcache\msscp.dll
+ 2006-10-18 20:47:16 414,208 -c--a-w c:\windows\system32\dllcache\msscp.dll
- 2005-01-28 14:15:24 315,904 -c--a-w c:\windows\system32\dllcache\mswmdm.dll
+ 2006-10-18 20:47:16 321,536 -c--a-w c:\windows\system32\dllcache\mswmdm.dll
- 2005-01-28 06:53:22 221,184 -c--a-w c:\windows\system32\dllcache\qasf.dll
+ 2006-10-18 20:47:18 211,456 -c--a-w c:\windows\system32\dllcache\qasf.dll
- 2005-01-28 14:15:24 823,296 -c--a-w c:\windows\system32\dllcache\setup_wm.exe
+ 2007-01-05 20:22:32 1,674,752 -c--a-w c:\windows\system32\dllcache\setup_wm.exe
- 2005-01-28 14:15:24 192,512 -c--a-w c:\windows\system32\dllcache\unregmp2.exe
+ 2007-01-05 19:55:34 316,416 -c--a-w c:\windows\system32\dllcache\unregmp2.exe
- 2005-01-28 11:32:44 396,528 -c--a-w c:\windows\system32\dllcache\wmadmod.dll
+ 2006-10-18 20:47:18 757,248 -c--a-w c:\windows\system32\dllcache\WMADMOD.dll
- 2005-01-28 06:53:18 716,288 -c--a-w c:\windows\system32\dllcache\wmadmoe.dll
+ 2006-10-18 20:47:18 1,117,696 -c--a-w c:\windows\system32\dllcache\WMADMOE.dll
- 2007-10-20 05:01:32 227,328 -c--a-w c:\windows\system32\dllcache\wmasf.dll
+ 2006-10-18 20:47:18 222,208 -c--a-w c:\windows\system32\dllcache\WMASF.dll
- 2005-01-28 06:53:20 28,160 -c--a-w c:\windows\system32\dllcache\wmdmlog.dll
+ 2006-10-18 20:47:18 33,792 -c--a-w c:\windows\system32\dllcache\wmdmlog.dll
- 2005-01-28 06:53:20 33,792 -c--a-w c:\windows\system32\dllcache\wmdmps.dll
+ 2006-10-18 20:47:18 37,376 -c--a-w c:\windows\system32\dllcache\wmdmps.dll
- 2005-01-28 14:15:34 197,120 -c--a-w c:\windows\system32\dllcache\wmerror.dll
+ 2007-01-05 19:55:54 238,592 -c--a-w c:\windows\system32\dllcache\wmerror.dll
- 2005-01-28 06:53:16 150,016 -c--a-w c:\windows\system32\dllcache\wmidx.dll
+ 2006-10-18 20:47:20 157,184 -c--a-w c:\windows\system32\dllcache\wmidx.dll
- 2005-01-28 06:53:16 1,027,072 -c--a-w c:\windows\system32\dllcache\wmnetmgr.dll
+ 2006-10-18 20:47:20 937,984 -c--a-w c:\windows\system32\dllcache\WMNetMgr.dll
- 2007-04-30 07:20:24 5,537,792 -c--a-w c:\windows\system32\dllcache\wmp.dll
+ 2006-10-18 20:47:20 10,834,432 -c--a-w c:\windows\system32\dllcache\wmp.dll
- 2005-01-28 06:53:20 135,168 -c--a-w c:\windows\system32\dllcache\wmpasf.dll
+ 2006-10-18 20:47:20 242,688 -c--a-w c:\windows\system32\dllcache\wmpasf.dll
- 2005-01-28 14:15:24 77,824 -c--a-w c:\windows\system32\dllcache\wmpband.dll
+ 2007-01-05 19:56:12 96,256 -c--a-w c:\windows\system32\dllcache\wmpband.dll
- 2005-01-28 06:53:20 282,624 -c--a-w c:\windows\system32\dllcache\wmpdxm.dll
+ 2006-10-18 20:47:20 314,880 -c--a-w c:\windows\system32\dllcache\wmpdxm.dll
- 2005-01-28 14:15:24 73,728 -c--a-w c:\windows\system32\dllcache\wmplayer.exe
+ 2007-01-05 19:56:50 64,000 -c--a-w c:\windows\system32\dllcache\wmplayer.exe
- 2005-01-28 14:15:26 3,391,488 -c--a-w c:\windows\system32\dllcache\wmploc.dll
+ 2007-01-05 20:33:02 8,257,536 -c--a-w c:\windows\system32\dllcache\wmploc.dll
- 2005-01-28 14:15:28 86,016 -c--a-w c:\windows\system32\dllcache\wmpshell.dll
+ 2007-01-05 19:57:10 99,840 -c--a-w c:\windows\system32\dllcache\wmpshell.dll
- 2005-01-28 11:32:56 774,904 -c--a-w c:\windows\system32\dllcache\wmsdmod.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmsdmod.dll
- 2005-01-28 06:53:18 1,119,744 -c--a-w c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmsdmoe2.dll
- 2005-01-28 11:32:44 413,944 -c--a-w c:\windows\system32\dllcache\wmspdmod.dll
+ 2006-10-18 20:47:22 603,648 -c--a-w c:\windows\system32\dllcache\WMSPDMOD.dll
- 2005-01-28 06:53:18 940,544 -c--a-w c:\windows\system32\dllcache\wmspdmoe.dll
+ 2006-10-18 20:47:22 1,329,152 -c--a-w c:\windows\system32\dllcache\WMSPDMOE.dll
- 2006-12-07 05:29:34 2,374,472 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2006-10-18 20:47:22 2,450,944 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
- 2005-01-28 11:32:58 895,736 -c--a-w c:\windows\system32\dllcache\wmvdmod.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmvdmod.dll
- 2005-01-28 06:53:18 1,003,008 -c--a-w c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2006-10-18 20:47:22 4,096 -c--a-w c:\windows\system32\dllcache\wmvdmoe2.dll
- 2005-01-27 23:36:24 18,944 ----a-w c:\windows\system32\drivers\wpdusb.sys
+ 2006-10-18 19:00:00 38,528 ----a-w c:\windows\system32\drivers\wpdusb.sys
- 2005-01-28 06:53:38 502,272 ----a-w c:\windows\system32\drmv2clt.dll
+ 2006-10-18 20:47:10 991,744 ----a-w c:\windows\system32\drmv2clt.dll
- 2005-01-28 06:53:16 6,656 ----a-w c:\windows\system32\laprxy.dll
+ 2006-10-18 20:47:14 11,264 ----a-w c:\windows\system32\LAPRXY.dll
- 2005-01-27 23:21:46 96,768 ----a-w c:\windows\system32\logagent.exe
+ 2006-10-18 19:03:58 100,864 ----a-w c:\windows\system32\logagent.exe
- 2005-01-28 06:53:22 142,336 ----a-w c:\windows\system32\msnetobj.dll
+ 2006-10-18 20:47:16 179,712 ----a-w c:\windows\system32\msnetobj.dll
- 2005-01-28 06:53:20 25,088 ----a-w c:\windows\system32\MsPMSNSv.dll
+ 2006-10-18 20:47:16 27,136 ----a-w c:\windows\system32\mspmsnsv.dll
- 2005-01-28 06:53:20 173,568 ----a-w c:\windows\system32\MsPMSP.dll
+ 2006-10-18 20:47:16 175,616 ----a-w c:\windows\system32\mspmsp.dll
- 2005-01-28 11:32:44 364,784 ----a-w c:\windows\system32\MSSCP.dll
+ 2006-10-18 20:47:16 414,208 ----a-w c:\windows\system32\msscp.dll
- 2005-01-28 14:15:24 315,904 ----a-w c:\windows\system32\MSWMDM.dll
+ 2006-10-18 20:47:16 321,536 ----a-w c:\windows\system32\mswmdm.dll
- 2005-01-28 06:53:22 221,184 ----a-w c:\windows\system32\qasf.dll
+ 2006-10-18 20:47:18 211,456 ----a-w c:\windows\system32\qasf.dll
- 2008-07-08 12:59:42 18,296 ------w c:\windows\system32\spmsg.dll
+ 2006-09-25 16:58:48 14,640 ------w c:\windows\system32\spmsg.dll
- 2005-01-27 23:36:04 47,104 ----a-w c:\windows\system32\uwdf.exe
+ 2006-10-18 20:58:00 8,704 ----a-w c:\windows\system32\uwdf.exe
- 2005-01-27 23:35:58 15,872 ----a-w c:\windows\system32\wdfapi.dll
+ 2006-10-18 20:47:18 4,096 ----a-w c:\windows\system32\wdfapi.dll
- 2005-01-27 23:36:00 38,912 ----a-w c:\windows\system32\wdfmgr.exe
+ 2006-10-18 20:58:00 8,704 ----a-w c:\windows\system32\wdfmgr.exe
- 2005-01-28 11:32:44 396,528 ----a-w c:\windows\system32\wmadmod.dll
+ 2006-10-18 20:47:18 757,248 ----a-w c:\windows\system32\WMADMOD.dll
- 2005-01-28 06:53:18 716,288 ----a-w c:\windows\system32\wmadmoe.dll
+ 2006-10-18 20:47:18 1,117,696 ----a-w c:\windows\system32\WMADMOE.dll
- 2007-10-20 05:01:32 227,328 ----a-w c:\windows\system32\wmasf.dll
+ 2006-10-18 20:47:18 222,208 ----a-w c:\windows\system32\WMASF.dll
- 2005-01-28 06:53:20 28,160 ----a-w c:\windows\system32\WMDMLOG.dll
+ 2006-10-18 20:47:18 33,792 ----a-w c:\windows\system32\wmdmlog.dll
- 2005-01-28 06:53:20 33,792 ----a-w c:\windows\system32\WMDMPS.dll
+ 2006-10-18 20:47:18 37,376 ----a-w c:\windows\system32\wmdmps.dll
- 2005-01-28 06:53:50 335,872 ----a-w c:\windows\system32\WMDRMdev.dll
+ 2006-10-18 20:47:18 429,056 ----a-w c:\windows\system32\wmdrmdev.dll
- 2005-01-28 06:53:54 290,816 ----a-w c:\windows\system32\WMDRMNet.dll
+ 2006-10-18 20:47:20 348,672 ----a-w c:\windows\system32\wmdrmnet.dll
- 2005-01-28 14:15:34 197,120 ----a-w c:\windows\system32\wmerror.dll
+ 2007-01-05 19:55:54 238,592 ----a-w c:\windows\system32\wmerror.dll
- 2005-01-28 06:53:16 150,016 ----a-w c:\windows\system32\wmidx.dll
+ 2006-10-18 20:47:20 157,184 ----a-w c:\windows\system32\wmidx.dll
- 2005-01-28 06:53:16 1,027,072 ----a-w c:\windows\system32\wmnetmgr.dll
+ 2006-10-18 20:47:20 937,984 ----a-w c:\windows\system32\WMNetMgr.dll
- 2007-04-30 07:20:24 5,537,792 ----a-w c:\windows\system32\wmp.dll
+ 2006-10-18 20:47:20 10,834,432 ----a-w c:\windows\system32\wmp.dll
- 2005-01-28 06:53:20 135,168 ----a-w c:\windows\system32\wmpasf.dll
+ 2006-10-18 20:47:20 242,688 ----a-w c:\windows\system32\wmpasf.dll
- 2005-01-28 06:53:20 282,624 ----a-w c:\windows\system32\wmpdxm.dll
+ 2006-10-18 20:47:20 314,880 ----a-w c:\windows\system32\wmpdxm.dll
- 2005-01-28 06:53:18 1,594,880 ----a-w c:\windows\system32\wmpencen.dll
+ 2006-10-18 20:47:20 1,661,440 ----a-w c:\windows\system32\wmpencen.dll
- 2005-01-28 14:15:26 3,391,488 ----a-w c:\windows\system32\wmploc.dll
+ 2007-01-05 20:33:02 8,257,536 ----a-w c:\windows\system32\wmploc.dll
- 2005-01-28 14:15:28 86,016 ----a-w c:\windows\system32\wmpshell.dll
+ 2007-01-05 19:57:10 99,840 ----a-w c:\windows\system32\wmpshell.dll
- 2005-01-28 06:53:18 175,104 ----a-w c:\windows\system32\wmpsrcwp.dll
+ 2006-10-18 20:47:20 204,288 ----a-w c:\windows\system32\wmpsrcwp.dll
- 2005-01-28 11:32:56 774,904 ----a-w c:\windows\system32\wmsdmod.dll
+ 2006-10-18 20:47:22 4,096 ----a-w c:\windows\system32\wmsdmod.dll
- 2005-01-28 06:53:18 1,119,744 ----a-w c:\windows\system32\wmsdmoe2.dll
+ 2006-10-18 20:47:22 4,096 ----a-w c:\windows\system32\wmsdmoe2.dll
- 2005-01-28 11:32:44 413,944 ----a-w c:\windows\system32\wmspdmod.dll
+ 2006-10-18 20:47:22 603,648 ----a-w c:\windows\system32\WMSPDMOD.dll
- 2005-01-28 06:53:18 940,544 ----a-w c:\windows\system32\wmspdmoe.dll
+ 2006-10-18 20:47:22 1,329,152 ----a-w c:\windows\system32\WMSPDMOE.dll
- 2005-01-28 11:32:56 1,218,808 ----a-w c:\windows\system32\wmvadvd.dll
+ 2006-10-18 20:47:22 4,096 ----a-w c:\windows\system32\WMVADVD.dll
- 2005-01-28 06:53:20 1,512,448 ----a-w c:\windows\system32\WMVADVE.DLL
+ 2006-10-18 20:47:22 4,096 ----a-w c:\windows\system32\WMVADVE.DLL
- 2006-12-07 05:29:34 2,374,472 ----a-w c:\windows\system32\wmvcore.dll
+ 2006-10-18 20:47:22 2,450,944 ----a-w c:\windows\system32\wmvcore.dll
- 2005-01-28 11:32:58 895,736 ----a-w c:\windows\system32\wmvdmod.dll
+ 2006-10-18 20:47:22 4,096 ----a-w c:\windows\system32\wmvdmod.dll
- 2005-01-28 06:53:18 1,003,008 ----a-w c:\windows\system32\wmvdmoe2.dll
+ 2006-10-18 20:47:22 4,096 ----a-w c:\windows\system32\wmvdmoe2.dll
- 2005-01-27 23:36:28 38,912 ----a-w c:\windows\system32\wpd_ci.dll
+ 2006-10-18 20:47:22 629,760 ----a-w c:\windows\system32\wpd_ci.dll
- 2005-01-27 23:36:20 61,952 ----a-w c:\windows\system32\wpdconns.dll
+ 2006-10-18 20:47:22 35,840 ----a-w c:\windows\system32\wpdconns.dll
- 2005-01-27 23:36:24 114,176 ----a-w c:\windows\system32\wpdmtp.dll
+ 2006-10-18 20:47:22 154,624 ----a-w c:\windows\system32\wpdmtp.dll
- 2005-01-27 23:36:22 66,560 ----a-w c:\windows\system32\wpdmtpus.dll
+ 2006-10-18 20:47:22 63,488 ----a-w c:\windows\system32\wpdmtpus.dll
- 2008-05-08 07:15:20 38,400 ----a-w c:\windows\system32\wpdshextres.dll
+ 2006-11-02 10:51:40 39,936 ----a-w c:\windows\system32\wpdshextres.dll
- 2005-01-27 23:36:28 331,264 ----a-w c:\windows\system32\wpdsp.dll
+ 2006-10-18 20:47:22 356,352 ----a-w c:\windows\system32\wpdsp.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-13 68856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-09-23 21755688]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-10-23 1235736]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"tsnpstd3"="c:\windows\tsnpstd3.exe" [2006-06-19 262144]
"snpstd3"="c:\windows\vsnpstd3.exe" [2006-05-12 831488]
"ConMet"="c:\program files\ConMet\ConMet.exe" [2008-10-29 3423232]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-17 136600]
"nwiz"="nwiz.exe" [2008-05-16 c:\windows\system32\nwiz.exe]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 c:\windows\soundman.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
"nltide_2"="shell32" [X]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-17 44544]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
APC UPS Status.lnk - c:\program files\APC\APC PowerChute Personal Edition\Display.exe [2008-09-11 221247]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe"
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\Drivers\avgrkx86.sys [2008-07-29 12936]
R0 BootScreen;BootScreen;\SystemRoot\\SystemRoot\System32\drivers\vidstub.sys []
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-07-29 98440]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-07-29 90632]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [2007-04-26 302000]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [2007-04-26 72624]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2008-08-16 269736]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-10-23 874776]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-09-11 231704]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\DRIVERS\psched.sys [2008-04-13 69120]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [2008-08-16 65576]
S2 SPF4;Sunbelt Personal Firewall 4;"c:\program files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 1234480]
S3 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);c:\windows\system32\DRIVERS\ss_bus.sys [2008-10-29 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;c:\windows\system32\DRIVERS\ss_mdfl.sys [2008-10-29 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;c:\windows\system32\DRIVERS\ss_mdm.sys [2008-10-29 94000]
S3 TVICHW32;TVICHW32;\??\c:\windows\system32\DRIVERS\TVICHW32.SYS [2008-08-21 23600]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-SDFix - c:\sdfix\RunThis.bat



**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-17 18:34:43
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2008-11-17 18:36:57
ComboFix-quarantined-files.txt 2008-11-17 17:36:51
ComboFix2.txt 2008-11-17 16:36:45

Před spuštěním: Volných bajtů: 97 714 098 176
Po spuštění: Volných bajtů: 97,698,066,432

628 --- E O F --- 2008-11-12 17:07:40

Ještě nový log z HJT a info o chování compu.

PC se zdá rychlejší ale start je pořád stejný, strašně pomalí.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:20:38, on 17.11.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ConMet\ConMet.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.atlas.cz/?from=icqhp
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQToolbar\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [ConMet] C:\Program Files\ConMet\ConMet.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: APC UPS Status.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 7437555218
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6856779218
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8139608121
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://plugin.driveragent.com/files/driveragent.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DA296C35-9602-496E-B75A-7D30844FCA9C}: NameServer = 192.168.1.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe

--
End of file - 10526 bytes

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš>spustíš
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
Pokud chceš zachovat svoje uložená hesla, klikni na No.

Možno zkusit tu defragmentaci, i když to ukazuje ,že není potřeba. Kontrolu HDD a RAM (Memtest).Aktualizovat javu viz výše.Zkusit vypnout Kerio,i některé nepotřebné programy po spuštění.