problém s wifi prosím o kontrolu logu. díky

[Max_cz]

Zdravím,

tak po dlouhé době mi PC začalo zase zlobit píše mi to tuto hlášku viz. příloha

Nenalezne mi žádné wifi sítě a ani přes kabel se nepřipojím

pro jistotu přidávám log

Logfile of random's system information tool 1.08 (written by random/random)
Run by Max_cz at 2011-07-14 19:04:03
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 36 GB (21%) free of 175 GB
Total RAM: 2046 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:04:33, on 14.7.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Users\Max_cz\AppData\Roaming\QipGuard\QipGuard.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\totalcmd\totalcmd_.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Max_cz\Downloads\RSIT.exe
C:\Program Files\trend micro\Max_cz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Max_cz\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [DeskUpdateNotifier] "C:\Program Files\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP 2010\qip.exe" /autorun
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\Max_cz\AppData\Roaming\QipGuard\QipGuard.exe /p
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: EsiStartServer.lnk = I:\Program Files\Bosch\ESItronic\EsiStartServer.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Broken Internet access because of LSP chain gap (#2 in chain of 24 missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: QipGuard - QIP.ru - C:\Program Files\QipGuard\QipGuard.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

--
End of file - 9615 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3232157848-3325072676-3102783843-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3232157848-3325072676-3102783843-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Max_cz\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2011-06-24 141184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-02-28 1089288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-04-10 4431872]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1466368]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-02-12 174872]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-04-16 2183680]
"DeskUpdateNotifier"=C:\Program Files\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe [2010-10-13 97560]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"KTSInit"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WhatPulse"=C:\Program Files\WhatPulse\WhatPulse.exe [2010-08-09 2922496]
""= []
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-11-10 4240760]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Infium"=C:\Program Files\QIP 2010\qip.exe [2011-06-24 6804864]
"QIP Internet Guardian"=C:\Users\Max_cz\AppData\Roaming\QipGuard\QipGuard.exe [2011-06-24 190336]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe [2007-06-26 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool]
C:\Program Files\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [2010-03-06 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-02-06 622592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2006-07-19 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeskUpdateNotifier]
C:\Program Files\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe [2010-10-13 97560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Max_cz\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-26 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
C:\Program Files\QIP 2010\qip.exe [2011-06-24 6804864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-11-10 4240760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-06-15 15141768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Real\RealPlayer\update\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk]
C:\PROGRA~1\WESTER~1\WDSMAR~1\WDDRIV~1\WDDMST~1.EXE [2010-01-21 2057536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDSmartWare.lnk]
C:\PROGRA~1\WESTER~1\WDSMAR~1\FRONTP~1\WDSMAR~1.EXE [2010-01-21 9136960]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
EsiStartServer.lnk - I:\Program Files\Bosch\ESItronic\EsiStartServer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-07-14 08:01:07 ----ASH---- C:\hiberfil.sys
2011-07-14 07:49:54 ----A---- C:\Windows\ntbtlog.txt
2011-07-11 21:14:40 ----D---- C:\usr
2011-07-04 20:10:41 ----D---- C:\Program Files\The KMPlayer
2011-07-04 11:22:49 ----D---- C:\Program Files\QipGuard
2011-07-04 11:22:35 ----D---- C:\Users\Max_cz\AppData\Roaming\QipGuard
2011-07-02 21:40:34 ----A---- C:\Windows\IsUn0407.exe
2011-07-02 21:27:15 ----D---- C:\BOSCH_PR
2011-07-02 14:39:31 ----AH---- C:\Windows\system32\psvince.dll
2011-07-02 14:39:31 ----A---- C:\Windows\system32\msvcr71d.dll
2011-07-02 14:39:30 ----A---- C:\Windows\system32\MFC71.dll
2011-07-02 14:39:30 ----A---- C:\Windows\system32\awn32b.dll
2011-07-02 14:35:09 ----A---- C:\Windows\system32\vb5de.dll
2011-07-02 14:35:09 ----A---- C:\Windows\system32\rdo20de.dll
2011-07-02 14:35:09 ----A---- C:\Windows\system32\PWUtility.dll
2011-07-02 14:35:09 ----A---- C:\Windows\system32\pcclpde.dll
2011-07-02 14:35:09 ----A---- C:\Windows\system32\mfc40loc.dll
2011-07-02 14:35:09 ----A---- C:\Windows\system32\flxgdde.dll
2011-07-02 14:35:09 ----A---- C:\Windows\system32\dtcutil.dll
2011-07-02 14:35:09 ----A---- C:\Windows\system32\dtctrace.dll
2011-07-02 14:35:09 ----A---- C:\Windows\system32\dtccm.dll
2011-07-02 14:35:09 ----A---- C:\Windows\system32\cmdlgde.dll
2011-07-02 14:35:09 ----A---- C:\Windows\system32\cmctlde.dll
2011-07-02 14:35:09 ----A---- C:\Windows\system32\cmct2de.dll
2011-07-02 14:35:09 ----A---- C:\Windows\system32\adme.dll
2011-07-02 14:35:08 ----A---- C:\Windows\system32\Oc30.dll
2011-07-02 14:35:08 ----A---- C:\Windows\system32\msvbvm50.dll
2011-07-02 14:35:08 ----A---- C:\Windows\system32\Lttwn80n.dll
2011-07-02 14:35:08 ----A---- C:\Windows\system32\Ltkrn80n.dll
2011-07-02 14:35:08 ----A---- C:\Windows\system32\Ltimg80n.dll
2011-07-02 14:35:08 ----A---- C:\Windows\system32\Ltfil80n.dll
2011-07-02 14:35:08 ----A---- C:\Windows\system32\Ltefx80n.dll
2011-07-02 14:35:08 ----A---- C:\Windows\system32\Lftif80n.dll
2011-07-02 14:35:08 ----A---- C:\Windows\system32\Lffax80n.dll
2011-07-02 14:35:07 ----A---- C:\Windows\system32\xcd73532.dll
2011-07-02 14:30:16 ----A---- C:\Windows\system32\ldf251.dll
2011-07-02 14:30:16 ----A---- C:\Windows\system32\dslang32.dll
2011-07-02 14:30:04 ----A---- C:\Windows\system32\vbar332.dll
2011-07-02 14:30:04 ----A---- C:\Windows\system32\msrepl35.dll
2011-07-02 14:30:04 ----A---- C:\Windows\system32\Msrd2x35.dll
2011-07-02 14:30:04 ----A---- C:\Windows\system32\msjet35.dll
2011-07-02 14:30:03 ----A---- C:\Windows\system32\MSJTER35.DLL
2011-07-02 14:30:03 ----A---- C:\Windows\system32\MSJINT35.DLL
2011-07-02 14:30:01 ----D---- C:\Program Files\Common Files\Spielberg DMS
2011-07-02 14:29:49 ----A---- C:\Windows\system32\acgm.dll
2011-07-02 14:29:29 ----A---- C:\Windows\system32\snbdpl1.dll
2011-07-02 14:29:29 ----A---- C:\Windows\system32\snbd9dm.dll
2011-07-02 14:29:29 ----A---- C:\Windows\system32\snbd8w98.dll
2011-07-02 14:29:29 ----A---- C:\Windows\system32\snbd10dm.dll
2011-07-02 14:29:29 ----A---- C:\Windows\system32\igsnrn22.dll
2011-07-02 14:29:28 ----A---- C:\Windows\system32\igsnpb22.dll
2011-07-02 14:29:28 ----A---- C:\Windows\system32\igsnol22.dll
2011-07-02 14:29:28 ----A---- C:\Windows\system32\Igsncx22.dll
2011-07-02 14:29:28 ----A---- C:\Windows\system32\igsncm22.dll
2011-07-02 14:28:01 ----D---- C:\Windows\system32\Adobe
2011-07-02 14:24:44 ----A---- C:\Windows\ESIDATA.ini
2011-07-02 14:24:43 ----A---- C:\Windows\IsUn0405.exe
2011-07-02 09:25:45 ----D---- C:\Users\Max_cz\AppData\Roaming\TeamViewer
2011-07-02 08:50:04 ----A---- C:\Windows\RBSystem.ini
2011-07-02 08:50:01 ----RASH---- C:\MSDOS.SYS
2011-07-02 08:50:01 ----RASH---- C:\IO.SYS
2011-07-02 08:34:29 ----D---- C:\Program Files\Common Files\Autodata Limited Shared
2011-06-30 18:44:55 ----A---- C:\Windows\system32\schannel.dll
2011-06-15 20:14:57 ----A---- C:\Windows\system32\mshtmled.dll
2011-06-15 20:14:56 ----A---- C:\Windows\system32\iertutil.dll
2011-06-15 20:14:55 ----A---- C:\Windows\system32\jscript9.dll
2011-06-15 20:14:55 ----A---- C:\Windows\system32\jscript.dll
2011-06-15 20:14:55 ----A---- C:\Windows\system32\ieui.dll
2011-06-15 20:14:53 ----A---- C:\Windows\system32\mshtml.dll
2011-06-15 20:14:52 ----A---- C:\Windows\system32\ieframe.dll
2011-06-15 20:14:51 ----A---- C:\Windows\system32\urlmon.dll
2011-06-15 18:36:10 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-06-15 18:35:20 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-15 18:35:07 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-15 18:35:06 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-15 18:34:56 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-15 18:34:18 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-15 18:34:12 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-15 18:34:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-15 18:34:10 ----A---- C:\Windows\system32\drivers\mrxsmb.sys

======List of files/folders modified in the last 1 months======

2011-07-14 19:04:07 ----D---- C:\Program Files\trend micro
2011-07-14 19:03:58 ----D---- C:\Windows\Temp
2011-07-14 19:03:27 ----A---- C:\Windows\WINCMD.INI
2011-07-14 19:02:47 ----D---- C:\Windows\System32
2011-07-14 19:02:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-14 18:58:38 ----D---- C:\Program Files\QIP 2010
2011-07-14 07:49:54 ----D---- C:\Windows
2011-07-14 07:15:37 ----D---- C:\Windows\Minidump
2011-07-13 20:49:56 ----SHD---- C:\System Volume Information
2011-07-13 20:48:31 ----D---- C:\Windows\system32\catroot
2011-07-13 20:48:27 ----D---- C:\Windows\winsxs
2011-07-13 20:47:58 ----D---- C:\Windows\system32\catroot2
2011-07-13 20:33:22 ----D---- C:\Users\Max_cz\AppData\Roaming\Azureus
2011-07-12 19:33:39 ----D---- C:\Users\Max_cz\AppData\Roaming\Skype
2011-07-12 07:20:47 ----D---- C:\ProgramData\Spyware Terminator
2011-07-11 21:37:57 ----D---- C:\Users\Max_cz\AppData\Roaming\Spyware Terminator
2011-07-11 18:31:05 ----D---- C:\Windows\Prefetch
2011-07-10 20:10:10 ----D---- C:\Program Files\Mozilla Thunderbird
2011-07-10 20:08:08 ----D---- C:\Windows\system32\Tasks
2011-07-10 19:15:36 ----SHD---- C:\Windows\Installer
2011-07-10 19:15:36 ----D---- C:\ProgramData\Real
2011-07-10 19:15:36 ----D---- C:\Program Files\Real
2011-07-10 19:15:33 ----D---- C:\Program Files\Common Files
2011-07-10 19:15:24 ----D---- C:\Users\Max_cz\AppData\Roaming\Real
2011-07-10 12:12:14 ----RD---- C:\Program Files\Skype
2011-07-10 12:12:05 ----D---- C:\ProgramData\Skype
2011-07-10 12:11:19 ----D---- C:\Users\Max_cz\AppData\Roaming\skypePM
2011-07-08 21:10:15 ----A---- C:\Windows\wcx_ftp.ini
2011-07-06 19:40:50 ----D---- C:\ProgramData\Skype Extras
2011-07-04 20:10:41 ----RD---- C:\Program Files
2011-07-04 17:33:23 ----RSD---- C:\Windows\Fonts
2011-07-04 16:43:41 ----D---- C:\Users\Max_cz\AppData\Roaming\Adobe
2011-07-02 21:28:34 ----A---- C:\Windows\win.ini
2011-07-02 14:46:11 ----D---- C:\Windows\system
2011-07-02 14:28:03 ----D---- C:\Program Files\Common Files\Adobe
2011-07-02 08:33:53 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-06-30 19:35:52 ----D---- C:\Program Files\Mozilla Firefox
2011-06-30 19:35:50 ----D---- C:\Users\Max_cz\AppData\Roaming\Mozilla
2011-06-30 18:55:25 ----D---- C:\Program Files\Microsoft Office
2011-06-27 20:53:34 ----D---- C:\Windows\inf
2011-06-21 07:54:24 ----D---- C:\Users\Max_cz\AppData\Roaming\WhatPulse
2011-06-16 20:39:53 ----D---- C:\Windows\Debug
2011-06-16 18:14:30 ----D---- C:\Windows\Microsoft.NET
2011-06-16 18:14:26 ----RSD---- C:\Windows\assembly
2011-06-15 20:37:47 ----D---- C:\Program Files\Microsoft Silverlight
2011-06-15 20:36:10 ----D---- C:\Program Files\Internet Explorer
2011-06-15 20:36:10 ----AD---- C:\Windows\system32\drivers
2011-06-15 20:29:46 ----D---- C:\ProgramData\Microsoft Help
2011-06-15 20:00:38 ----D---- C:\Program Files\Windows Mail

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-02-12 277784]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-10-08 43872]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-05 218688]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKslcfa6e49b;MpKslcfa6e49b; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6C3ACA25-20FE-4610-952E-C080EB571BE9}\MpKslcfa6e49b.sys [2011-07-14 28752]
R1 SbFw;SbFw; C:\Windows\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\Windows\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-04-16 142592]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-04-11 2589696]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-04-10 1764960]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-01-08 46592]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-18 18432]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-02-25 2216448]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2010-09-27 10368]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-06-23 259176]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\Windows\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-18 9216]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S1 MpKsl1152fe9d;MpKsl1152fe9d; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5E84D66D-2C0E-43C4-AC2B-E3329B6A8CB5}\MpKsl1152fe9d.sys []
S1 MpKsl26fa3950;MpKsl26fa3950; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{892308C0-CF3B-4AEE-BC58-871E6E355D5C}\MpKsl26fa3950.sys []
S1 MpKsl2a330c8e;MpKsl2a330c8e; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{892308C0-CF3B-4AEE-BC58-871E6E355D5C}\MpKsl2a330c8e.sys []
S1 MpKsl30856802;MpKsl30856802; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9B137742-A5FE-43E4-8645-D4F42AAC3CE2}\MpKsl30856802.sys []
S1 MpKsl35e67200;MpKsl35e67200; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA63AE2E-7CE3-46A2-902D-385ABB9A99C0}\MpKsl35e67200.sys []
S1 MpKsl3a901d80;MpKsl3a901d80; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{862475EF-0332-4BA4-A685-496737F136A5}\MpKsl3a901d80.sys []
S1 MpKsl3c755284;MpKsl3c755284; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{97B774E1-B3D3-48E7-8681-5B2E23C57AF0}\MpKsl3c755284.sys []
S1 MpKsl52f4271c;MpKsl52f4271c; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{575CCC8F-B102-4009-8F4F-499B21F570C5}\MpKsl52f4271c.sys []
S1 MpKsl71b726d9;MpKsl71b726d9; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{97B774E1-B3D3-48E7-8681-5B2E23C57AF0}\MpKsl71b726d9.sys []
S1 MpKsl7c4b893b;MpKsl7c4b893b; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{862475EF-0332-4BA4-A685-496737F136A5}\MpKsl7c4b893b.sys []
S1 MpKsl81ce2434;MpKsl81ce2434; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EE3D38C7-6858-4430-B946-8200D4CD84DE}\MpKsl81ce2434.sys []
S1 MpKsla16b7703;MpKsla16b7703; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8AA61F31-3F22-4FD7-B64A-48A4F2C0294B}\MpKsla16b7703.sys []
S1 MpKslb7c97bcf;MpKslb7c97bcf; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CF859043-4732-418F-A942-24E0B82DB57E}\MpKslb7c97bcf.sys []
S1 MpKslba370e4e;MpKslba370e4e; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{892308C0-CF3B-4AEE-BC58-871E6E355D5C}\MpKslba370e4e.sys []
S1 MpKslda0c1349;MpKslda0c1349; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9B137742-A5FE-43E4-8645-D4F42AAC3CE2}\MpKslda0c1349.sys []
S1 MpKsldb9acc52;MpKsldb9acc52; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6C3ACA25-20FE-4610-952E-C080EB571BE9}\MpKsldb9acc52.sys [2011-07-14 28752]
S1 MpKslf614e29e;MpKslf614e29e; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6C3ACA25-20FE-4610-952E-C080EB571BE9}\MpKslf614e29e.sys [2011-07-14 28752]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EuDisk;EASEUS Disk Enumerator; C:\Windows\system32\DRIVERS\EuDisk.sys [2009-12-02 123784]
S3 FIXUSTOR;FIXUSTOR; C:\Windows\system32\DRIVERS\fixustor.sys [2009-04-23 15360]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2010-02-03 94336]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2010-12-02 18304]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2010-12-02 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-12-02 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-10 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-12-02 8192]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S4 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2007-05-09 48640]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-04-11 593920]
R2 Autodata Limited License Service;Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [2011-07-02 72704]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-02-12 355096]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 QipGuard;QipGuard; C:\Program Files\QipGuard\QipGuard.exe [2011-06-24 190336]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-04-16 488960]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 110592]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
S2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-27 654848]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------


Předem moc děkuji

[Max_cz]

jen abych upřesnil, služby mám dané na automatické puštění, ale nechtějí se pustit, když ji pustím, tak píše chybu 1747

[motji]

Dobrý večer
Poprosím i o druhý log ze rsitu s názvem info.txt.

[Max_cz]

notebook se i abnormáně dlouho pouštěl, vyčištění CCcleanerem a je to lepší...

Díky

info.txt logfile of random's system information tool 1.08 2010-09-28 21:57:43

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
ACDSee 9 Photo Manager-->MsiExec.exe /I{B2D41883-3BFC-4BA0-A2F6-5A2C9836C238}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Photoshop Lightroom 2.1-->MsiExec.exe /I{42A96544-2842-444E-8A27-A61848DDEC87}
Adobe Photoshop Lightroom-->MsiExec.exe /I{EED085D5-A3FA-4FB2-BC93-48C1194E6E26}
Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Asistent pro přihlášení ke službě Windows Live-->MsiExec.exe /I{3E62B27C-342F-4B44-9331-CA4BC59A586F}
Azureus-->C:\Program Files\Azureus\Uninstall.exe
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
BlazeDTV 6.0-->"C:\Program Files\BlazeVideo\BlazeDTV 6.0\unins000.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
DeskUpdate 4.10-->"C:\Program Files\Fujitsu\DeskUpdate\unins000.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216021FF}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Antimalware Service CS-CZ Language Pack-->MsiExec.exe /X{7B1AF68B-4606-4152-9991-1E9D4FF5F0FA}
Microsoft Antimalware-->MsiExec.exe /X{E62A1F01-07B7-4541-A835-EE5B0BF064C2}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x
Microsoft Security Essentials-->MsiExec.exe /I{EF98A02A-1748-4762-9B7D-5ED1600520D5}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co85.dll,SM56UnInstaller
MozBackup 1.4.10-->C:\Program Files\MozBackup\Uninstall.exe
Mozilla Firefox (3.6.10)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (3.1.4)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Nero 7 Ultra Edition-->MsiExec.exe /X{D98C0C51-F9BB-4EE4-B791-22BF6EE31029}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{F1FDAA01-988C-423F-AC12-0D8F333943FD}
Nokia Ovi Suite Software Updater-->MsiExec.exe /X{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}
Nokia Ovi Suite-->C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
Nokia Ovi Suite-->MsiExec.exe /X{B8B4446F-87E1-4423-A47A-16832C24A199}
Ovi Desktop Sync Engine-->MsiExec.exe /X{8112C6B3-91E1-4560-8AB9-876DADFA37C5}
OviMPlatform-->MsiExec.exe /I{749A1EDD-16C2-4C63-B013-D38F0F953973}
PC Connectivity Solution-->MsiExec.exe /I{45DF6D99-666D-41FA-8D62-0E183B6240F3}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}
Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office Outlook 2007 (KB2288953)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8B772E1C-7C05-42D2-839D-3EC2D39EFF22}
Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}
Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Sunbelt Personal Firewall-->MsiExec.exe /X{82B1150E-9B37-49FC-83EB-D52197D900D0}
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Outlook 2007 Junk Email Filter (kb2291599)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {768A5B4B-2FDF-4F3D-981E-33C53724BBC8}
WD SmartWare-->MsiExec.exe /X{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}
WhatPulse 1.7-->C:\Program Files\WhatPulse\uninst.exe
Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}
Windows Live Sync-->MsiExec.exe /X{1407B87C-36E3-4FC1-9051-D08B21E1096F}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

FW: Sunbelt Personal Firewall
AS: Windows Defender (disabled)

======System event log======

Computer Name: Max_cz-PC
Event Code: 4383
Message: Služba Windows Servicing dokončila proces změny aktualizace 972145-716_neutral_PACKAGE z balíčku KB972145 (Update) do stavu Řešení(Resolving).
Record Number: 30881
Source Name: Microsoft-Windows-Servicing
Time Written: 20100923053210.000000-000
Event Type: Informace
User: Max_cz-PC\Max_cz

Computer Name: Max_cz-PC
Event Code: 4383
Message: Služba Windows Servicing dokončila proces změny aktualizace 972145-715_neutral_PACKAGE z balíčku KB972145 (Update) do stavu Řešení(Resolving).
Record Number: 30880
Source Name: Microsoft-Windows-Servicing
Time Written: 20100923053210.000000-000
Event Type: Informace
User: Max_cz-PC\Max_cz

Computer Name: Max_cz-PC
Event Code: 4383
Message: Služba Windows Servicing dokončila proces změny aktualizace 972145-714_neutral_PACKAGE z balíčku KB972145 (Update) do stavu Řešení(Resolving).
Record Number: 30879
Source Name: Microsoft-Windows-Servicing
Time Written: 20100923053210.000000-000
Event Type: Informace
User: Max_cz-PC\Max_cz

Computer Name: Max_cz-PC
Event Code: 4383
Message: Služba Windows Servicing dokončila proces změny aktualizace 972145-713_neutral_PACKAGE z balíčku KB972145 (Update) do stavu Řešení(Resolving).
Record Number: 30878
Source Name: Microsoft-Windows-Servicing
Time Written: 20100923053210.000000-000
Event Type: Informace
User: Max_cz-PC\Max_cz

Computer Name: Max_cz-PC
Event Code: 4383
Message: Služba Windows Servicing dokončila proces změny aktualizace 972145-712_neutral_PACKAGE z balíčku KB972145 (Update) do stavu Řešení(Resolving).
Record Number: 30877
Source Name: Microsoft-Windows-Servicing
Time Written: 20100923053210.000000-000
Event Type: Informace
User: Max_cz-PC\Max_cz

=====Application event log=====

Computer Name: 26L2233B2-11
Event Code: 1003
Message: Služba Windows Search byla spuštěna.

Record Number: 5
Source Name: Microsoft-Windows-Search
Time Written: 20100922190216.000000-000
Event Type: Informace
User:

Computer Name: 26L2233B2-11
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20100922190214.000000-000
Event Type: Informace
User:

Computer Name: 26L2233B2-11
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 3
Source Name: Microsoft-Windows-EventSystem
Time Written: 20100922190212.000000-000
Event Type: Informace
User:

Computer Name: 26L2233B2-11
Event Code: 900
Message: Služba Licencování softwaru se spouští.

Record Number: 2
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20100922190212.000000-000
Event Type: Informace
User:

Computer Name: LH-KJ5YV0VJ2QKC
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100922190211.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: 26L2233B2-11
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 26L2233B2-11$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: localhost
Další informace: localhost

Informace o procesu:
ID procesu: 0x1dc
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Síťová adresa: -
Port: -

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100922190150.635112-000
Event Type: Úspěch auditu
User:

Computer Name: 26L2233B2-11
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x570a5
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100922190145.908282-000
Event Type: Úspěch auditu
User:

Computer Name: 26L2233B2-11
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100922190143.724268-000
Event Type: Úspěch auditu
User:

Computer Name: 26L2233B2-11
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100922190143.724268-000
Event Type: Úspěch auditu
User:

Computer Name: 26L2233B2-11
Event Code: 4647
Message: Odhlášení spuštěné uživatelem:

Předmět:
ID zabezpečení: S-1-5-21-2152478756-3922319563-605102323-500
Název účtu: Administrator
Doména účtu: 26L2233B2-11
ID přihlášení: 0x8496a

Tato událost je generována, pokud je spuštěno odhlášení, ale počet referencí na token není nulový a relaci přihlášení nelze zničit. Není povolena žádná další uživatelem spuštěná akce. Tuto událost lze interpretovat jako událost odhlášení.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20061102130954.400000-000
Event Type: Úspěch auditu
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------

[motji]

Neinstaloval jste nějaký nový program? Odkdy to dělá?
Můžete se podívat do protokolu událostí, co to hlásí za chybu?

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[Max_cz]

Dělá to od stažení aktualizací windowsů, instaloval jsem i diagnostický program co využívám k práci, s ním to šlo normálně přes týden. Navíc mám tyto programy dané na externím disku.
MBAM sem stáhl včera a projel to s ním a nic to nenašlo, tak mi přijde zbytečné házet log, kde nic není. Jediné co se mi nepovedlo tak ho aktualizovat, jelikož mi nejde ani wifi ani přes LAN, tudíž píšu z druhého PC.

+ teď tak pátrám v paměti, co sem odklikl u spyware terminator a psalo mi to něco backdoor něco a já dal povolit....
Jinak myslel jsem, že když odinstaluji spaware terminator, že se to zlepší, jelikož i on vypínal neustále ty procesy jako svchost.exe atd... Ale stále nic

Kde najdu protokol událostí? Díky

[motji]

Tak první zkusíme test na viry.

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[Max_cz]

Tak jsem pustil ComboFix, po restartu PC combem naběhla wifi a vše OK

Tady je ještě log, jen doufám, že bude OK, nějak během vytváření zničeho nic se restartovalo PC


ComboFix 11-07-15.03 - Max_cz 16.07.2011 22:20:08.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1068 [GMT 2:00]
Spuštěný z: C:\Users\Max_cz\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}


((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Windows\IsUn0405.exe
C:\Windows\IsUn0407.exe
C:\Windows\system32\Config.ini


((((((((((((((((((((((((( Soubory vytvořené od 2011-06-16 do 2011-07-16 )))))))))))))))))))))))))))))))


2011-07-16 11:00:13 . 2011-07-16 11:00:13 28752 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6C3ACA25-20FE-4610-952E-C080EB571BE9}\MpKsld595845f.sys
2011-07-15 19:39:52 . 2011-07-15 19:39:52 -------- d-----w- C:\Users\Max_cz\AppData\Roaming\Malwarebytes
2011-07-15 19:37:09 . 2010-11-29 15:42:18 38224 ----a-w- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-07-15 19:37:08 . 2011-07-15 19:37:08 -------- d-----w- C:\ProgramData\Malwarebytes
2011-07-15 19:37:04 . 2011-07-15 19:37:11 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-15 19:37:04 . 2010-11-29 15:42:06 20952 ----a-w- C:\Windows\system32\drivers\mbam.sys
2011-07-13 18:50:19 . 2011-06-07 15:55:46 7074640 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6C3ACA25-20FE-4610-952E-C080EB571BE9}\mpengine.dll
2011-07-11 19:28:22 . 2011-07-11 19:28:22 62885 ----a-w- C:\Users\Max_cz\ia_remove.sh3414.tmp
2011-07-11 19:14:40 . 2011-07-11 19:14:40 -------- d-----w- C:\usr
2011-07-11 18:48:33 . 2011-07-11 19:14:41 -------- d--h--w- C:\Users\Max_cz\Zero G Registry
2011-07-11 16:31:21 . 2011-07-11 16:31:21 404640 ----a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl
2011-07-04 18:10:41 . 2011-07-04 18:12:56 -------- d-----w- C:\Program Files\The KMPlayer
2011-07-04 09:22:49 . 2011-07-04 09:22:49 -------- d-----w- C:\Program Files\QipGuard
2011-07-04 09:22:35 . 2011-07-04 09:22:36 -------- d-----w- C:\Users\Max_cz\AppData\Roaming\QipGuard
2011-07-04 09:22:25 . 2011-06-24 13:16:46 141184 ----a-w- C:\Users\Max_cz\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
2011-07-02 19:29:13 . 2000-08-20 22:00:00 1388544 ----a-w- C:\Windows\system32\temp.001
2011-07-02 19:27:15 . 2011-07-02 19:40:20 -------- d-----w- C:\BOSCH_PR
2011-07-02 12:46:29 . 2010-07-07 11:26:32 428544 ----a-w- C:\Windows\system32\rbsys.cpl
2011-07-02 12:46:11 . 2010-02-24 09:30:36 62480 ----a-w- C:\Windows\system\rbserial.dll
2011-07-02 12:39:31 . 2003-03-19 02:03:50 544768 ----a-w- C:\Windows\system32\msvcr71d.dll
2011-07-02 12:39:31 . 2001-12-19 21:03:26 36864 ---ha-w- C:\Windows\system32\psvince.dll
2011-07-02 12:39:30 . 2004-04-23 10:37:12 127488 ----a-w- C:\Windows\system32\awn32b.dll
2011-07-02 12:39:30 . 2003-03-19 05:20:00 1060864 ----a-w- C:\Windows\system32\MFC71.dll
2011-07-02 12:30:16 . 2003-02-14 14:31:32 655360 ----a-w- C:\Windows\system32\dslang32.dll
2011-07-02 12:30:16 . 2001-07-03 18:05:22 671744 ----a-w- C:\Windows\system32\DSScan.ocx
2011-07-02 12:30:16 . 2000-02-01 13:45:34 327680 ----a-w- C:\Windows\system32\ldf251.dll
2011-07-02 12:30:04 . 1999-03-24 00:06:48 1046288 ----a-w- C:\Windows\system32\msjet35.dll
2011-07-02 12:30:04 . 1998-12-04 08:13:10 415504 ----a-w- C:\Windows\system32\msrepl35.dll
2011-07-02 12:30:04 . 1998-04-26 22:00:00 570128 ----a-w- C:\Program Files\Common Files\Microsoft Shared\DAO\DAO350.DLL
2011-07-02 12:30:04 . 1998-04-23 23:00:00 368912 ----a-w- C:\Windows\system32\vbar332.dll
2011-07-02 12:30:04 . 1997-06-23 00:00:00 252176 ----a-w- C:\Windows\system32\Msrd2x35.dll
2011-07-02 12:30:03 . 2001-02-02 13:48:00 123664 ----a-w- C:\Windows\system32\MSJINT35.DLL
2011-07-02 12:30:03 . 2000-05-21 23:00:00 140488 ----a-w- C:\Windows\system32\COMDLG32.OCX
2011-07-02 12:30:03 . 2000-02-10 19:50:48 36864 ----a-w- C:\Windows\system32\MSJTER35.DLL
2011-07-02 12:30:01 . 2011-07-02 19:29:35 -------- d-----w- C:\Program Files\Common Files\Spielberg DMS
2011-07-02 12:30:01 . 2000-08-20 22:00:00 1388544 ----a-w- C:\Windows\system32\temp.000
2011-07-02 12:29:49 . 2004-05-04 08:17:38 2060288 ----a-w- C:\Windows\system32\acgm.dll
2011-07-02 12:29:29 . 2005-01-19 13:42:44 557056 ----a-w- C:\Windows\system32\snbd10dm.dll
2011-07-02 12:29:29 . 2005-01-19 13:42:44 531968 ----a-w- C:\Windows\system32\snbd9dm.dll
2011-07-02 12:29:29 . 2005-01-19 13:42:44 526336 ----a-w- C:\Windows\system32\snbd8w98.dll
2011-07-02 12:29:29 . 2005-01-19 13:42:44 33280 ----a-w- C:\Windows\system32\snbdpl1.dll
2011-07-02 12:29:29 . 2005-01-19 13:42:42 606208 ----a-w- C:\Windows\system32\igsnrn22.dll
2011-07-02 12:29:28 . 2005-01-19 13:42:42 86528 ----a-w- C:\Windows\system32\Igsncx22.dll
2011-07-02 12:29:28 . 2005-01-19 13:42:42 385536 ----a-w- C:\Windows\system32\igsncm22.dll
2011-07-02 12:29:28 . 2005-01-19 13:42:42 38400 ----a-w- C:\Windows\system32\igsnol22.dll
2011-07-02 12:29:28 . 2005-01-19 13:42:42 125952 ----a-w- C:\Windows\system32\igsnpb22.dll
2011-07-02 12:28:01 . 2011-07-02 12:28:01 -------- d-----w- C:\Windows\system32\Adobe
2011-07-02 07:25:45 . 2011-07-02 07:25:45 -------- d-----w- C:\Users\Max_cz\AppData\Roaming\TeamViewer
2011-07-02 06:34:29 . 2011-07-02 06:34:29 -------- d-----w- C:\Program Files\Common Files\Autodata Limited Shared
2011-06-30 16:44:55 . 2011-04-29 15:59:36 276992 ----a-w- C:\Windows\system32\schannel.dll
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-06-07 15:55:46 . 2010-09-25 01:10:57 7074640 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-05-02 17:16:14 . 2011-06-15 16:34:18 739328 ----a-w- C:\Windows\system32\inetcomm.dll
2011-04-29 14:06:14 . 2011-04-29 14:08:27 668938 ----a-w- C:\Windows\unins000.exe
2011-04-29 13:25:10 . 2011-06-15 16:35:07 146432 ----a-w- C:\Windows\system32\drivers\srv2.sys
2011-04-29 13:25:09 . 2011-06-15 16:35:06 102400 ----a-w- C:\Windows\system32\drivers\srvnet.sys
2011-04-29 13:24:50 . 2011-06-15 16:34:12 214016 ----a-w- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-29 13:24:42 . 2011-06-15 16:34:11 79872 ----a-w- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-29 13:24:40 . 2011-06-15 16:34:10 106496 ----a-w- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-25 18:10:22 . 2011-04-25 18:10:22 161792 ----a-w- C:\Windows\system32\msls31.dll
2011-04-25 18:10:22 . 2011-04-25 18:10:22 1126912 ----a-w- C:\Windows\system32\wininet.dll
2011-04-25 18:10:19 . 2011-04-25 18:10:19 86528 ----a-w- C:\Windows\system32\iesysprep.dll
2011-04-25 18:10:19 . 2011-04-25 18:10:19 76800 ----a-w- C:\Windows\system32\SetIEInstalledDate.exe
2011-04-25 18:10:19 . 2011-04-25 18:10:19 74752 ----a-w- C:\Windows\system32\RegisterIEPKEYs.exe
2011-04-25 18:10:19 . 2011-04-25 18:10:19 48640 ----a-w- C:\Windows\system32\mshtmler.dll
2011-04-25 18:10:18 . 2011-04-25 18:10:18 63488 ----a-w- C:\Windows\system32\tdc.ocx
2011-04-25 18:10:17 . 2011-04-25 18:10:17 367104 ----a-w- C:\Windows\system32\html.iec
2011-04-25 18:10:15 . 2011-04-25 18:10:15 74752 ----a-w- C:\Windows\system32\iesetup.dll
2011-04-25 18:10:14 . 2011-04-25 18:10:14 23552 ----a-w- C:\Windows\system32\licmgr10.dll
2011-04-25 18:10:14 . 2011-04-25 18:10:14 1427456 ----a-w- C:\Windows\system32\inetcpl.cpl
2011-04-25 18:10:13 . 2011-04-25 18:10:13 152064 ----a-w- C:\Windows\system32\wextract.exe
2011-04-25 18:10:13 . 2011-04-25 18:10:13 150528 ----a-w- C:\Windows\system32\iexpress.exe
2011-04-25 18:10:12 . 2011-04-25 18:10:12 420864 ----a-w- C:\Windows\system32\vbscript.dll
2011-04-25 18:10:11 . 2011-04-25 18:10:11 142848 ----a-w- C:\Windows\system32\ieUnatt.exe
2011-04-25 18:10:11 . 2011-04-25 18:10:11 11776 ----a-w- C:\Windows\system32\mshta.exe
2011-04-25 18:10:11 . 2011-04-25 18:10:10 101888 ----a-w- C:\Windows\system32\admparse.dll
2011-04-25 18:10:10 . 2011-04-25 18:10:10 35840 ----a-w- C:\Windows\system32\imgutil.dll
2011-04-25 18:10:09 . 2011-04-25 18:10:09 110592 ----a-w- C:\Windows\system32\IEAdvpack.dll
2011-04-22 23:35:56 . 2011-06-15 18:14:55 1797632 ----a-w- C:\Windows\system32\jscript9.dll
2011-04-22 23:25:54 . 2011-06-15 18:14:57 2382848 ----a-w- C:\Windows\system32\mshtml.tlb
2011-04-21 13:58:27 . 2011-06-15 16:35:20 273408 ----a-w- C:\Windows\system32\drivers\afd.sys


(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))


*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WhatPulse"="C:\Program Files\WhatPulse\WhatPulse.exe" [2010-08-09 17:45:42 2922496]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 21:33:40 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-10 13:01:32 4431872]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-05-05 09:01:46 1466368]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 11:37:58 174872]
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe" [2010-11-30 12:20:36 997408]
"DeskUpdateNotifier"="C:\Program Files\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe" [2010-10-13 11:04:22 97560]
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 12:49:28 249064]

[motji]

Spustte combofix ještě jednou, neproběhl korektně.

[Max_cz]

tak snad již proběhlo vše OK, ale po dokončení combofixu mi nejde pustit google chrome, total commander, IE, skype, poznámokový blok a další programy. Aani nešel zpětně otevřít log combofixu. Takže musím vše z druhého PC

Píše mi to "umístění programu"

Pokus použít neplatnou operaci na klíč registru, který je označen pro odstranění.

+ přikládám log


ComboFix 11-07-17.01 - Max_cz 17.07.2011 9:28.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1180 [GMT 2:00]
Spuštěný z: c:\users\Max_cz\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\windows\IsUn0405.exe
c:\windows\IsUn0407.exe
c:\windows\system32\Config.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-17 do 2011-07-17 )))))))))))))))))))))))))))))))
.
.
2011-07-17 07:42 . 2011-07-17 07:42 -------- d-----w- c:\users\Max_cz\AppData\Local\temp
2011-07-17 07:42 . 2011-07-17 07:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-17 07:21 . 2011-07-17 07:23 -------- d-----w- C:\32788R22FWJFW
2011-07-16 20:48 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E8AAFADA-8A81-40EB-BFC8-6319A7306118}\mpengine.dll
2011-07-15 19:39 . 2011-07-15 19:39 -------- d-----w- c:\users\Max_cz\AppData\Roaming\Malwarebytes
2011-07-15 19:37 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-15 19:37 . 2011-07-15 19:37 -------- d-----w- c:\programdata\Malwarebytes
2011-07-15 19:37 . 2011-07-15 19:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-15 19:37 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-13 18:48 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-07-13 18:48 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-07-13 18:48 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-07-11 19:28 . 2011-07-11 19:28 62885 ----a-w- c:\users\Max_cz\ia_remove.sh3414.tmp
2011-07-11 19:14 . 2011-07-11 19:14 -------- d-----w- C:\usr
2011-07-11 18:48 . 2011-07-11 19:14 -------- d--h--w- c:\users\Max_cz\Zero G Registry
2011-07-11 16:31 . 2011-07-11 16:31 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-07-04 18:10 . 2011-07-04 18:12 -------- d-----w- c:\program files\The KMPlayer
2011-07-04 09:22 . 2011-07-04 09:22 -------- d-----w- c:\program files\QipGuard
2011-07-04 09:22 . 2011-07-04 09:22 -------- d-----w- c:\users\Max_cz\AppData\Roaming\QipGuard
2011-07-04 09:22 . 2011-06-24 13:16 141184 ----a-w- c:\users\Max_cz\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
2011-07-02 19:29 . 2000-08-20 22:00 1388544 ----a-w- c:\windows\system32\temp.001
2011-07-02 19:27 . 2011-07-02 19:40 -------- d-----w- C:\BOSCH_PR
2011-07-02 12:46 . 2010-07-07 11:26 428544 ----a-w- c:\windows\system32\rbsys.cpl
2011-07-02 12:46 . 2010-02-24 09:30 62480 ----a-w- c:\windows\system\rbserial.dll
2011-07-02 12:39 . 2003-03-19 02:03 544768 ----a-w- c:\windows\system32\msvcr71d.dll
2011-07-02 12:39 . 2001-12-19 21:03 36864 ---ha-w- c:\windows\system32\psvince.dll
2011-07-02 12:39 . 2004-04-23 10:37 127488 ----a-w- c:\windows\system32\awn32b.dll
2011-07-02 12:39 . 2003-03-19 05:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2011-07-02 12:30 . 2003-02-14 14:31 655360 ----a-w- c:\windows\system32\dslang32.dll
2011-07-02 12:30 . 2001-07-03 18:05 671744 ----a-w- c:\windows\system32\DSScan.ocx
2011-07-02 12:30 . 2000-02-01 13:45 327680 ----a-w- c:\windows\system32\ldf251.dll
2011-07-02 12:30 . 1999-03-24 00:06 1046288 ----a-w- c:\windows\system32\msjet35.dll
2011-07-02 12:30 . 1998-12-04 08:13 415504 ----a-w- c:\windows\system32\msrepl35.dll
2011-07-02 12:30 . 1998-04-26 22:00 570128 ----a-w- c:\program files\Common Files\Microsoft Shared\DAO\DAO350.DLL
2011-07-02 12:30 . 1998-04-23 23:00 368912 ----a-w- c:\windows\system32\vbar332.dll
2011-07-02 12:30 . 1997-06-23 00:00 252176 ----a-w- c:\windows\system32\Msrd2x35.dll
2011-07-02 12:30 . 2001-02-02 13:48 123664 ----a-w- c:\windows\system32\MSJINT35.DLL
2011-07-02 12:30 . 2000-05-21 23:00 140488 ----a-w- c:\windows\system32\COMDLG32.OCX
2011-07-02 12:30 . 2000-02-10 19:50 36864 ----a-w- c:\windows\system32\MSJTER35.DLL
2011-07-02 12:30 . 2011-07-02 19:29 -------- d-----w- c:\program files\Common Files\Spielberg DMS
2011-07-02 12:30 . 2000-08-20 22:00 1388544 ----a-w- c:\windows\system32\temp.000
2011-07-02 12:29 . 2004-05-04 08:17 2060288 ----a-w- c:\windows\system32\acgm.dll
2011-07-02 12:29 . 2005-01-19 13:42 557056 ----a-w- c:\windows\system32\snbd10dm.dll
2011-07-02 12:29 . 2005-01-19 13:42 531968 ----a-w- c:\windows\system32\snbd9dm.dll
2011-07-02 12:29 . 2005-01-19 13:42 526336 ----a-w- c:\windows\system32\snbd8w98.dll
2011-07-02 12:29 . 2005-01-19 13:42 33280 ----a-w- c:\windows\system32\snbdpl1.dll
2011-07-02 12:29 . 2005-01-19 13:42 606208 ----a-w- c:\windows\system32\igsnrn22.dll
2011-07-02 12:29 . 2005-01-19 13:42 86528 ----a-w- c:\windows\system32\Igsncx22.dll
2011-07-02 12:29 . 2005-01-19 13:42 385536 ----a-w- c:\windows\system32\igsncm22.dll
2011-07-02 12:29 . 2005-01-19 13:42 38400 ----a-w- c:\windows\system32\igsnol22.dll
2011-07-02 12:29 . 2005-01-19 13:42 125952 ----a-w- c:\windows\system32\igsnpb22.dll
2011-07-02 12:28 . 2011-07-02 12:28 -------- d-----w- c:\windows\system32\Adobe
2011-07-02 07:25 . 2011-07-02 07:25 -------- d-----w- c:\users\Max_cz\AppData\Roaming\TeamViewer
2011-07-02 06:34 . 2011-07-02 06:34 -------- d-----w- c:\program files\Common Files\Autodata Limited Shared
2011-06-30 16:44 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-07 15:55 . 2010-09-25 01:10 7074640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-05-02 17:16 . 2011-06-15 16:34 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 14:06 . 2011-04-29 14:08 668938 ----a-w- c:\windows\unins000.exe
2011-04-29 13:25 . 2011-06-15 16:35 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 13:25 . 2011-06-15 16:35 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-29 13:24 . 2011-06-15 16:34 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-29 13:24 . 2011-06-15 16:34 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-29 13:24 . 2011-06-15 16:34 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 18:10 . 2011-04-25 18:10 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-25 18:10 . 2011-04-25 18:10 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 18:10 . 2011-04-25 18:10 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-25 18:10 . 2011-04-25 18:10 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-25 18:10 . 2011-04-25 18:10 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-25 18:10 . 2011-04-25 18:10 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-25 18:10 . 2011-04-25 18:10 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-25 18:10 . 2011-04-25 18:10 367104 ----a-w- c:\windows\system32\html.iec
2011-04-25 18:10 . 2011-04-25 18:10 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-25 18:10 . 2011-04-25 18:10 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 18:10 . 2011-04-25 18:10 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-25 18:10 . 2011-04-25 18:10 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-25 18:10 . 2011-04-25 18:10 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-25 18:10 . 2011-04-25 18:10 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-25 18:10 . 2011-04-25 18:10 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-25 18:10 . 2011-04-25 18:10 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-25 18:10 . 2011-04-25 18:10 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-25 18:10 . 2011-04-25 18:10 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-25 18:10 . 2011-04-25 18:10 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-22 23:35 . 2011-06-15 18:14 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-22 23:25 . 2011-06-15 18:14 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-21 13:58 . 2011-06-15 16:35 273408 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WhatPulse"="c:\program files\WhatPulse\WhatPulse.exe" [2010-08-09 2922496]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-10 4431872]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-05-05 1466368]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 174872]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"DeskUpdateNotifier"="c:\program files\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe" [2010-10-13 97560]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^EsiStartServer.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\EsiStartServer.lnk
backup=c:\windows\pss\EsiStartServer.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
backup=c:\windows\pss\WDDMStatus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-03-30 04:59 937920 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2007-06-26 15:58 61440 ----a-r- c:\program files\Adobe\Adobe Photoshop Lightroom 1.1\apdproxy.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-06-08 04:02 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-05-16 07:27 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlazeServoTool]
2010-03-06 15:46 286720 ----a-w- c:\program files\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
2007-02-06 16:39 622592 ------w- c:\program files\Brother\Brmfcmon\BrMfcWnd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
2006-07-19 12:51 65536 ------w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-20 09:20 1305408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
2011-06-24 13:17 6804864 ----a-w- c:\program files\QIP 2010\qip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-11-10 00:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
2011-06-24 13:16 190336 ----a-w- c:\users\Max_cz\AppData\Roaming\QipGuard\QipGuard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-06-15 13:02 15141768 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-18 21:33 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3232157848-3325072676-3102783843-1000]
"EnableNotificationsRef"=dword:00000001
.
R1 MpKsl1152fe9d;MpKsl1152fe9d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E84D66D-2C0E-43C4-AC2B-E3329B6A8CB5}\MpKsl1152fe9d.sys [x]
R1 MpKsl26fa3950;MpKsl26fa3950;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{892308C0-CF3B-4AEE-BC58-871E6E355D5C}\MpKsl26fa3950.sys [x]
R1 MpKsl2a330c8e;MpKsl2a330c8e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{892308C0-CF3B-4AEE-BC58-871E6E355D5C}\MpKsl2a330c8e.sys [x]
R1 MpKsl30856802;MpKsl30856802;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9B137742-A5FE-43E4-8645-D4F42AAC3CE2}\MpKsl30856802.sys [x]
R1 MpKsl35e67200;MpKsl35e67200;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FA63AE2E-7CE3-46A2-902D-385ABB9A99C0}\MpKsl35e67200.sys [x]
R1 MpKsl3a901d80;MpKsl3a901d80;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{862475EF-0332-4BA4-A685-496737F136A5}\MpKsl3a901d80.sys [x]
R1 MpKsl3c755284;MpKsl3c755284;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{97B774E1-B3D3-48E7-8681-5B2E23C57AF0}\MpKsl3c755284.sys [x]
R1 MpKsl52f4271c;MpKsl52f4271c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{575CCC8F-B102-4009-8F4F-499B21F570C5}\MpKsl52f4271c.sys [x]
R1 MpKsl71b726d9;MpKsl71b726d9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{97B774E1-B3D3-48E7-8681-5B2E23C57AF0}\MpKsl71b726d9.sys [x]
R1 MpKsl7c4b893b;MpKsl7c4b893b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{862475EF-0332-4BA4-A685-496737F136A5}\MpKsl7c4b893b.sys [x]
R1 MpKsl81ce2434;MpKsl81ce2434;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EE3D38C7-6858-4430-B946-8200D4CD84DE}\MpKsl81ce2434.sys [x]
R1 MpKsla16b7703;MpKsla16b7703;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8AA61F31-3F22-4FD7-B64A-48A4F2C0294B}\MpKsla16b7703.sys [x]
R1 MpKslb7c97bcf;MpKslb7c97bcf;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CF859043-4732-418F-A942-24E0B82DB57E}\MpKslb7c97bcf.sys [x]
R1 MpKslba370e4e;MpKslba370e4e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{892308C0-CF3B-4AEE-BC58-871E6E355D5C}\MpKslba370e4e.sys [x]
R1 MpKslda0c1349;MpKslda0c1349;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9B137742-A5FE-43E4-8645-D4F42AAC3CE2}\MpKslda0c1349.sys [x]
R1 MpKsldb9acc52;MpKsldb9acc52;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6C3ACA25-20FE-4610-952E-C080EB571BE9}\MpKsldb9acc52.sys [x]
R1 MpKslf614e29e;MpKslf614e29e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6C3ACA25-20FE-4610-952E-C080EB571BE9}\MpKslf614e29e.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 EuDisk;EASEUS Disk Enumerator;c:\windows\system32\DRIVERS\EuDisk.sys [2009-12-02 123784]
R3 FIXUSTOR;FIXUSTOR;c:\windows\system32\DRIVERS\fixustor.sys [2009-04-23 15360]
R3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys [2010-02-03 94336]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-05 218688]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2008-10-31 270888]
S1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [2008-06-21 66600]
S2 QipGuard;QipGuard;c:\program files\QipGuard\QipGuard.exe [2011-06-24 190336]
S2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
S2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 110592]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-01-08 46592]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3232157848-3325072676-3102783843-1000Core.job
- c:\users\Max_cz\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-26 20:00]
.
2011-07-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3232157848-3325072676-3102783843-1000UA.job
- c:\users\Max_cz\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-26 20:00]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Bosch Viewer - i:\progra~1\Bosch\ESITRO~1\MCVIEWER\UNWISE.EXE
AddRemove-Diagnostika elektronických systémů_is1 - i:\program files\Bosch\ESItronic\KTS500\uninst\unins000.exe
AddRemove-ESI[tronic] - i:\progra~1\Bosch\ESITRO~1\Setup.exe
AddRemove-Zkušební hodnoty ESI - c:\windows\IsUn0405.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-17 09:42
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-07-17 09:48:00
ComboFix-quarantined-files.txt 2011-07-17 07:47
.
Před spuštěním: Volných bajtů: 55 081 877 504
Po spuštění: Volných bajtů: 55 053 594 624
.
- - End Of File - - B142E0F3F00F091C97F33C251B735C9E

[motji]

Restartujte počítač, mělo by se to opravit. A pak napište, jak to vypadá s počítačem.

[Max_cz]

Po restartu zatím vše běží tak jak má, wifi jde.

Můžeme ještě projet ten externí disk? Jestli tam není nějaký nepořádek? Mám tam zálohy PC + programy nějaké nainstalované

[motji]

Připojte ho k pc.

Zapojte do pc všechny usb klíče, flashky...co používáte

Použijte USB fix
http://www.viry.cz/forum/viewtopic.php?f=24&t=102308


Před stažením vypněte rezidentní štít antiviru, má na Usbfix falešnou detekci
-spusťte
-klikněte na volbu deletion , potvrdte enter
- po skenu sem vložte log , pokud na Vás nevyskočí, najdete ho C:\UsbFix.txt

[Max_cz]

############################## | UsbFix 7.014 | [Deletion]

User: Max_cz (Administrator) # MAX_CZ-PC [FUJITSU SIEMENS AMILO Pi 2530]
Updated 24/06/10 by El Desaparecido / C_XX
Started at 11:36:03 | 17/07/2011
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Core(TM)2 Duo CPU T5250 @ 1.50GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU T5250 @ 1.50GHz
Microsoft® Windows Vista™ Home Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 9.0.8112.16421

Windows Firewall: Disabled /!\
Firewall: Sunbelt Personal Firewall 4.6.1861 T [(!) Disabled]
RAM -> 2046 Mb
C:\ (%systemdrive%) -> Fixed drive # 171 Gb (50 Mb free - 30%) [] # NTFS
D:\ -> Fixed drive # 43 Gb (37 Mb free - 86%) [] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> CD-ROM
I:\ -> Fixed drive # 1397 Gb (1076 Mb free - 77%) [My Book] # NTFS

################## | Files # Infected Folders |

Not deleted ! G:\Autorun.inf

################## | Registry |

Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |


################## | Listing |

[17/07/2011 - 11:41:44 | SHD ] C:\$RECYCLE.BIN
[17/07/2011 - 09:23:57 | D ] C:\32788R22FWJFW
[10/07/2011 - 19:30:56 | A | 4608] C:\6XSourceFilter.grf
[18/09/2006 - 23:43:36 | A | 24] C:\autoexec.bat
[24/09/2010 - 01:24:02 | D ] C:\Boot
[10/04/2009 - 23:36:38 | RASH | 333257] C:\bootmgr
[23/09/2010 - 06:59:16 | RAS | 8192] C:\BOOTSECT.BAK
[02/07/2011 - 21:40:20 | D ] C:\BOSCH_PR
[04/10/2010 - 07:45:26 | D ] C:\Brother
[17/07/2011 - 09:48:12 | D ] C:\ComboFix
[17/07/2011 - 09:48:04 | A | 21337] C:\ComboFix.txt
[18/09/2006 - 23:43:37 | A | 10] C:\config.sys
[26/09/2010 - 01:04:59 | A | 1389652] C:\debug.log
[02/11/2006 - 15:02:03 | SHD ] C:\Documents and Settings
[17/07/2011 - 10:10:27 | ASH | 2145837056] C:\hiberfil.sys
[02/07/2011 - 08:50:01 | RASH | 0] C:\IO.SYS
[02/07/2011 - 08:50:01 | RASH | 0] C:\MSDOS.SYS
[27/09/2010 - 15:37:38 | RD ] C:\MSOCache
[17/07/2011 - 10:10:25 | ASH | 2459639808] C:\pagefile.sys
[15/07/2011 - 21:37:04 | RD ] C:\Program Files
[15/07/2011 - 21:37:08 | D ] C:\ProgramData
[17/07/2011 - 09:48:11 | D ] C:\Qoobox
[22/09/2010 - 23:01:03 | A | 420] C:\RHDSetup.log
[28/09/2010 - 21:57:43 | D ] C:\rsit
[17/07/2011 - 09:55:03 | SHD ] C:\System Volume Information
[17/07/2011 - 11:41:44 | D ] C:\UsbFix
[17/07/2011 - 11:36:04 | A | 2647] C:\UsbFix.txt
[22/09/2010 - 21:14:34 | RD ] C:\Users
[11/07/2011 - 21:14:40 | D ] C:\usr
[17/07/2011 - 09:48:08 | D ] C:\Windows
[17/07/2011 - 11:41:44 | D ] D:\$RECYCLE.BIN
[17/07/2011 - 09:55:03 | SHD ] D:\System Volume Information
[28/01/2010 - 22:00:27 | A | 88] G:\autorun.inf
[28/01/2010 - 22:01:24 | AD ] G:\Extras
[22/01/2010 - 18:33:08 | A | 3713312] G:\Unlock.exe
[28/01/2010 - 22:01:16 | AD ] G:\User Manuals
[22/01/2010 - 02:13:41 | A | 1630680] G:\Virtual CD Manager.exe
[28/01/2010 - 20:42:57 | AD ] G:\WD SmartWare
[22/01/2010 - 02:13:40 | A | 3330848] G:\WD SmartWare.exe
[28/01/2010 - 22:00:27 | A | 695] G:\What is this.html
[17/07/2011 - 11:41:44 | SHD ] I:\$RECYCLE.BIN
[12/07/2011 - 19:39:40 | D ] I:\ADCDA2
[02/07/2011 - 21:40:34 | D ] I:\BOSCH
[06/02/2011 - 14:16:55 | D ] I:\Data
[22/09/2010 - 19:28:13 | D ] I:\MAX PC
[12/07/2011 - 07:50:39 | D ] I:\Max_cz filmy
[15/04/2011 - 19:24:12 | D ] I:\MAX_CZ-PC
[02/07/2010 - 18:39:55 | RA | 528] I:\MediaID.bin
[11/07/2011 - 20:48:33 | D ] I:\Program Files
[02/05/2011 - 08:11:37 | SHD ] I:\Recycled
[17/07/2011 - 11:37:01 | SHD ] I:\RECYCLER
[06/02/2011 - 17:59:38 | SHD ] I:\System Volume Information
[21/09/2010 - 21:51:32 | D ] I:\wamp
[04/07/2010 - 12:51:34 | SD ] I:\WD SmartWare.swstor
[02/05/2011 - 08:12:15 | D ] I:\záloha

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
I:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_MAX_CZ-PC.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution.

################## | E.O.F |

[motji]

Řekla bych že je to v pořádku. Jak se tváří počítač?

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://tharifas.sweb.cz/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?