Zpomalené PC

[wASQ]

Dobrý den, ahoj. Trošku mi tuhne PC, čuchám nějakou havěť a proto prosím o kontrolu logu. Díky

Logfile of random's system information tool 1.09 (written by random/random)
Run by vasek.meiner at 2011-11-08 13:48:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 6 GB (8%) free of 74 GB
Total RAM: 1982 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:48:29, on 8.11.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\PROGRA~1\AVG\AVG2012\avgrsx.exe
D:\Program Files\AVG\AVG2012\avgcsrvx.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
D:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
D:\Program Files\AVG\AVG2012\avgwdsvc.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Cobian Backup 10\cbVSCService.exe
C:\Program Files\ClientRs\ClientRS.exe
D:\Program Files\Cobian Backup 10\cbService.exe
D:\Program Files\AVG\AVG2012\avgnsx.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Common Files\LightScribe\LSSrvc.exe
d:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\System32\nvsvc32.exe
d:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Vema\VemaAdminService\NV3ServerSrv.exe
D:\WINDOWS\system32\SearchIndexer.exe
D:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
D:\Program Files\AVG\AVG2012\avgcsrvx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\stsystra.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\AVG\AVG2012\avgtray.exe
D:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
D:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
D:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
D:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
D:\Program Files\Cobian Backup 10\cbInterface.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Real\RealPlayer\update\realsched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
D:\Program Files\teamspeak3-server_win32\ts3server_win32.exe
D:\Program Files\OpenOffice.org 3\program\soffice.exe
D:\Program Files\OpenOffice.org 3\program\soffice.bin
D:\program files\relevantknowledge\rlvknlg.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\WINDOWS\System32\wbem\unsecapp.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Program Files\Mozilla Thunderbird\thunderbird.exe
D:\Program Files\Microsoft Office\Office12\WINWORD.EXE
D:\Downloads\RSIT.exe
D:\Program Files\trend micro\vasek.meiner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "D:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "D:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SAOB Monitor] D:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "D:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "D:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "D:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [Cobian Backup 10 Interface] "D:\Program Files\Cobian Backup 10\cbInterface.exe" -service
O4 - HKLM\..\Run: [csend] "C:\Program Files\ClientRs\csend.exe" "\\krutor\txt" "2"
O4 - HKLM\..\Run: [Služba Acronis Scheduler2] "D:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [RelevantKnowledge] D:\program files\relevantknowledge\rlvknlg.exe -boot
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [LightScribe Control Panel] D:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.3.lnk = D:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Zástupce - net_use.lnk = D:\Documents and Settings\vasek.meiner\net_use.cmd
O4 - Startup: Zástupce - ts3server_win32.lnk = D:\Program Files\teamspeak3-server_win32\ts3server_win32.exe
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://D:\Program Files\Offline Explorer\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://D:\Program Files\Offline Explorer\Add_AllO.htm
O8 - Extra context menu item: Append Link Target to Existing PDF - res://D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Download With Album Copier - D:\Program Files\BiroSolutions\Web Album Copier\\InternetExplorerExtensions\albumcopier.htm
O8 - Extra context menu item: Download with ImTOO iPhone Transfer Platinum - D:\Program Files\ImTOO\iPhone Transfer Platinum\upod_link.HTM
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://D:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - D:\Program Files\QIP Infium\infium.exe (file missing) (HKCU)
O9 - Extra button: (no name) - {208413D2-71EE-4052-9C8B-A4F8C6278E64} - D:\Program Files\BiroSolutions\Web Album Copier\\InternetExplorerExtensions\albumcopier.htm (HKCU)
O9 - Extra 'Tools' menuitem: Download With Album Copier - {208413D2-71EE-4052-9C8B-A4F8C6278E64} - D:\Program Files\BiroSolutions\Web Album Copier\\InternetExplorerExtensions\albumcopier.htm (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6316978125
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = tul.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = tul.cz
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = tul.cz
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG2012\avgpp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\System32\browseui.dll
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - D:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - D:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cobian Backup 10 Volume Shadow Copy service (cbVSCService) - CobianSoft, Luis Cobian - D:\Program Files\Cobian Backup 10\cbVSCService.exe
O23 - Service: ClientRS - MiCoS Software s.r.o. - C:\Program Files\ClientRs\ClientRS.exe
O23 - Service: Cobian Backup 10 (CobianBackup10) - Luis Cobian, CobianSoft - D:\Program Files\Cobian Backup 10\cbService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Imapi Helper - Alex Feinman - D:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - D:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccess - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - D:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - D:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Vema - Služba vzdálené správy (VemaAdminService) - Vema, a. s. Okružní 871/3a, 638 00 Brno, CZ - D:\Program Files\Vema\VemaAdminService\NV3ServerSrv.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - D:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

--
End of file - 12769 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-484763869-329068152-725345543-1003.job
D:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-484763869-329068152-725345543-1003.job
D:\WINDOWS\tasks\User_Feed_Synchronization-{5FD1FDAC-AAB0-4A36-9948-5D958551D2E7}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-11-04 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - D:\Program Files\AVG\AVG2012\avgssie.dll [2011-10-14 1360736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-07 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-07 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=D:\WINDOWS\System32\NvCpl.dll [2006-10-03 7630848]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=D:\WINDOWS\System32\NvMcTray.dll [2006-10-03 86016]
"SigmatelSysTrayApp"=D:\WINDOWS\stsystra.exe [2006-07-27 282624]
"QuickTime Task"=D:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2011-04-27 421160]
"AVG_TRAY"=D:\Program Files\AVG\AVG2012\avgtray.exe [2011-10-24 2415456]
"AdobeCS4ServiceManager"=D:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"Adobe ARM"=D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"SAOB Monitor"=D:\Program Files\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2011-05-10 2536440]
"TrueImageMonitor.exe"=D:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-12-17 5566176]
"Acronis Scheduler2 Service"=D:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2010-12-17 391144]
"Cisco AnyConnect Secure Mobility Agent for Windows"=D:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2011-05-23 522192]
"Cobian Backup 10 Interface"=D:\Program Files\Cobian Backup 10\cbInterface.exe [2010-05-18 3150336]
"csend"=C:\Program Files\ClientRs\csend.exe [2011-11-08 163328]
"Služba Acronis Scheduler2"=D:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2010-12-17 391144]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"TkBellExe"=D:\Program Files\Real\RealPlayer\update\realsched.exe [2011-11-04 273528]
"RelevantKnowledge"=D:\program files\relevantknowledge\rlvknlg.exe [2011-08-16 2927744]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"LightScribe Control Panel"=D:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2010-06-16 2736128]

D:\Documents and Settings\vasek.meiner\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.3.lnk - D:\Program Files\OpenOffice.org 3\program\quickstart.exe
Zástupce - net_use.lnk - D:\Documents and Settings\vasek.meiner\net_use.cmd
Zástupce - ts3server_win32.lnk - D:\Program Files\teamspeak3-server_win32\ts3server_win32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
D:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=D:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\teamspeak3-server_win32\ts3server_win32.exe"="D:\Program Files\teamspeak3-server_win32\ts3server_win32.exe:*:Enabled:TeamSpeak 3 Server"
"D:\Program Files\QIP Infium\infium.exe"="D:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Program Files\Winamp\winamp.exe"="D:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"D:\Program Files\AVG\AVG10\avgmfapx.exe"="D:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG"
"D:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="D:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"D:\Program Files\VideoLAN\VLC\vlc.exe"="D:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"D:\Program Files\Seagate\BlackArmor Discovery\BlackArmor Discovery.exe"="D:\Program Files\Seagate\BlackArmor Discovery\BlackArmor Discovery.exe:*:Enabled:BlackArmor Discovery Application"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Documents and Settings\vasek.meiner\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="D:\Documents and Settings\vasek.meiner\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"D:\Program Files\Electronic Arts\Ultima Online Classic\client.exe"="D:\Program Files\Electronic Arts\Ultima Online Classic\client.exe:*:Enabled:Ultima Online Client"
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Micos\SpravceIT\Micos.Spravce.exe"="D:\Program Files\Micos\SpravceIT\Micos.Spravce.exe:*:Enabled:SpravceIT"
"C:\Program Files\ClientRs\ClientRS.exe"="C:\Program Files\ClientRs\ClientRS.exe:*:Enabled:ClientRS"
"D:\Program Files\AVG\AVG2012\avgmfapx.exe"="D:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"D:\Program Files\QIP 2012\qip.exe"="D:\Program Files\QIP 2012\qip.exe:*:Enabled:QIP 2012"
"D:\Program Files\AVG\AVG2012\avgnsx.exe"="D:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Webový štít"
"D:\Program Files\AVG\AVG2012\avgdiagex.exe"="D:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostika 2012"
"D:\Program Files\AVG\AVG2012\avgemcx.exe"="D:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Obecná kontrola pošty"
"D:\Program Files\Veetle\Player\VeetleNet.exe"="D:\Program Files\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet"
"d:\program files\relevantknowledge\rlvknlg.exe"="d:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ClientRs\ClientRS.exe"="C:\Program Files\ClientRs\ClientRS.exe:*:Enabled:ClientRS"
"D:\Program Files\Veetle\Player\VeetleNet.exe"="D:\Program Files\Veetle\Player\VeetleNet.exe:*:Enabled:VeetleNet"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=D:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.ffds"=D:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

======List of files/folders created in the last 1 month======

2011-11-08 13:48:18 ----D---- D:\rsit
2011-11-07 12:44:52 ----D---- D:\Program Files\Chit Chat For Facebook
2011-11-07 12:44:52 ----D---- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Chit Chat For Facebook
2011-11-07 10:15:17 ----D---- D:\Program Files\RelevantKnowledge
2011-11-07 08:24:12 ----D---- D:\Program Files\Veetle
2011-11-04 15:17:44 ----A---- D:\WINDOWS\system32\TLBINF32.DLL
2011-11-04 15:17:43 ----D---- D:\Program Files\Winsometech
2011-11-04 15:17:43 ----D---- D:\Documents and Settings\vasek.meiner\Data aplikací\Winsome Technologies
2011-11-04 14:35:07 ----D---- D:\Program Files\Common Files\xing shared
2011-11-04 14:34:59 ----A---- D:\WINDOWS\system32\rmoc3260.dll
2011-11-04 14:34:52 ----A---- D:\WINDOWS\system32\pndx5032.dll
2011-11-04 14:34:52 ----A---- D:\WINDOWS\system32\pndx5016.dll
2011-11-04 14:34:51 ----A---- D:\WINDOWS\system32\pncrt.dll
2011-11-04 14:34:44 ----D---- D:\Program Files\Real
2011-11-04 14:34:43 ----D---- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Real
2011-11-04 14:34:42 ----D---- D:\Documents and Settings\vasek.meiner\Data aplikací\Real
2011-10-26 07:39:39 ----A---- D:\del.cmd
2011-10-25 19:17:01 ----A---- D:\WINDOWS\system32\d3d9caps.dat
2011-10-20 10:16:47 ----A---- D:\WINDOWS\system32\javaws.exe
2011-10-20 10:16:47 ----A---- D:\WINDOWS\system32\javaw.exe
2011-10-20 10:16:47 ----A---- D:\WINDOWS\system32\java.exe
2011-10-13 02:25:48 ----HDC---- D:\WINDOWS\$NtUninstallKB2564958$
2011-10-13 02:12:18 ----HDC---- D:\WINDOWS\$NtUninstallKB2567053$
2011-10-13 02:11:47 ----HDC---- D:\WINDOWS\$NtUninstallKB2592799$

======List of files/folders modified in the last 1 month======

2011-11-08 13:48:26 ----D---- D:\WINDOWS\Prefetch
2011-11-08 13:48:25 ----D---- D:\Program Files\trend micro
2011-11-08 13:47:39 ----D---- D:\Downloads
2011-11-08 13:45:13 ----SD---- D:\WINDOWS\Tasks
2011-11-08 13:18:23 ----D---- D:\WINDOWS\Temp
2011-11-08 12:13:56 ----D---- D:\Program Files\teamspeak3-server_win32
2011-11-08 11:15:00 ----A---- D:\WINDOWS\SchedLgU.Txt
2011-11-08 11:11:49 ----D---- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
2011-11-08 09:39:46 ----D---- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\boost_interprocess
2011-11-08 09:39:11 ----D---- D:\txt
2011-11-08 09:34:26 ----D---- D:\WINDOWS\system32\CatRoot2
2011-11-08 03:11:36 ----D---- D:\WINDOWS\system32\drivers\AVG
2011-11-07 12:44:52 ----RD---- D:\Program Files
2011-11-07 02:17:00 ----D---- D:\WINDOWS\system32
2011-11-04 14:54:50 ----D---- D:\Documents and Settings\vasek.meiner\Data aplikací\uTorrent
2011-11-04 14:35:12 ----SHD---- D:\WINDOWS\Installer
2011-11-04 14:35:07 ----D---- D:\Program Files\Common Files
2011-11-04 14:34:49 ----A---- D:\WINDOWS\system32\msvcr71.dll
2011-11-04 14:34:49 ----A---- D:\WINDOWS\system32\msvcp71.dll
2011-11-04 10:23:54 ----D---- D:\!musica
2011-11-04 09:31:31 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2011-11-04 09:30:18 ----D---- D:\WINDOWS
2011-11-04 09:26:16 ----D---- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\temp
2011-11-04 08:27:57 ----RSHDC---- D:\WINDOWS\system32\dllcache
2011-11-04 08:26:00 ----HD---- D:\WINDOWS\inf
2011-11-04 08:26:00 ----D---- D:\WINDOWS\system32\drivers
2011-11-02 09:00:41 ----D---- D:\Program Files\Mozilla Firefox
2011-11-01 11:29:15 ----D---- D:\WINDOWS\system32\NtmsData
2011-10-31 09:39:02 ----D---- D:\Program Files\QIP 2012
2011-10-26 12:18:17 ----D---- D:\Program Files\Kyocera
2011-10-24 14:43:46 ----D---- D:\Documents and Settings\vasek.meiner\Data aplikací\foobar2000
2011-10-20 12:55:26 ----D---- D:\Documents and Settings\vasek.meiner\Data aplikací\QIP
2011-10-20 10:16:40 ----D---- D:\Program Files\Java
2011-10-13 07:54:56 ----D---- D:\WINDOWS\pss
2011-10-13 02:39:40 ----RSD---- D:\WINDOWS\assembly
2011-10-13 02:29:45 ----D---- D:\WINDOWS\Microsoft.NET
2011-10-13 02:24:57 ----D---- D:\WINDOWS\WinSxS
2011-10-13 02:13:04 ----A---- D:\WINDOWS\system32\MRT.exe
2011-10-13 02:12:26 ----A---- D:\WINDOWS\imsins.BAK
2011-10-13 02:11:44 ----HD---- D:\WINDOWS\$hf_mig$
2011-10-13 02:10:19 ----D---- D:\Program Files\Internet Explorer
2011-10-13 02:08:48 ----D---- D:\WINDOWS\ie8updates
2011-10-12 07:33:20 ----D---- D:\Program Files\Mozilla Thunderbird
2011-10-11 09:36:40 ----D---- D:\Program Files\7-Zip
2011-10-10 14:47:39 ----D---- D:\Program Files\Vema

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; D:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver; D:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2011-09-13 32592]
R0 PxHelp20;PxHelp20; D:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-03-19 45648]
R0 snapman;Acronis Snapshots Manager; D:\WINDOWS\system32\DRIVERS\snapman.sys [2011-06-20 170528]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); D:\WINDOWS\system32\DRIVERS\tdrpm273.sys [2011-09-14 752128]
R0 timounter;Acronis Backup Archive Explorer; D:\WINDOWS\system32\DRIVERS\timntr.sys [2011-09-14 600928]
R1 Avgldx86;AVG AVI Loader Driver; D:\WINDOWS\system32\DRIVERS\avgldx86.sys [2011-10-07 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; D:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2011-08-08 40016]
R1 Avgtdix;AVG TDI Driver; D:\WINDOWS\system32\DRIVERS\avgtdix.sys [2011-07-11 295248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; D:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-06-06 218688]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 adfs;adfs; D:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 StarOpen;StarOpen; D:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 5504]
R3 afcdp;afcdp; D:\WINDOWS\system32\DRIVERS\afcdp.sys [2011-09-14 167968]
R3 AVGIDSDriver;AVGIDSDriver; D:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 134608]
R3 AVGIDSFilter;AVGIDSFilter; D:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 24272]
R3 AVGIDSShim;AVGIDSShim; D:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys [2011-10-04 16720]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; D:\WINDOWS\System32\DRIVERS\b57xp32.sys [2007-06-06 161792]
R3 dot4;Ovladač MS IEEE-1284.4; D:\WINDOWS\System32\DRIVERS\Dot4.sys [2008-04-13 206976]
R3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; D:\WINDOWS\System32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
R3 dot4usb;Filtr Dot4USB Dot4USB Filter; D:\WINDOWS\System32\DRIVERS\dot4usb.sys [2001-10-24 23808]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 m4cxw2k3;NDIS5.1 Miniport Driver for D-Link DGE-5xx Gigabit Ethernet Adapter; D:\WINDOWS\system32\DRIVERS\m4cxw2k3.sys [2009-09-28 298752]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\System32\DRIVERS\mouhid.sys [2002-09-23 12160]
R3 nv;nv; D:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-03 3962720]
R3 STHDA;SigmaTel High Definition Audio CODEC; D:\WINDOWS\system32\drivers\sthda.sys [2006-07-27 1171464]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 acsint;acsint; D:\WINDOWS\system32\DRIVERS\acsint.sys [2011-05-23 36624]
S3 acsmux;acsmux; D:\WINDOWS\system32\DRIVERS\acsmux.sys [2011-05-23 46480]
S3 SkLaggProtocol;Marvell Link Aggregation Protocol; D:\WINDOWS\system32\DRIVERS\yk51x86l.sys [2009-09-22 60928]
S3 SkVlanProtocol;Marvell VLAN Protocol; D:\WINDOWS\system32\DRIVERS\yk51x86v.sys [2009-08-27 20992]
S3 USBAAPL;Apple Mobile USB Driver; D:\WINDOWS\System32\Drivers\usbaapl.sys [2011-02-18 41984]
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vncmirror;vncmirror; D:\WINDOWS\system32\DRIVERS\vncmirror.sys [2011-02-04 4608]
S3 vpnva;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows; D:\WINDOWS\system32\DRIVERS\vpnva.sys [2011-05-23 23464]
S4 RsFx0150;RsFx0150 Driver; D:\WINDOWS\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2010-12-17 804952]
R2 afcdpsrv;Služba Acronis Nonstop Backup; D:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2011-09-14 3246040]
R2 Apple Mobile Device;Apple Mobile Device; D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 AVGIDSAgent;AVGIDSAgent; D:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; D:\Program Files\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 Bonjour Service;Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 cbVSCService;Cobian Backup 10 Volume Shadow Copy service; D:\Program Files\Cobian Backup 10\cbVSCService.exe [2010-05-18 67584]
R2 ClientRS;ClientRS; C:\Program Files\ClientRs\ClientRS [2011-11-08 18]
R2 CobianBackup10;Cobian Backup 10; D:\Program Files\Cobian Backup 10\cbService.exe [2010-05-18 1125376]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; D:\Program Files\Common Files\LightScribe\LSSrvc.exe [2010-06-16 73728]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); d:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2010-04-03 42884448]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 NMSAccess;NMSAccess; D:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 NVSvc;NVIDIA Display Driver Service; D:\WINDOWS\System32\nvsvc32.exe [2006-10-03 155715]
R2 SQLWriter;SQL Server VSS Writer; d:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 97632]
R2 UMWdf;Windows User Mode Driver Framework; D:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 VemaAdminService;Vema - Služba vzdálené správy; D:\Program Files\Vema\VemaAdminService\NV3ServerSrv.exe [2008-12-11 905216]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; D:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2011-05-23 465872]
R2 WSearch;Windows Search; D:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 iPod Service;iPod Service; D:\Program Files\iPod\bin\iPodService.exe [2011-04-27 820520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-30 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Imapi Helper;Imapi Helper; D:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe [2006-01-04 163840]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB10;RoxMediaDB10; D:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2010-03-19 1120752]
S3 stllssvr;stllssvr; D:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-10-16 74392]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; d:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); d:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 367456]
S4 SQLBrowser;SQL Server Browser; d:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616]

-----------------EOF-----------------

[JaRon]

ahoj,
spusti MBAM - uplny scan

[wASQ]

Po 2 hodinách testu

V aplikaci Malwarebytes' Anti-Malware došlo k problému a je třeba ji zavřít. Omlouváme se za vzniklé potíže.

Bylo tam kolem 10 infikovaných položek... Na PC jsem tou dobou nedělal téměř nic. Zkusim ho pustit znovu

[JaRon]

skus najprv spustit rychly test - odstranit najdene - restart a potom uplny test

[wASQ]

OK, OK. Už to frčí

[wASQ]

Výsledek rychlého testu. Restartuji a pustím komplet


Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verze databáze: 8122

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9.11.2011 12:42:07
mbam-log-2011-11-09 (12-42-07).txt

Typ kontroly: Rychlý test
Testované objekty: 258689
Uplynulý čas: 10 minut, 6 sekund

Infikované procesy v paměti: 1
Infikované moduly v paměti: 0
Infikované klíče v registru: 1
Infikované hodnoty v registru: 1
Infikované datové položky v registru: 0
Infikované složky: 2
Infikované soubory: 13

Infikované procesy v paměti:
d:\program files\relevantknowledge\rlvknlg.exe (Adware.RelevantKnowledge) -> 2328 -> Unloaded process successfully.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\RelevantKnowledge (Adware.RelevantKnowledge) -> Value: RelevantKnowledge -> Quarantined and deleted successfully.

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
d:\program files\relevantknowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.
d:\documents and settings\all users.windows\nabídka start\Programy\relevantknowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.

Infikované soubory:
d:\program files\relevantknowledge\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
d:\downloads\ccffacebooksetup-v1.45.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
d:\del.cmd (Trojan.Agent) -> Quarantined and deleted successfully.
d:\program files\relevantknowledge\nscf.dat (Spyware.MarketScore) -> Quarantined and deleted successfully.
d:\program files\relevantknowledge\rlls.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
d:\program files\relevantknowledge\rlls64.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
d:\program files\relevantknowledge\rloci.bin (Spyware.MarketScore) -> Quarantined and deleted successfully.
d:\program files\relevantknowledge\rlservice.exe (Spyware.MarketScore) -> Quarantined and deleted successfully.
d:\program files\relevantknowledge\rlvknlg64.exe (Spyware.MarketScore) -> Quarantined and deleted successfully.
d:\documents and settings\all users.windows\nabídka start\Programy\relevantknowledge\about relevantknowledge.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
d:\documents and settings\all users.windows\nabídka start\Programy\relevantknowledge\privacy policy and user license agreement.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
d:\documents and settings\all users.windows\nabídka start\Programy\relevantknowledge\Support.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
d:\documents and settings\all users.windows\nabídka start\Programy\relevantknowledge\uninstall instructions.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.

[wASQ]

Tak opět

V aplikaci Malwarebytes' Anti-Malware došlo k problému a je třeba ji zavřít. Omlouváme se za vzniklé potíže.

Tentokrát jsem ale neviděl žádnou nákazu. Odcházim z práce, PC se budu věnovat zas zítra ráno

[JaRon]

havet bola odstranena, ak bude PC bezat normalne, tak padom MBAM nemusis venovat zvysenu pozornost

[wASQ]

Jestli je to všechno, tak dík

[JaRon]

ano, za malo