Prosím o kontrolu

Zpráva

)aguar · #1 Příspěvek od **)aguar** » 31 srp 2011 11:48

Dobrý den. Opět já. Už potřetí za týden, ale zase jiný PC.

Log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Fana a Rada at 2011-08-31 12:44:05
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (50%) free of 14 GB
Total RAM: 1023 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:45:40, on 31.8.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
D:\Programy\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
D:\Programy\National Instruments\MAX\nimxs.exe
C:\WINDOWS\system32\nipalsm.exe
D:\Programy\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
D:\Programy\National Instruments\Shared\Tagger\tagsrv.exe
d:\Programy\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
D:\Programy\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
C:\WINDOWS\system32\nipalsm.exe
C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Programy\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Programy\Spyware Terminator\SpywareTerminatorShield.exe
D:\Programy\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
D:\Programy\Bluetooth\BlueSoleil.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Programy\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
D:\Programy\Mozilla Firefox\plugin-container.exe
C:\Program Files\totalcommander\TOTALCMD.EXE
C:\Documents and Settings\Fana a Rada\Plocha\Stazeno\RSIT.exe
C:\Program Files\trend micro\Fana a Rada.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\Programy\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "d:\Programy\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "d:\Programy\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = D:\Programy\Bluetooth\BlueSoleil.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\programy\national instruments\shared\mdns responder\nimdnsnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{72B6E2DB-8224-455E-A838-9588103ABCC9}: NameServer = 192.168.1.1
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Programy\Bluetooth\BTNtService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\Programy\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - D:\Programy\National Instruments\MAX\nimxs.exe
O23 - Service: NI-488.2 Enumeration Service (ni488enumsvc) - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: NI Device Loader (nidevldu) - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - D:\Programy\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - D:\Programy\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: National Instruments LXI Discovery Service (niLXIDiscovery) - National Instruments Corporation - C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
O23 - Service: National Instruments mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - D:\Programy\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
O23 - Service: NI PXI Resource Manager (nipxirmu) - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corporation - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments Corporation - D:\Programy\National Instruments\Shared\Tagger\tagsrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OpcEnum.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - d:\Programy\Spyware Terminator\sp_rsser.exe

--
End of file - 8547 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Fana a Rada\Data aplikací\Mozilla\Firefox\Profiles\fvz1sbqg.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.7, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, jqs@sun.com:1.0, saloonbar@ligny.org.uk:3.0, {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.4, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\Program Files\Crawler\Toolbar\firefox\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@macromedia.com/FlashPlayer10]
"Description"=Adobe Flash Player 10.0
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Programy\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

d:\Programy\Mozilla Firefox\extensions\
BSToolbar@toolbarnet.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{B13721C7-F507-4982-B2E5-502A71474FED}
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

d:\Programy\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

d:\Programy\Mozilla Firefox\plugins\
npdeployJava1.dll
NPLV80Win32.dll
NPLV82Win32.dll
nplv85win32.dll
nplv86win32.dll
nplv90win32.dll
npnul32.dll
nppdf32.dll

d:\Programy\Mozilla Firefox\searchplugins\
crawlersrch.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Fana a Rada\Data aplikací\Mozilla\Firefox\Profiles\fvz1sbqg.default\extensions\
saloonbar@ligny.org.uk
{77b819fa-95ad-4f2c-ac7c-486b356188a9}
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
{dd68c513-9296-4b63-8d8b-8f1c991c8a48}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

C:\Documents and Settings\Fana a Rada\Data aplikací\Mozilla\Firefox\Profiles\fvz1sbqg.default\searchplugins\
bsplayer-search.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
&Crawler Toolbar Helper - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-07-14 1237240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-30 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-06-30 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-07-14 1237240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-27 68096]
"NVRaidService"=C:\WINDOWS\system32\nvraidservice.exe [2004-06-11 83968]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-21 61440]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 1848648]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-07-04 3493720]
"COMODO Internet Security"=D:\Programy\COMODO\COMODO Internet Security\cfp.exe [2011-06-30 2554696]
"Adobe Reader Speed Launcher"=D:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"SpywareTerminator"=d:\Programy\Spyware Terminator\SpywareTerminatorShield.exe [2011-08-31 2216960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=d:\Programy\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-08-31 3318784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-09-20 202024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataFinder]
D:\Programy\National Instruments\Shared\DataFinderDesktop\bin\DataFinder.exe [2009-06-01 3103264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\niDevMon]
D:\Programy\National Instruments\NI-DAQ\HWConfig\nidevmon.exe [2008-12-30 109136]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
BlueSoleil.lnk - D:\Programy\Bluetooth\BlueSoleil.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-07-21 155648]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programy\uTorrent\utorrent.exe"="D:\Programy\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Fana a Rada\Plocha\utorrent.exe"="C:\Documents and Settings\Fana a Rada\Plocha\utorrent.exe:*:Enabled:µTorrent"
"D:\Hry\Steam\Steam.exe"="D:\Hry\Steam\Steam.exe:*:Enabled:Steam"
"D:\Programy\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe"="D:\Programy\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe:*:Enabled:nimdnsResponder"
"D:\Programy\Bluetooth\BlueSoleil.exe"="D:\Programy\Bluetooth\BlueSoleil.exe:*:Enabled:BlueSoleil"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-08-31 12:44:03 ----D---- C:\rsit
2011-08-31 10:14:12 ----D---- C:\WINDOWS\system32\appmgmt
2011-08-31 10:04:46 ----D---- C:\Program Files\trend micro
2011-08-31 09:33:16 ----D---- C:\Program Files\Crawler
2011-08-31 09:33:13 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2011-08-31 09:33:10 ----D---- C:\Documents and Settings\Fana a Rada\Data aplikací\Spyware Terminator
2011-08-31 09:33:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-08-21 20:20:20 ----A---- C:\WINDOWS\system32\ptpusb.dll
2011-08-21 20:19:22 ----A---- C:\WINDOWS\system32\ptpusd.dll
2011-08-01 11:23:58 ----AD---- C:\WINDOWS\VDLL.DLL
2011-08-01 11:23:58 ----AD---- C:\WINDOWS\system32\runouce.exe
2011-08-01 11:23:58 ----AD---- C:\WINDOWS\rundll16.exe
2011-08-01 11:23:58 ----AD---- C:\WINDOWS\RUNDL132.EXE
2011-08-01 11:23:58 ----AD---- C:\WINDOWS\logo1_.exe
2011-08-01 11:23:58 ----AD---- C:\WINDOWS\logo_1.exe
2011-08-01 11:19:48 ----A---- C:\WINDOWS\system32\msvcr80.dll
2011-08-01 11:19:47 ----A---- C:\WINDOWS\system32\msvcp80.dll
2011-08-01 11:19:45 ----A---- C:\WINDOWS\system32\eEmpty.exe
2011-08-01 11:19:43 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2011-08-01 11:19:43 ----A---- C:\WINDOWS\system32\T.COM
2011-08-01 11:19:43 ----A---- C:\WINDOWS\REGEDIT.COM
2011-08-01 11:19:43 ----A---- C:\WINDOWS\R.COM
2011-08-01 11:19:38 ----D---- C:\Program Files\Common Files\MicroWorld
2011-08-01 11:19:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\MicroWorld

======List of files/folders modified in the last 1 month======

2011-08-31 12:42:21 ----D---- C:\WINDOWS\Temp
2011-08-31 12:32:49 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-31 12:28:14 ----D---- C:\WINDOWS
2011-08-31 12:26:51 ----D---- C:\WINDOWS\system32\drivers
2011-08-31 12:26:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-31 10:31:02 ----SHD---- C:\WINDOWS\Installer
2011-08-31 10:31:02 ----SD---- C:\Documents and Settings\Fana a Rada\Data aplikací\Microsoft
2011-08-31 10:15:02 ----D---- C:\Documents and Settings\Fana a Rada\Data aplikací\Winamp
2011-08-31 10:14:12 ----D---- C:\WINDOWS\system32
2011-08-31 10:04:46 ----RD---- C:\Program Files
2011-08-30 22:49:30 ----D---- C:\WINDOWS\Prefetch
2011-08-30 22:43:07 ----SHD---- C:\WINDOWS\CSC
2011-08-26 23:41:07 ----D---- C:\Documents and Settings\Fana a Rada\Data aplikací\uTorrent
2011-08-26 19:47:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-08-21 20:20:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2011-08-21 20:20:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
2011-08-21 20:19:19 ----HD---- C:\WINDOWS\inf
2011-08-19 21:33:33 ----A---- C:\error.txt
2011-08-19 19:04:47 ----D---- C:\WINDOWS\system32\drivers\etc
2011-08-15 20:25:24 ----D---- C:\WINDOWS\pss
2011-08-15 20:20:43 ----SD---- C:\WINDOWS\Tasks
2011-08-06 21:26:03 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-08-01 11:19:38 ----D---- C:\Program Files\Common Files
2011-08-01 11:04:34 ----D---- C:\WINDOWS\system32\Restore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-05-01 28271]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-06-30 97504]
R0 NIPALK;NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [2009-05-26 592472]
R0 nipbcfk;National Instruments Class Upper Filter Driver; C:\WINDOWS\System32\drivers\nipbcfk.sys [2008-08-21 15448]
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2003-10-29 21120]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 nvraid;NVIDIA NForce(tm) ATA RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2004-06-03 68224]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-06-30 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-06-30 29400]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2004-08-03 223616]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 cpuz132;cpuz132; \??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys []
R2 cvintdrv;cvintdrv; C:\WINDOWS\system32\drivers\cvintdrv.sys [2009-05-29 4096]
R2 niarbk;niarbk; C:\WINDOWS\system32\drivers\niarbk.dll [2007-04-16 37376]
R2 nibffrk;nibffrk; C:\WINDOWS\system32\drivers\nibffrk.dll [2007-04-16 21504]
R2 nicanpk;nicanpk; C:\WINDOWS\system32\DRIVERS\nicanpkl.sys [2009-03-27 11336]
R2 Nidaq32k;Nidaq32k; C:\WINDOWS\system32\drivers\Nidaq32k.sys [2007-04-16 674304]
R2 nidmmk;NI DMM and Data Logger Kernel Driver; C:\WINDOWS\system32\drivers\nidmmk.dll [2007-04-16 50688]
R2 nimdsk;nimdsk; C:\WINDOWS\system32\drivers\nimdsk.dll [2007-04-16 30208]
R2 nipxirmk;nipxirmk; \??\C:\WINDOWS\system32\drivers\nipxirmkl.sys []
R2 nistck;nistck; C:\WINDOWS\system32\drivers\nistck.dll [2007-04-16 111616]
R2 NiViPxiK;NI-VISA PXI Driver; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [2009-06-21 11360]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-08-02 635281]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-07-21 3565056]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2006-06-23 31488]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2005-08-31 20480]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2006-01-19 10068]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-07-30 11988]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-09-20 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-20 12160]
R3 nidimk;nidimk; \??\C:\WINDOWS\system32\drivers\nidimkl.sys []
R3 nidsark;nidsark; \??\C:\WINDOWS\system32\drivers\nidsarkl.sys []
R3 nimdbgk;nimdbgk; \??\C:\WINDOWS\system32\drivers\nimdbgkl.sys []
R3 nimru2k;nimru2k; \??\C:\WINDOWS\system32\drivers\nimru2kl.sys []
R3 nimstsk;nimstsk; \??\C:\WINDOWS\system32\drivers\nimstskl.sys []
R3 nimxdfk;nimxdfk; \??\C:\WINDOWS\system32\drivers\nimxdfkl.sys []
R3 niorbk;niorbk; \??\C:\WINDOWS\system32\drivers\niorbkl.sys []
R3 nispdk;nispdk; \??\C:\WINDOWS\system32\drivers\nispdkl.sys []
R3 nixsrk;nixsrk; \??\C:\WINDOWS\system32\drivers\nixsrkl.sys []
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-09-20 5888]
R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-12-31 69504]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-17 12416]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2006-02-28 84836]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2006-07-16 23040]
S3 BTNetFilter;Bluetooth Network Filter; \??\D:\Programy\Bluetooth\Device\Win2k\BTNetFilter.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 lvalarmk;lvalarmk; \??\C:\WINDOWS\system32\drivers\lvalarmk.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 ni1006k;NI PXI-1006 Chassis Pilot; \??\C:\WINDOWS\system32\drivers\ni1006k.sys []
S3 ni1045k;NI PXI-1045 Chassis Pilot; \??\C:\WINDOWS\system32\drivers\ni1045kl.sys []
S3 ni1065k;NI PXIe-1065 Chassis Pilot; \??\C:\WINDOWS\system32\drivers\ni1065k.sys []
S3 ni488lock;NI-488.2 Locking Service; \??\C:\WINDOWS\system32\drivers\ni488lock.sys []
S3 nicdrk;nicdrk; \??\C:\WINDOWS\system32\drivers\nicdrkl.sys []
S3 nicsrk;nicsrk; \??\C:\WINDOWS\system32\drivers\nicsrkl.sys []
S3 nidmxfk;nidmxfk; \??\C:\WINDOWS\system32\drivers\nidmxfkl.sys []
S3 nidwgk;nidwgk; \??\C:\WINDOWS\system32\drivers\nidwgkl.sys []
S3 niemrk;niemrk; \??\C:\WINDOWS\system32\drivers\niemrkl.sys []
S3 niesrk;niesrk; \??\C:\WINDOWS\system32\drivers\niesrkl.sys []
S3 nifslk;nifslk; \??\C:\WINDOWS\system32\drivers\nifslkl.sys []
S3 nigplk;nigplk; \??\C:\WINDOWS\system32\drivers\nigplkl.sys []
S3 nihsdrk;nihsdrk; \??\C:\WINDOWS\system32\drivers\nihsdrkl.sys []
S3 nimsdrk;nimsdrk; \??\C:\WINDOWS\system32\drivers\nimsdrkl.sys []
S3 nimslk;nimslk; \??\C:\WINDOWS\system32\drivers\nimslk.dll []
S3 nimsrlk;nimsrlk; \??\C:\WINDOWS\system32\drivers\nimsrlk.dll []
S3 nimxpk;nimxpk; \??\C:\WINDOWS\system32\drivers\nimxpkl.sys []
S3 ninshsdk;ninshsdk; \??\C:\WINDOWS\system32\drivers\ninshsdkl.sys []
S3 nipalfwedl;nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [2009-05-26 11904]
S3 nipalusbedl;nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [2009-05-26 11896]
S3 nipsdk;nipsdk; \??\C:\WINDOWS\system32\drivers\nipsdkl.sys []
S3 nipxigpk;NI PXI Generic Chassis Pilot; \??\C:\WINDOWS\system32\drivers\nipxigpk.sys []
S3 nirfsa2k;nirfsa2k; \??\C:\WINDOWS\system32\drivers\nirfsa2kl.sys []
S3 niRFSGk;niRFSGk; \??\C:\WINDOWS\system32\drivers\niRFSGkl.sys []
S3 niscdk;niscdk; \??\C:\WINDOWS\system32\drivers\niscdkl.sys []
S3 nisdigk;nisdigk; \??\C:\WINDOWS\system32\drivers\nisdigkl.sys []
S3 nisftk;nisftk; \??\C:\WINDOWS\system32\drivers\nisftkl.sys []
S3 nisldk;nisldk; \??\C:\WINDOWS\system32\drivers\nisldkl.sys []
S3 nisrcdk;nisrcdk; \??\C:\WINDOWS\system32\drivers\nisrcdkl.sys []
S3 nissrk;nissrk; \??\C:\WINDOWS\system32\drivers\nissrkl.sys []
S3 nistc2k;nistc2k; \??\C:\WINDOWS\system32\drivers\nistc2kl.sys []
S3 nistcrk;nistcrk; \??\C:\WINDOWS\system32\drivers\nistcrkl.sys []
S3 niswdk;niswdk; \??\C:\WINDOWS\system32\drivers\niswdkl.sys []
S3 nitiork;nitiork; \??\C:\WINDOWS\system32\drivers\nitiorkl.sys []
S3 nitnr2k;nitnr2k; \??\C:\WINDOWS\system32\drivers\nitnr2kl.sys []
S3 niufurk;niufurk; \??\C:\WINDOWS\system32\drivers\niufurkl.sys []
S3 NiViFWK;NI-VISA FireWire Driver; C:\WINDOWS\System32\drivers\NiViFWKl.sys [2009-03-05 11384]
S3 NiViPciK;NI-VISA PCI Driver; C:\WINDOWS\System32\drivers\NiViPciKl.sys [2009-06-21 11360]
S3 niwfrk;niwfrk; \??\C:\WINDOWS\system32\drivers\niwfrkl.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usb6xxxk;usb6xxxk; \??\C:\WINDOWS\system32\drivers\usb6xxxkl.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-07-21 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-07-04 42184]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\Programy\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-30 1793712]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 lkClassAds;National Instruments PSP Server Locator; C:\WINDOWS\system32\lkads.exe [2009-06-18 42544]
R2 lkTimeSync;National Instruments Time Synchronization; C:\WINDOWS\system32\lktsrv.exe [2009-06-18 53296]
R2 mxssvr;NI Configuration Manager; D:\Programy\National Instruments\MAX\nimxs.exe [2009-06-15 12696]
R2 ni488enumsvc;NI-488.2 Enumeration Service; C:\WINDOWS\system32\nipalsm.exe [2008-08-22 12696]
R2 nidevldu;NI Device Loader; C:\WINDOWS\system32\nipalsm.exe [2008-08-22 12696]
R2 NIDomainService;National Instruments Domain Service; D:\Programy\National Instruments\Shared\Security\nidmsrv.exe [2009-06-18 356912]
R2 niLXIDiscovery;National Instruments LXI Discovery Service; C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [2009-03-05 131704]
R2 nimDNSResponder;National Instruments mDNS Responder Service; D:\Programy\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2009-06-04 193648]
R2 nipxirmu;NI PXI Resource Manager; C:\WINDOWS\system32\nipalsm.exe [2008-08-22 12696]
R2 niSvcLoc;NI Service Locator; C:\WINDOWS\system32\nisvcloc.exe [2009-06-04 13896]
R2 NITaggerService;National Instruments Variable Engine; D:\Programy\National Instruments\Shared\Tagger\tagsrv.exe [2009-06-23 740968]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; d:\Programy\Spyware Terminator\sp_rsser.exe [2011-08-31 496128]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-07-21 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 BlueSoleil Hid Service;BlueSoleil Hid Service; D:\Programy\Bluetooth\BTNtService.exe [2005-04-06 110592]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 LkCitadelServer;Lookout Citadel Server; C:\WINDOWS\system32\lkcitdl.exe [2008-10-31 695136]
S3 NILM License Manager;NILM License Manager; D:\Programy\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2009-06-26 1007616]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 OpcEnum;OpcEnum; C:\WINDOWS\system32\OpcEnum.exe [2009-06-03 98304]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 31 srp 2011 13:03

Zdravim a pekny den preji

A neni tech PC uz nejak moc

To jsou vsechno vase PC

Nebo si tu z nas delate bezplatny servis

)aguar · #3 Příspěvek od **)aguar** » 31 srp 2011 19:03

Guten Tag
Není nad dobrou radu nad zlato. Ne nedělám, to je už pro Vás tak moc? Nebo snad myslíte že na tom vydělávám???
Ne opravdu ne. Nejsem tak blbej abych psal sám od sebe že jsem tu potřetí nebo po xxx ÁTÉ. To už bych si dal jinej nick.
Mám 2 (slovy DVĚ) PC a třetí je známé. Potom Vás už nebudu otravovat zase chvíli. Dostalo se mi do rukou, a tak jsem si řekl že bych si nechal poradit i u těch svých.
auf wiedersehen

p.s. samozřejmě nemusíte. Nejsem tak blbej nějak si už poradím

#4 Příspěvek od **vyosek** » 31 srp 2011 20:03

Dekuji za vysvetleni, haveti je tam pomerne dost

pri stahovani ComboFixu jej ulozte jako Beruska.com

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

)aguar · #5 Příspěvek od **)aguar** » 01 zář 2011 09:10

Díky že mi poradíte. Je to naposledy (doufám, že se mi do rukou nedostane další PC od někoho jiného

)
Ujišťuji Vás že z toho neprofituji!

LOG:

ComboFix 11-08-31.05 - Fana a Rada 01.09.2011 9:51.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.399 [GMT 2:00]
Spuštěný z: c:\documents and settings\Fana a Rada\Plocha\Beruska.com
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Fana a Rada\WINDOWS
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-01 do 2011-09-01 )))))))))))))))))))))))))))))))
.
.
2011-08-31 10:44 . 2011-08-31 10:46 -------- d-----w- C:\rsit
2011-08-31 08:31 . 2011-08-31 08:31 388096 ----a-r- c:\documents and settings\Fana a Rada\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-31 08:04 . 2011-08-31 10:44 -------- d-----w- c:\program files\trend micro
2011-08-31 07:33 . 2011-08-31 07:33 -------- d-----w- c:\program files\Crawler
2011-08-31 07:33 . 2011-08-31 07:33 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-08-31 07:33 . 2011-08-31 07:53 -------- d-----w- c:\documents and settings\Fana a Rada\Data aplikací\Spyware Terminator
2011-08-31 07:33 . 2011-08-31 10:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2011-08-21 18:20 . 2001-09-17 08:28 5632 ----a-w- c:\windows\system32\ptpusb.dll
2011-08-21 18:19 . 2004-08-17 13:49 159232 ----a-w- c:\windows\system32\ptpusd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 21:14 . 2011-06-08 20:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-01 09:19 . 2011-08-01 09:19 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-08-01 09:19 . 2011-08-01 09:19 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-08-01 09:19 . 2011-08-01 09:19 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-07-04 11:43 . 2010-08-15 11:21 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2009-10-25 16:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-07-28 07:44 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2009-10-25 16:43 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2009-10-25 16:43 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:35 . 2009-10-25 16:43 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-04 11:35 . 2009-10-25 16:43 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-04 11:32 . 2009-10-25 16:43 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2009-10-25 16:43 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-04 11:32 . 2009-10-25 16:43 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-30 08:38 . 2010-06-01 17:00 97504 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-06-30 08:38 . 2010-06-01 17:00 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-30 08:38 . 2010-06-04 09:55 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-06-30 08:38 . 2010-06-01 17:00 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-30 08:37 . 2010-06-01 17:00 285256 ----a-w- c:\windows\system32\guard32.dll
2004-03-15 16:51 . 2004-03-15 16:51 114688 ----a-w- c:\program files\internet explorer\plugins\LV71ActiveXControl.dll
2003-05-01 08:36 . 2003-05-01 08:36 114688 ----a-w- c:\program files\internet explorer\plugins\LV7ActiveXControl.dll
2006-01-23 09:32 . 2006-01-23 09:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2007-02-08 09:48 . 2007-02-08 09:48 133920 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2007-07-24 17:03 . 2007-07-24 17:03 118784 ----a-w- c:\program files\internet explorer\plugins\LV85ActiveXControl.dll
2008-12-10 13:50 . 2008-12-10 13:50 118784 ----a-w- c:\program files\internet explorer\plugins\LV86ActiveXControl.dll
2009-06-23 18:41 . 2009-06-23 18:41 158720 ----a-w- c:\program files\internet explorer\plugins\LV90ActiveXControl.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-11-09 . C81D6A930A7805F6DAA0C7902B99037E . 359040 . . [5.1.2600.2180] . . c:\windows\system32\drivers\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\tcpip.sys
.
[-] 2001-09-20 12:00 . 15AFB5576C32CC292E5DD469D96B4909 . 924432 . . [4.1.6140] . . c:\windows\system32\mfc40u.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="d:\programy\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-08-31 3318784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-07-27 68096]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2004-06-11 83968]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-21 61440]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]
"COMODO Internet Security"="d:\programy\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 2554696]
"Adobe Reader Speed Launcher"="d:\programy\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"SpywareTerminator"="d:\programy\Spyware Terminator\SpywareTerminatorShield.exe" [2011-08-31 2216960]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
BlueSoleil.lnk - d:\programy\Bluetooth\BlueSoleil.exe [2006-7-16 626176]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-09-20 14:35 202024 ----a-w- c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataFinder]
2009-06-01 14:13 3103264 ----a-w- d:\programy\National Instruments\Shared\DataFinderDesktop\bin\DataFinder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\niDevMon]
2008-12-30 10:19 109136 ----a-w- d:\programy\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Nero\Lib\NeroCheck.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Programy\\uTorrent\\utorrent.exe"=
"d:\\Hry\\Steam\\Steam.exe"=
"d:\\Programy\\National Instruments\\Shared\\mDNS Responder\\nimdnsResponder.exe"=
"d:\\Programy\\Bluetooth\\BlueSoleil.exe"=
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [26.10.2009 9:30 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [26.10.2009 9:30 5248]
R0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\system32\drivers\nipbcfk.sys [21.8.2008 22:04 15448]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [28.7.2011 9:44 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25.10.2009 18:43 309848]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [4.6.2010 11:55 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [1.6.2010 19:00 29400]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [31.8.2011 9:33 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.10.2009 18:43 19544]
R2 niarbk;niarbk;c:\windows\system32\drivers\niarbk.dll [16.4.2007 16:40 37376]
R2 nibffrk;nibffrk;c:\windows\system32\drivers\nibffrk.dll [16.4.2007 16:40 21504]
R2 nicanpk;nicanpk;c:\windows\system32\drivers\nicanpkl.sys [27.3.2009 15:28 11336]
R2 Nidaq32k;Nidaq32k;c:\windows\system32\drivers\nidaq32k.sys [16.4.2007 18:04 674304]
R2 nidmmk;NI DMM and Data Logger Kernel Driver;c:\windows\system32\drivers\nidmmk.dll [16.4.2007 18:06 50688]
R2 nimdsk;nimdsk;c:\windows\system32\drivers\nimdsk.dll [16.4.2007 16:41 30208]
R2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmkl.sys [4.6.2009 18:02 11344]
R2 nistck;nistck;c:\windows\system32\drivers\niSTCk.dll [16.4.2007 16:42 111616]
R2 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiKl.sys [21.6.2009 14:58 11360]
R3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys [13.6.2008 15:51 11360]
R3 nidsark;nidsark;c:\windows\system32\drivers\nidsarkl.sys [17.6.2009 16:26 11344]
R3 nimru2k;nimru2k;c:\windows\system32\drivers\nimru2kl.sys [24.11.2008 2:42 11360]
R3 nimstsk;nimstsk;c:\windows\system32\drivers\nimstskl.sys [29.12.2008 19:17 11360]
R3 nispdk;nispdk;c:\windows\system32\drivers\nispdkl.sys [5.1.2009 10:28 11376]
R3 nixsrk;nixsrk;c:\windows\system32\drivers\nixsrkl.sys [28.5.2009 23:15 11336]
S3 lvalarmk;lvalarmk;c:\windows\system32\drivers\lvalarmk.sys [5.12.2008 17:21 20104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [4.11.2009 22:35 39984]
S3 ni1006k;NI PXI-1006 Chassis Pilot;c:\windows\system32\drivers\ni1006k.sys [1.4.2009 16:16 26192]
S3 ni1045k;NI PXI-1045 Chassis Pilot;c:\windows\system32\drivers\ni1045kl.sys [17.6.2009 12:35 11344]
S3 ni1065k;NI PXIe-1065 Chassis Pilot;c:\windows\system32\drivers\ni1065k.sys [1.4.2009 16:31 22608]
S3 ni488lock;NI-488.2 Locking Service;c:\windows\system32\drivers\ni488lock.sys [29.1.2009 1:26 16968]
S3 nicdrk;nicdrk;c:\windows\system32\drivers\nicdrkl.sys [2.1.2009 18:02 11352]
S3 nicsrk;nicsrk;c:\windows\system32\drivers\nicsrkl.sys [28.5.2009 23:17 11336]
S3 nidmxfk;nidmxfk;c:\windows\system32\drivers\nidmxfkl.sys [17.6.2009 2:13 11336]
S3 nidwgk;nidwgk;c:\windows\system32\drivers\nidwgkl.sys [27.5.2009 16:58 11360]
S3 niemrk;niemrk;c:\windows\system32\drivers\niemrkl.sys [28.5.2009 23:17 11336]
S3 niesrk;niesrk;c:\windows\system32\drivers\niesrkl.sys [28.5.2009 23:10 11336]
S3 nifslk;nifslk;c:\windows\system32\drivers\nifslkl.sys [6.1.2009 17:51 11352]
S3 nigplk;nigplk;c:\windows\system32\drivers\nigplkl.sys [17.6.2009 15:18 11640]
S3 nihsdrk;nihsdrk;c:\windows\system32\drivers\nihsdrkl.sys [8.4.2009 19:01 11352]
S3 nimsdrk;nimsdrk;c:\windows\system32\drivers\nimsdrkl.sys [29.12.2008 19:24 11392]
S3 nimslk;nimslk;c:\windows\system32\drivers\nimslk.dll [6.6.2009 2:30 14464]
S3 nimsrlk;nimsrlk;c:\windows\system32\drivers\nimsrlk.dll [6.6.2009 2:31 151683]
S3 nimxpk;nimxpk;c:\windows\system32\drivers\nimxpkl.sys [17.6.2009 1:05 11368]
S3 ninshsdk;ninshsdk;c:\windows\system32\drivers\ninshsdkl.sys [30.3.2009 14:58 11360]
S3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys [26.5.2009 21:33 11904]
S3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys [26.5.2009 21:35 11896]
S3 nipsdk;nipsdk;c:\windows\system32\drivers\nipsdkl.sys [11.6.2009 16:49 11392]
S3 nipxigpk;NI PXI Generic Chassis Pilot;c:\windows\system32\drivers\nipxigpk.sys [25.6.2008 13:02 20568]
S3 nirfsa2k;nirfsa2k;c:\windows\system32\drivers\niRFSA2kl.sys [1.6.2009 13:31 11328]
S3 niRFSGk;niRFSGk;c:\windows\system32\drivers\niRFSGkl.sys [28.4.2009 0:35 11328]
S3 niscdk;niscdk;c:\windows\system32\drivers\niscdkl.sys [5.1.2009 10:28 11376]
S3 nisdigk;nisdigk;c:\windows\system32\drivers\nisdigkl.sys [5.2.2009 23:32 11352]
S3 nisftk;nisftk;c:\windows\system32\drivers\nisftkl.sys [30.3.2009 14:58 11344]
S3 nisldk;nisldk;c:\windows\system32\drivers\nisldkl.sys [18.6.2009 3:50 11344]
S3 nisrcdk;nisrcdk;c:\windows\system32\drivers\nisrcdkl.sys [26.6.2009 14:01 11352]
S3 nissrk;nissrk;c:\windows\system32\drivers\nissrkl.sys [28.5.2009 23:17 11336]
S3 nistc2k;nistc2k;c:\windows\system32\drivers\nistc2kl.sys [2.1.2009 18:37 11312]
S3 nistcrk;nistcrk;c:\windows\system32\drivers\nistcrkl.sys [2.1.2009 18:40 11360]
S3 niswdk;niswdk;c:\windows\system32\drivers\niswdkl.sys [28.7.2008 16:08 11336]
S3 nitiork;nitiork;c:\windows\system32\drivers\nitiorkl.sys [2.1.2009 18:54 11360]
S3 nitnr2k;nitnr2k;c:\windows\system32\drivers\nitnr2kl.sys [10.4.2009 9:20 11328]
S3 niufurk;niufurk;c:\windows\system32\drivers\niufurkl.sys [28.5.2009 23:16 11368]
S3 NiViFWK;NI-VISA FireWire Driver;c:\windows\system32\drivers\NiViFWKl.sys [5.3.2009 17:16 11384]
S3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciKl.sys [21.6.2009 14:58 11360]
S3 niwfrk;niwfrk;c:\windows\system32\drivers\niwfrkl.sys [28.5.2009 23:15 11336]
S3 usb6xxxk;usb6xxxk;\??\c:\windows\system32\drivers\usb6xxxkl.sys --> c:\windows\system32\drivers\usb6xxxkl.sys [?]
.
.
------- Doplňkový sken -------
.
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: Interfaces\{72B6E2DB-8224-455E-A838-9588103ABCC9}: NameServer = 192.168.1.1
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Fana a Rada\Data aplikací\Mozilla\Firefox\Profiles\fvz1sbqg.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\programy\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - d:\programy\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - d:\programy\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - d:\programy\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - d:\programy\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - d:\programy\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - d:\programy\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: The Saloon Bar: saloonbar@ligny.org.uk - %profile%\extensions\saloonbar@ligny.org.uk
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files\Crawler\Toolbar\firefox
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-01 10:01
Windows 5.1.2600 Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1060)
c:\windows\system32\guard32.dll
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(1116)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
.
Celkový čas: 2011-09-01 10:05:23
ComboFix-quarantined-files.txt 2011-09-01 08:05
.
Před spuštěním: 7 522 627 584
Po spuštění: 7 498 153 984
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 6476B79DBC69737B9C31D0C96C4E693A

#6 Příspěvek od **vyosek** » 01 zář 2011 19:17

Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)

c:\windows\system32\drivers\nimslk.dll
c:\windows\system32\drivers\nimxpkl.sys
c:\windows\system32\drivers\nicdrkl.sys
Kliknete na Prochazet
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Send File
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

)aguar · #7 Příspěvek od **)aguar** » 02 zář 2011 16:31

vše ok?

http://www.virustotal.com/file-scan/rep ... 1314955317

http://www.virustotal.com/file-scan/rep ... 1314955445

http://www.virustotal.com/file-scan/rep ... 1314955586

#8 Příspěvek od **vyosek** » 02 zář 2011 21:21

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

FCopy::
c:\windows\system32\dllcache\tcpip.sys | c:\windows\system32\drivers\tcpip.sys

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

)aguar · #9 Příspěvek od **)aguar** » 04 zář 2011 20:14

Snažím se, ale je tam asi nějaká breberka. Protože PC už delší dobu občas nechce spolupracovat. Všechno trvá tak nějak strašně dlouho-jestli vůbec. Možná je to něco z toho co je v posledním scriptu na "zabití" Takže combofix se spustí, ale po restartu už nedokáže udělat log. Nebo se nechce ani spustit. Takže se musí restart. Budu zatím zkoušet. Pokud nemáte lepší nápad

EDIT: no takže po chvilce co jsem to dopsal na jednom PC se tu objevil log. hurá

ComboFix 11-09-04.01 - Fana a Rada 04.09.2011 20:54:00.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.540 [GMT 2:00]
Spuštěný z: c:\documents and settings\Fana a Rada\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Fana a Rada\Plocha\cfscript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\RUNDL132.EXE
.
.
--------------- FCopy ---------------
.
c:\windows\system32\dllcache\tcpip.sys --> c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-04 do 2011-09-04 )))))))))))))))))))))))))))))))
.
.
2011-08-31 10:44 . 2011-08-31 10:46 -------- d-----w- C:\rsit
2011-08-31 08:31 . 2011-08-31 08:31 388096 ----a-r- c:\documents and settings\Fana a Rada\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-31 08:04 . 2011-08-31 10:44 -------- d-----w- c:\program files\trend micro
2011-08-31 07:33 . 2011-08-31 07:33 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2011-08-31 07:33 . 2011-09-01 09:33 -------- d-----w- c:\documents and settings\Fana a Rada\Data aplikací\Spyware Terminator
2011-08-31 07:33 . 2011-09-04 17:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2011-08-21 18:20 . 2001-09-17 08:28 5632 ----a-w- c:\windows\system32\ptpusb.dll
2011-08-21 18:19 . 2004-08-17 13:49 159232 ----a-w- c:\windows\system32\ptpusd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 21:14 . 2011-06-08 20:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-01 09:19 . 2011-08-01 09:19 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-08-01 09:19 . 2011-08-01 09:19 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-08-01 09:19 . 2011-08-01 09:19 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-07-04 11:43 . 2010-08-15 11:21 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2009-10-25 16:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2011-07-28 07:44 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-04 11:36 . 2009-10-25 16:43 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2009-10-25 16:43 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:35 . 2009-10-25 16:43 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-04 11:35 . 2009-10-25 16:43 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-04 11:32 . 2009-10-25 16:43 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2009-10-25 16:43 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-04 11:32 . 2009-10-25 16:43 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-30 08:38 . 2010-06-01 17:00 97504 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-06-30 08:38 . 2010-06-01 17:00 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-30 08:38 . 2010-06-04 09:55 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-06-30 08:38 . 2010-06-01 17:00 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-30 08:37 . 2010-06-01 17:00 285256 ----a-w- c:\windows\system32\guard32.dll
2004-03-15 16:51 . 2004-03-15 16:51 114688 ----a-w- c:\program files\internet explorer\plugins\LV71ActiveXControl.dll
2003-05-01 08:36 . 2003-05-01 08:36 114688 ----a-w- c:\program files\internet explorer\plugins\LV7ActiveXControl.dll
2006-01-23 09:32 . 2006-01-23 09:32 131072 ----a-w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2007-02-08 09:48 . 2007-02-08 09:48 133920 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2007-07-24 17:03 . 2007-07-24 17:03 118784 ----a-w- c:\program files\internet explorer\plugins\LV85ActiveXControl.dll
2008-12-10 13:50 . 2008-12-10 13:50 118784 ----a-w- c:\program files\internet explorer\plugins\LV86ActiveXControl.dll
2009-06-23 18:41 . 2009-06-23 18:41 158720 ----a-w- c:\program files\internet explorer\plugins\LV90ActiveXControl.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2001-09-20 12:00 . 15AFB5576C32CC292E5DD469D96B4909 . 924432 . . [4.1.6140] . . c:\windows\system32\mfc40u.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-09-01_08.01.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-09-04 19:04 . 2011-09-04 19:04 16384 c:\windows\temp\Perflib_Perfdata_13c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-07-27 68096]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2004-06-11 83968]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-21 61440]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 1848648]
"COMODO Internet Security"="d:\programy\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 2554696]
"SpywareTerminator"="d:\programy\Spyware Terminator\SpywareTerminatorShield.exe" [2011-08-31 2216960]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
BlueSoleil.lnk - d:\programy\Bluetooth\BlueSoleil.exe [2006-7-16 626176]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataFinder]
2009-06-01 14:13 3103264 ----a-w- d:\programy\National Instruments\Shared\DataFinderDesktop\bin\DataFinder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\niDevMon]
2008-12-30 10:19 109136 ----a-w- d:\programy\National Instruments\NI-DAQ\HWConfig\nidevmon.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Programy\\uTorrent\\utorrent.exe"=
"d:\\Hry\\Steam\\Steam.exe"=
"d:\\Programy\\National Instruments\\Shared\\mDNS Responder\\nimdnsResponder.exe"=
"d:\\Programy\\Bluetooth\\BlueSoleil.exe"=
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [26.10.2009 9:30 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [26.10.2009 9:30 5248]
R0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\system32\drivers\nipbcfk.sys [21.8.2008 22:04 15448]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [28.7.2011 9:44 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25.10.2009 18:43 309848]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [4.6.2010 11:55 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [1.6.2010 19:00 29400]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [31.8.2011 9:33 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.10.2009 18:43 19544]
R2 ni488enumsvc;NI-488.2 Enumeration Service;c:\windows\system32\nipalsm.exe [22.8.2008 0:51 12696]
R2 niarbk;niarbk;c:\windows\system32\drivers\niarbk.dll [16.4.2007 16:40 37376]
R2 nibffrk;nibffrk;c:\windows\system32\drivers\nibffrk.dll [16.4.2007 16:40 21504]
R2 nicanpk;nicanpk;c:\windows\system32\drivers\nicanpkl.sys [27.3.2009 15:28 11336]
R2 Nidaq32k;Nidaq32k;c:\windows\system32\drivers\nidaq32k.sys [16.4.2007 18:04 674304]
R2 nidevldu;NI Device Loader;c:\windows\system32\nipalsm.exe [22.8.2008 0:51 12696]
R2 nidmmk;NI DMM and Data Logger Kernel Driver;c:\windows\system32\drivers\nidmmk.dll [16.4.2007 18:06 50688]
R2 niLXIDiscovery;National Instruments LXI Discovery Service;c:\program files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [5.3.2009 17:17 131704]
R2 nimDNSResponder;National Instruments mDNS Responder Service;d:\programy\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [4.6.2009 10:31 193648]
R2 nimdsk;nimdsk;c:\windows\system32\drivers\nimdsk.dll [16.4.2007 16:41 30208]
R2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmkl.sys [4.6.2009 18:02 11344]
R2 nistck;nistck;c:\windows\system32\drivers\niSTCk.dll [16.4.2007 16:42 111616]
R2 NiViPxiK;NI-VISA PXI Driver;c:\windows\system32\drivers\NiViPxiKl.sys [21.6.2009 14:58 11360]
R3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys [13.6.2008 15:51 11360]
R3 nidsark;nidsark;c:\windows\system32\drivers\nidsarkl.sys [17.6.2009 16:26 11344]
R3 nimru2k;nimru2k;c:\windows\system32\drivers\nimru2kl.sys [24.11.2008 2:42 11360]
R3 nimstsk;nimstsk;c:\windows\system32\drivers\nimstskl.sys [29.12.2008 19:17 11360]
R3 nispdk;nispdk;c:\windows\system32\drivers\nispdkl.sys [5.1.2009 10:28 11376]
R3 nixsrk;nixsrk;c:\windows\system32\drivers\nixsrkl.sys [28.5.2009 23:15 11336]
S3 lvalarmk;lvalarmk;c:\windows\system32\drivers\lvalarmk.sys [5.12.2008 17:21 20104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [4.11.2009 22:35 39984]
S3 ni1006k;NI PXI-1006 Chassis Pilot;c:\windows\system32\drivers\ni1006k.sys [1.4.2009 16:16 26192]
S3 ni1045k;NI PXI-1045 Chassis Pilot;c:\windows\system32\drivers\ni1045kl.sys [17.6.2009 12:35 11344]
S3 ni1065k;NI PXIe-1065 Chassis Pilot;c:\windows\system32\drivers\ni1065k.sys [1.4.2009 16:31 22608]
S3 ni488lock;NI-488.2 Locking Service;c:\windows\system32\drivers\ni488lock.sys [29.1.2009 1:26 16968]
S3 nicdrk;nicdrk;c:\windows\system32\drivers\nicdrkl.sys [2.1.2009 18:02 11352]
S3 nicsrk;nicsrk;c:\windows\system32\drivers\nicsrkl.sys [28.5.2009 23:17 11336]
S3 nidmxfk;nidmxfk;c:\windows\system32\drivers\nidmxfkl.sys [17.6.2009 2:13 11336]
S3 nidwgk;nidwgk;c:\windows\system32\drivers\nidwgkl.sys [27.5.2009 16:58 11360]
S3 niemrk;niemrk;c:\windows\system32\drivers\niemrkl.sys [28.5.2009 23:17 11336]
S3 niesrk;niesrk;c:\windows\system32\drivers\niesrkl.sys [28.5.2009 23:10 11336]
S3 nifslk;nifslk;c:\windows\system32\drivers\nifslkl.sys [6.1.2009 17:51 11352]
S3 nigplk;nigplk;c:\windows\system32\drivers\nigplkl.sys [17.6.2009 15:18 11640]
S3 nihsdrk;nihsdrk;c:\windows\system32\drivers\nihsdrkl.sys [8.4.2009 19:01 11352]
S3 nimsdrk;nimsdrk;c:\windows\system32\drivers\nimsdrkl.sys [29.12.2008 19:24 11392]
S3 nimslk;nimslk;c:\windows\system32\drivers\nimslk.dll [6.6.2009 2:30 14464]
S3 nimsrlk;nimsrlk;c:\windows\system32\drivers\nimsrlk.dll [6.6.2009 2:31 151683]
S3 nimxpk;nimxpk;c:\windows\system32\drivers\nimxpkl.sys [17.6.2009 1:05 11368]
S3 ninshsdk;ninshsdk;c:\windows\system32\drivers\ninshsdkl.sys [30.3.2009 14:58 11360]
S3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys [26.5.2009 21:33 11904]
S3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys [26.5.2009 21:35 11896]
S3 nipsdk;nipsdk;c:\windows\system32\drivers\nipsdkl.sys [11.6.2009 16:49 11392]
S3 nipxigpk;NI PXI Generic Chassis Pilot;c:\windows\system32\drivers\nipxigpk.sys [25.6.2008 13:02 20568]
S3 nirfsa2k;nirfsa2k;c:\windows\system32\drivers\niRFSA2kl.sys [1.6.2009 13:31 11328]
S3 niRFSGk;niRFSGk;c:\windows\system32\drivers\niRFSGkl.sys [28.4.2009 0:35 11328]
S3 niscdk;niscdk;c:\windows\system32\drivers\niscdkl.sys [5.1.2009 10:28 11376]
S3 nisdigk;nisdigk;c:\windows\system32\drivers\nisdigkl.sys [5.2.2009 23:32 11352]
S3 nisftk;nisftk;c:\windows\system32\drivers\nisftkl.sys [30.3.2009 14:58 11344]
S3 nisldk;nisldk;c:\windows\system32\drivers\nisldkl.sys [18.6.2009 3:50 11344]
S3 nisrcdk;nisrcdk;c:\windows\system32\drivers\nisrcdkl.sys [26.6.2009 14:01 11352]
S3 nissrk;nissrk;c:\windows\system32\drivers\nissrkl.sys [28.5.2009 23:17 11336]
S3 nistc2k;nistc2k;c:\windows\system32\drivers\nistc2kl.sys [2.1.2009 18:37 11312]
S3 nistcrk;nistcrk;c:\windows\system32\drivers\nistcrkl.sys [2.1.2009 18:40 11360]
S3 niswdk;niswdk;c:\windows\system32\drivers\niswdkl.sys [28.7.2008 16:08 11336]
S3 nitiork;nitiork;c:\windows\system32\drivers\nitiorkl.sys [2.1.2009 18:54 11360]
S3 nitnr2k;nitnr2k;c:\windows\system32\drivers\nitnr2kl.sys [10.4.2009 9:20 11328]
S3 niufurk;niufurk;c:\windows\system32\drivers\niufurkl.sys [28.5.2009 23:16 11368]
S3 NiViFWK;NI-VISA FireWire Driver;c:\windows\system32\drivers\NiViFWKl.sys [5.3.2009 17:16 11384]
S3 NiViPciK;NI-VISA PCI Driver;c:\windows\system32\drivers\NiViPciKl.sys [21.6.2009 14:58 11360]
S3 niwfrk;niwfrk;c:\windows\system32\drivers\niwfrkl.sys [28.5.2009 23:15 11336]
S3 usb6xxxk;usb6xxxk;\??\c:\windows\system32\drivers\usb6xxxkl.sys --> c:\windows\system32\drivers\usb6xxxkl.sys [?]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: Interfaces\{72B6E2DB-8224-455E-A838-9588103ABCC9}: NameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Fana a Rada\Data aplikací\Mozilla\Firefox\Profiles\fvz1sbqg.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\programy\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - d:\programy\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - d:\programy\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - d:\programy\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - d:\programy\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - d:\programy\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - d:\programy\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: The Saloon Bar: saloonbar@ligny.org.uk - %profile%\extensions\saloonbar@ligny.org.uk
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-04 21:06
Windows 5.1.2600 Service Pack 2 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1076)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(1132)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
.
- - - - - - - > 'explorer.exe'(4072)
c:\windows\system32\guard32.dll
c:\windows\system32\MPR.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
d:\programy\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lkads.exe
c:\windows\system32\lktsrv.exe
d:\programy\National Instruments\MAX\nimxs.exe
d:\programy\National Instruments\Shared\Security\nidmsrv.exe
c:\windows\system32\nisvcloc.exe
d:\programy\National Instruments\Shared\Tagger\tagsrv.exe
d:\programy\Spyware Terminator\sp_rsser.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\windows\SOUNDMAN.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2011-09-04 21:10:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-09-04 19:10
ComboFix2.txt 2011-09-01 08:05
.
Před spuštěním: 7 112 019 968
Po spuštění: 7 095 668 736
.
- - End Of File - - 3DDFFCA42A6E3F0DBF6A62A79E24D14F

#10 Příspěvek od **vyosek** » 04 zář 2011 20:18

Opakujte v nouzovem rezimu....

#11 Příspěvek od **vyosek** » 04 zář 2011 20:19

Takze nic a dejte mi prosim chvili, napisu dalsi postup...

#12 Příspěvek od **vyosek** » 04 zář 2011 20:59

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Doporucuji provest defragmentaci disku

Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
- Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
- prepnete se do zalozky Nastroje
- Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
- Toto provedte se vsemi disky
Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
- Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
- Kliknete na Analyzovat
- Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
- Postup provedte se vsemi disky
Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
- Vyhodou programku je, ze se neinstaluje
- Staci tedy jen stahnout dle verze vaseho OS a rozbalit
- Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
- Probehne analyza disku a nasledne i defragmentace

Dejte novy log z RSIT a napiste jak se chova PC

)aguar · #13 Příspěvek od **)aguar** » 13 zář 2011 12:29

Tak vše hotovo. Až na defragmentaci. Ta bude časem. Nakonec jsem zjistil že to zpomalení PC dělal Comodo Firewall. A ikona Avastu se nespouštěla po startu. Tak jsem udělal přeinstalaci.

LOG:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Fana a Rada at 2011-09-13 13:22:19
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (50%) free of 14 GB
Total RAM: 1023 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:23:54, on 13.9.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
D:\Programy\COMODO Firewall\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\system32\lktsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
D:\Programy\National Instruments\MAX\nimxs.exe
D:\Programy\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\nipalsm.exe
D:\Programy\COMODO Firewall\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
D:\Programy\National Instruments\Shared\Security\nidmsrv.exe
D:\Programy\Bluetooth\BlueSoleil.exe
C:\WINDOWS\system32\nisvcloc.exe
D:\Programy\National Instruments\Shared\Tagger\tagsrv.exe
d:\Programy\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
D:\Programy\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
C:\WINDOWS\system32\nipalsm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
D:\Programy\Mozilla Firefox\firefox.exe
C:\Program Files\totalcommander\TOTALCMD.EXE
C:\Documents and Settings\Fana a Rada\Plocha\RSIT.exe
C:\Program Files\trend micro\Fana a Rada.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SpywareTerminator] "D:\Programy\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\Programy\COMODO Firewall\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = D:\Programy\Bluetooth\BlueSoleil.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\programy\national instruments\shared\mdns responder\nimdnsnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{72B6E2DB-8224-455E-A838-9588103ABCC9}: NameServer = 192.168.1.1
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\Programy\Bluetooth\BTNtService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\Programy\COMODO Firewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - D:\Programy\National Instruments\MAX\nimxs.exe
O23 - Service: NI-488.2 Enumeration Service (ni488enumsvc) - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: NI Device Loader (nidevldu) - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - D:\Programy\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - D:\Programy\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: National Instruments LXI Discovery Service (niLXIDiscovery) - National Instruments Corporation - C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe
O23 - Service: National Instruments mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - D:\Programy\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
O23 - Service: NI PXI Resource Manager (nipxirmu) - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corporation - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: National Instruments Variable Engine (NITaggerService) - National Instruments Corporation - D:\Programy\National Instruments\Shared\Tagger\tagsrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OpcEnum.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - d:\Programy\Spyware Terminator\sp_rsser.exe

--
End of file - 7806 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Fana a Rada\Data aplikací\Mozilla\Firefox\Profiles\fvz1sbqg.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.7, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, jqs@sun.com:1.0, saloonbar@ligny.org.uk:3.0, wrc@avast.com:6.0.1289, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@macromedia.com/FlashPlayer10]
"Description"=Adobe Flash Player 10.0
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Programy\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

d:\Programy\Mozilla Firefox\extensions\
BSToolbar@toolbarnet.com
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{B13721C7-F507-4982-B2E5-502A71474FED}
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

d:\Programy\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat

d:\Programy\Mozilla Firefox\plugins\
npdeployJava1.dll
NPLV80Win32.dll
NPLV82Win32.dll
nplv85win32.dll
nplv86win32.dll
nplv90win32.dll
npnul32.dll
nppdf32.dll

d:\Programy\Mozilla Firefox\searchplugins\
crawlersrch.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Fana a Rada\Data aplikací\Mozilla\Firefox\Profiles\fvz1sbqg.default\extensions\
saloonbar@ligny.org.uk
{77b819fa-95ad-4f2c-ac7c-486b356188a9}
{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
{dd68c513-9296-4b63-8d8b-8f1c991c8a48}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

C:\Documents and Settings\Fana a Rada\Data aplikací\Mozilla\Firefox\Profiles\fvz1sbqg.default\searchplugins\
bsplayer-search.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-30 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-06-30 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-27 68096]
"NVRaidService"=C:\WINDOWS\system32\nvraidservice.exe [2004-06-11 83968]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-21 61440]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 1848648]
"SpywareTerminator"=D:\Programy\Spyware Terminator\SpywareTerminatorShield.exe [2011-08-31 2216960]
"COMODO Internet Security"=D:\Programy\COMODO Firewall\COMODO\COMODO Internet Security\cfp.exe [2011-06-30 2554696]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataFinder]
D:\Programy\National Instruments\Shared\DataFinderDesktop\bin\DataFinder.exe [2009-06-01 3103264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\niDevMon]
D:\Programy\National Instruments\NI-DAQ\HWConfig\nidevmon.exe [2008-12-30 109136]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
BlueSoleil.lnk - D:\Programy\Bluetooth\BlueSoleil.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-07-21 155648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programy\uTorrent\utorrent.exe"="D:\Programy\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Hry\Steam\Steam.exe"="D:\Hry\Steam\Steam.exe:*:Enabled:Steam"
"D:\Programy\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe"="D:\Programy\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe:*:Enabled:nimdnsResponder"
"D:\Programy\Bluetooth\BlueSoleil.exe"="D:\Programy\Bluetooth\BlueSoleil.exe:*:Enabled:BlueSoleil"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-09-13 13:22:19 ----D---- C:\rsit
2011-09-13 12:41:04 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-09-13 12:41:04 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-09-13 12:41:02 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-09-13 12:41:02 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-09-13 12:40:57 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-09-13 12:40:52 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-09-13 12:40:52 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-09-13 12:40:46 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-09-13 12:40:14 ----SHD---- C:\Config.Msi
2011-09-13 12:39:47 ----A---- C:\WINDOWS\avastSS.scr
2011-09-13 12:39:46 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-09-13 12:39:33 ----D---- C:\Program Files\AVAST Software
2011-09-13 12:39:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-09-13 11:55:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo
2011-09-13 11:22:21 ----D---- C:\Documents and Settings\Fana a Rada\Data aplikací\Uninstaller Tool(Comodo Forums)
2011-09-13 11:16:22 ----A---- C:\WINDOWS\system32\gdiplus.dll
2011-09-13 10:54:15 ----A---- C:\WINDOWS\system32\.ini
2011-09-13 10:47:25 ----SD---- C:\uninstall
2011-09-06 10:30:40 ----SHD---- C:\RECYCLER
2011-09-04 21:02:23 ----D---- C:\WINDOWS\temp
2011-09-02 21:05:22 ----ASH---- C:\pagefile.sys
2011-09-01 09:49:18 ----A---- C:\Boot.bak
2011-09-01 09:49:14 ----RASHD---- C:\cmdcons
2011-08-31 10:14:12 ----D---- C:\WINDOWS\system32\appmgmt
2011-08-31 10:04:46 ----D---- C:\Program Files\trend micro
2011-08-31 09:33:13 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2011-08-31 09:33:10 ----D---- C:\Documents and Settings\Fana a Rada\Data aplikací\Spyware Terminator
2011-08-31 09:33:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-08-21 20:20:20 ----A---- C:\WINDOWS\system32\ptpusb.dll
2011-08-21 20:19:22 ----A---- C:\WINDOWS\system32\ptpusd.dll

======List of files/folders modified in the last 1 month======

2011-09-13 13:22:28 ----D---- C:\WINDOWS\Prefetch
2011-09-13 13:14:43 ----D---- C:\WINDOWS\system32\CatRoot2
2011-09-13 13:11:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-09-13 13:08:10 ----D---- C:\WINDOWS\system32
2011-09-13 13:08:10 ----D---- C:\WINDOWS
2011-09-13 12:41:04 ----D---- C:\WINDOWS\system32\drivers
2011-09-13 12:40:27 ----SHD---- C:\WINDOWS\Installer
2011-09-13 12:40:25 ----D---- C:\WINDOWS\WinSxS
2011-09-13 12:40:15 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-09-13 12:39:33 ----RD---- C:\Program Files
2011-09-13 12:36:46 ----D---- C:\Documents and Settings\Fana a Rada\Data aplikací\uTorrent
2011-09-13 11:26:36 ----D---- C:\WINDOWS\system32\Restore
2011-09-13 11:24:18 ----D---- C:\WINDOWS\system32\wbem
2011-09-13 11:21:01 ----SD---- C:\WINDOWS\Tasks
2011-09-13 11:17:20 ----HD---- C:\WINDOWS\inf
2011-09-13 10:55:53 ----D---- C:\WINDOWS\Minidump
2011-09-13 10:47:35 ----SHD---- C:\System Volume Information
2011-09-06 12:00:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2011-09-04 21:06:27 ----A---- C:\WINDOWS\system.ini
2011-09-04 21:05:43 ----D---- C:\WINDOWS\system32\drivers\etc
2011-09-04 20:58:32 ----D---- C:\WINDOWS\AppPatch
2011-09-04 20:58:28 ----D---- C:\Program Files\Common Files
2011-09-04 20:54:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-09-04 20:44:41 ----SHD---- C:\WINDOWS\CSC
2011-09-01 09:49:19 ----RASH---- C:\boot.ini
2011-08-31 12:26:51 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2011-08-31 10:31:02 ----SD---- C:\Documents and Settings\Fana a Rada\Data aplikací\Microsoft
2011-08-31 10:15:02 ----D---- C:\Documents and Settings\Fana a Rada\Data aplikací\Winamp
2011-08-26 19:47:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-08-21 20:20:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
2011-08-15 20:25:24 ----D---- C:\WINDOWS\pss

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-05-01 28271]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-06-30 97504]
R0 NIPALK;NIPALK; C:\WINDOWS\System32\drivers\nipalk.sys [2009-05-26 592472]
R0 nipbcfk;National Instruments Class Upper Filter Driver; C:\WINDOWS\System32\drivers\nipbcfk.sys [2008-08-21 15448]
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2003-10-29 21120]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 nvraid;NVIDIA NForce(tm) ATA RAID Class Driver; C:\WINDOWS\system32\DRIVERS\nvraid.sys [2004-06-03 68224]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-09-06 30808]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-06-30 242600]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-06-30 29400]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2004-08-03 223616]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-09-06 110552]
R2 cpuz132;cpuz132; \??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys []
R2 cvintdrv;cvintdrv; C:\WINDOWS\system32\drivers\cvintdrv.sys [2009-05-29 4096]
R2 niarbk;niarbk; C:\WINDOWS\system32\drivers\niarbk.dll [2007-04-16 37376]
R2 nibffrk;nibffrk; C:\WINDOWS\system32\drivers\nibffrk.dll [2007-04-16 21504]
R2 nicanpk;nicanpk; C:\WINDOWS\system32\DRIVERS\nicanpkl.sys [2009-03-27 11336]
R2 Nidaq32k;Nidaq32k; C:\WINDOWS\system32\drivers\Nidaq32k.sys [2007-04-16 674304]
R2 nidmmk;NI DMM and Data Logger Kernel Driver; C:\WINDOWS\system32\drivers\nidmmk.dll [2007-04-16 50688]
R2 nimdsk;nimdsk; C:\WINDOWS\system32\drivers\nimdsk.dll [2007-04-16 30208]
R2 nipxirmk;nipxirmk; \??\C:\WINDOWS\system32\drivers\nipxirmkl.sys []
R2 nistck;nistck; C:\WINDOWS\system32\drivers\nistck.dll [2007-04-16 111616]
R2 NiViPxiK;NI-VISA PXI Driver; C:\WINDOWS\System32\drivers\NiViPxiKl.sys [2009-06-21 11360]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-08-02 635281]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-07-21 3565056]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2006-06-23 31488]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2005-08-31 20480]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2006-01-19 10068]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-07-30 11988]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-09-20 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-20 12160]
R3 nidimk;nidimk; \??\C:\WINDOWS\system32\drivers\nidimkl.sys []
R3 nidsark;nidsark; \??\C:\WINDOWS\system32\drivers\nidsarkl.sys []
R3 nimdbgk;nimdbgk; \??\C:\WINDOWS\system32\drivers\nimdbgkl.sys []
R3 nimru2k;nimru2k; \??\C:\WINDOWS\system32\drivers\nimru2kl.sys []
R3 nimstsk;nimstsk; \??\C:\WINDOWS\system32\drivers\nimstskl.sys []
R3 nimxdfk;nimxdfk; \??\C:\WINDOWS\system32\drivers\nimxdfkl.sys []
R3 niorbk;niorbk; \??\C:\WINDOWS\system32\drivers\niorbkl.sys []
R3 nispdk;nispdk; \??\C:\WINDOWS\system32\drivers\nispdkl.sys []
R3 nixsrk;nixsrk; \??\C:\WINDOWS\system32\drivers\nixsrkl.sys []
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-09-20 5888]
R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-12-31 69504]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-17 12416]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2006-02-28 84836]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2006-07-16 23040]
S3 BTNetFilter;Bluetooth Network Filter; \??\D:\Programy\Bluetooth\Device\Win2k\BTNetFilter.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 lvalarmk;lvalarmk; \??\C:\WINDOWS\system32\drivers\lvalarmk.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 ni1006k;NI PXI-1006 Chassis Pilot; \??\C:\WINDOWS\system32\drivers\ni1006k.sys []
S3 ni1045k;NI PXI-1045 Chassis Pilot; \??\C:\WINDOWS\system32\drivers\ni1045kl.sys []
S3 ni1065k;NI PXIe-1065 Chassis Pilot; \??\C:\WINDOWS\system32\drivers\ni1065k.sys []
S3 ni488lock;NI-488.2 Locking Service; \??\C:\WINDOWS\system32\drivers\ni488lock.sys []
S3 nicdrk;nicdrk; \??\C:\WINDOWS\system32\drivers\nicdrkl.sys []
S3 nicsrk;nicsrk; \??\C:\WINDOWS\system32\drivers\nicsrkl.sys []
S3 nidmxfk;nidmxfk; \??\C:\WINDOWS\system32\drivers\nidmxfkl.sys []
S3 nidwgk;nidwgk; \??\C:\WINDOWS\system32\drivers\nidwgkl.sys []
S3 niemrk;niemrk; \??\C:\WINDOWS\system32\drivers\niemrkl.sys []
S3 niesrk;niesrk; \??\C:\WINDOWS\system32\drivers\niesrkl.sys []
S3 nifslk;nifslk; \??\C:\WINDOWS\system32\drivers\nifslkl.sys []
S3 nigplk;nigplk; \??\C:\WINDOWS\system32\drivers\nigplkl.sys []
S3 nihsdrk;nihsdrk; \??\C:\WINDOWS\system32\drivers\nihsdrkl.sys []
S3 nimsdrk;nimsdrk; \??\C:\WINDOWS\system32\drivers\nimsdrkl.sys []
S3 nimslk;nimslk; \??\C:\WINDOWS\system32\drivers\nimslk.dll []
S3 nimsrlk;nimsrlk; \??\C:\WINDOWS\system32\drivers\nimsrlk.dll []
S3 nimxpk;nimxpk; \??\C:\WINDOWS\system32\drivers\nimxpkl.sys []
S3 ninshsdk;ninshsdk; \??\C:\WINDOWS\system32\drivers\ninshsdkl.sys []
S3 nipalfwedl;nipalfwedl; C:\WINDOWS\System32\drivers\nipalfwedl.sys [2009-05-26 11904]
S3 nipalusbedl;nipalusbedl; C:\WINDOWS\System32\drivers\nipalusbedl.sys [2009-05-26 11896]
S3 nipsdk;nipsdk; \??\C:\WINDOWS\system32\drivers\nipsdkl.sys []
S3 nipxigpk;NI PXI Generic Chassis Pilot; \??\C:\WINDOWS\system32\drivers\nipxigpk.sys []
S3 nirfsa2k;nirfsa2k; \??\C:\WINDOWS\system32\drivers\nirfsa2kl.sys []
S3 niRFSGk;niRFSGk; \??\C:\WINDOWS\system32\drivers\niRFSGkl.sys []
S3 niscdk;niscdk; \??\C:\WINDOWS\system32\drivers\niscdkl.sys []
S3 nisdigk;nisdigk; \??\C:\WINDOWS\system32\drivers\nisdigkl.sys []
S3 nisftk;nisftk; \??\C:\WINDOWS\system32\drivers\nisftkl.sys []
S3 nisldk;nisldk; \??\C:\WINDOWS\system32\drivers\nisldkl.sys []
S3 nisrcdk;nisrcdk; \??\C:\WINDOWS\system32\drivers\nisrcdkl.sys []
S3 nissrk;nissrk; \??\C:\WINDOWS\system32\drivers\nissrkl.sys []
S3 nistc2k;nistc2k; \??\C:\WINDOWS\system32\drivers\nistc2kl.sys []
S3 nistcrk;nistcrk; \??\C:\WINDOWS\system32\drivers\nistcrkl.sys []
S3 niswdk;niswdk; \??\C:\WINDOWS\system32\drivers\niswdkl.sys []
S3 nitiork;nitiork; \??\C:\WINDOWS\system32\drivers\nitiorkl.sys []
S3 nitnr2k;nitnr2k; \??\C:\WINDOWS\system32\drivers\nitnr2kl.sys []
S3 niufurk;niufurk; \??\C:\WINDOWS\system32\drivers\niufurkl.sys []
S3 NiViFWK;NI-VISA FireWire Driver; C:\WINDOWS\System32\drivers\NiViFWKl.sys [2009-03-05 11384]
S3 NiViPciK;NI-VISA PCI Driver; C:\WINDOWS\System32\drivers\NiViPciKl.sys [2009-06-21 11360]
S3 niwfrk;niwfrk; \??\C:\WINDOWS\system32\drivers\niwfrkl.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usb6xxxk;usb6xxxk; \??\C:\WINDOWS\system32\drivers\usb6xxxkl.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-07-21 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\Programy\COMODO Firewall\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-30 1793712]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 lkClassAds;National Instruments PSP Server Locator; C:\WINDOWS\system32\lkads.exe [2009-06-18 42544]
R2 lkTimeSync;National Instruments Time Synchronization; C:\WINDOWS\system32\lktsrv.exe [2009-06-18 53296]
R2 mxssvr;NI Configuration Manager; D:\Programy\National Instruments\MAX\nimxs.exe [2009-06-15 12696]
R2 ni488enumsvc;NI-488.2 Enumeration Service; C:\WINDOWS\system32\nipalsm.exe [2008-08-22 12696]
R2 nidevldu;NI Device Loader; C:\WINDOWS\system32\nipalsm.exe [2008-08-22 12696]
R2 NIDomainService;National Instruments Domain Service; D:\Programy\National Instruments\Shared\Security\nidmsrv.exe [2009-06-18 356912]
R2 niLXIDiscovery;National Instruments LXI Discovery Service; C:\Program Files\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [2009-03-05 131704]
R2 nimDNSResponder;National Instruments mDNS Responder Service; D:\Programy\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2009-06-04 193648]
R2 nipxirmu;NI PXI Resource Manager; C:\WINDOWS\system32\nipalsm.exe [2008-08-22 12696]
R2 niSvcLoc;NI Service Locator; C:\WINDOWS\system32\nisvcloc.exe [2009-06-04 13896]
R2 NITaggerService;National Instruments Variable Engine; D:\Programy\National Instruments\Shared\Tagger\tagsrv.exe [2009-06-23 740968]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; d:\Programy\Spyware Terminator\sp_rsser.exe [2011-08-31 496128]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-07-21 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 BlueSoleil Hid Service;BlueSoleil Hid Service; D:\Programy\Bluetooth\BTNtService.exe [2005-04-06 110592]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 LkCitadelServer;Lookout Citadel Server; C:\WINDOWS\system32\lkcitdl.exe [2008-10-31 695136]
S3 NILM License Manager;NILM License Manager; D:\Programy\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2009-06-26 1007616]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 OpcEnum;OpcEnum; C:\WINDOWS\system32\OpcEnum.exe [2009-06-03 98304]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

#14 Příspěvek od **vyosek** » 13 zář 2011 12:34

Comodo je tam ale stale, daval jste jej pak zpatky? A zkontrolujte ci opravdu bezi jen Comodo FW, jelikoz je tam od Comoda cely balicek

Jeste doinstalujte ServicePack 3

)aguar · #15 Příspěvek od **)aguar** » 13 zář 2011 19:31

Jen jsem ho přeinstaloval. Nevím jaký jiný bych měl mít.
No měl by být jen firewall + defense. Nic jinýho. Ani antivir. Mám Avast. Chtěl jsem Comodo napřed odstranit Comodo System Cleaner. Ale je to asi jen takovej CCleaner v jiným kabátě. Tak šel hned pryč. A potom jsem to udělal tímto https://forums.comodo.com/install-setup ... 897.0.html
SP3 bude brzy

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu