chyby v počitači

[manl]

dobry den nevědel sem jak to nazvat no k věci mam tu problem aktualizace se mi posledni dobou nechcou stahnout ukaže mi to tu ja dam stahnout a okynko s aktualizacema zmizi a za par minut znova aktualizace a stejny aktualizace jako předtim některy mi to ani nechce stahnout jako je např. zabezpečeni internetu pro rok 2011 atd... poradte co mam dělat chtěl sem stahnout antivir a napsalo mi to jakousi chybu tak stahuju dalši antivir od avg a taky mi nešel stahnout ani ten mam os:Xp a celkově posledni dobou se ten počitač zpomalil poradte co mam udělat aktualizace nejdou stahnout antivir nejde připojeni k internetu mam aktivni.Za odpověd předem děkuji

[vyosek]

Zdravim a pekny den preji

Jelikoz nevime o Vasem PC nic a z kristalove koule se spatne vesti, navic pri zatazenem pocasi jake ted v okrese Brno panuje, neni nic videt

Ale dosti legracek, kouknem na to Kliknete do meho podpisu na RSIT a dejte log z nej - navod Vas povede...

[manl]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr at 2011-12-07 16:00:27
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 28 GB (48%) free of 58 GB
Total RAM: 2047 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:00:53, on 7.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Genius\ioCentre\gTaskBar.exe
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Bohumil\Local Settings\Temporary Internet Files\Content.IE5\3TKBQ0LQ\RSIT[1].exe
C:\Program Files\trend micro\Bohumil.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {D7BE8ED1-B138-48FD-BB22-9779A39130B1} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AVG PC Tuneup] "C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe" -UseTray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x092f -f video -m logitech -d 12.0.1278.0 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x092f -f video -m logitech -d 12.0.1278.0 (User 'Default user')
O4 - Startup: Registration Brothers In Arms.LNK = E:\Support\Register\RegistrationReminder.exe
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/ ... .8.110.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3193868218
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/stati ... 0.31.0.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} (P3DActiveX Control) - http://panda-plugin.disney.go.com/plugi ... ctivex.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.66.2.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: mysql - Unknown owner - C:\Server.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Unknown owner - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe

--
End of file - 10824 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc8f29ec603b64.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{1473D27D-E9B5-48BD-AA18-AA1964FE35F1}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{7728E9C8-1155-419C-8414-042EF47B6AD9}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{CDE5DEC5-ABB0-42A8-95F5-1B612C798E60}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-03 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-03 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"WheelMouse"=C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe [2008-06-29 196608]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-11-15 77824]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-02 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-02 13529088]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2006-12-08 241664]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2006-12-08 547840]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-11-22 2779824]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-11-22 3621040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-10-28 94208]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AVG PC Tuneup"=C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe -UseTray []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
LUMIX Simple Viewer.lnk - C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe

C:\Documents and Settings\Bohumil\Nabídka Start\Programy\Po spuštění
Registration Brothers In Arms.LNK - E:\Support\Register\RegistrationReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Bohumil\Local Settings\Temporary Internet Files\Content.IE5\OIA1WGSY\WoW-3.2.0-enGB-downloader[1].exe"="C:\Documents and Settings\Bohumil\Local Settings\Temporary Internet Files\Content.IE5\OIA1WGSY\WoW-3.2.0-enGB-downloader[1].exe:*:Enabled:Blizzard Downloader"
"C:\WINDOWS\system32\dxdiag.exe"="C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"D:\World of Warcraft\Launcher.exe"="D:\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"D:\World of Warcraft\Launcher.patch.exe"="D:\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"D:\World of Warcraft\BackgroundDownloader.exe"="D:\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"C:\Documents and Settings\Bohumil\Local Settings\Temporary Internet Files\Content.IE5\J782QB1W\WoW-3.2.0-enGB-downloader[1].exe"="C:\Documents and Settings\Bohumil\Local Settings\Temporary Internet Files\Content.IE5\J782QB1W\WoW-3.2.0-enGB-downloader[1].exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\BFP4f.exe"="C:\Program Files\BFP4f.exe:*:Enabled:BFP4f.exe"
"C:\Program Files\EA Games\Battlefield Play4Free\BFP4f.exe"="C:\Program Files\EA Games\Battlefield Play4Free\BFP4f.exe:*:Enabled:BFP4f"
"C:\Program Files\Spyware Terminator\SpywareTerminator.exe"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=lvcodec2.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"MSVideo8"=VfWWDM32.dll
"MSVideo"=vfwwdm32.dll
"vidc.ffds"=ffdshow.ax
"msacm.lhacm"=lhacm.acm

======List of files/folders created in the last 1 month======

2011-12-07 16:00:27 ----D---- C:\rsit
2011-12-07 16:00:27 ----D---- C:\Program Files\trend micro
2011-12-07 15:23:19 ----D---- C:\Documents and Settings\Bohumil\Data aplikací\AVG
2011-12-07 15:11:04 ----D---- C:\WINDOWS\LastGood
2011-12-07 15:09:57 ----D---- C:\0d93b5427ead763b9a04e441622a
2011-12-07 15:08:57 ----D---- C:\466a5ae9216b8d557ae5b6bfb25ce7
2011-12-05 14:44:32 ----D---- C:\Documents and Settings\Bohumil\Data aplikací\Spyware Terminator
2011-12-05 14:44:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-12-05 14:44:16 ----D---- C:\Program Files\Spyware Terminator
2011-11-21 16:12:34 ----D---- C:\Program Files\EA Games
2011-11-20 13:25:36 ----D---- C:\Documents and Settings\Bohumil\Data aplikací\ElevatedDiagnostics
2011-11-20 13:24:34 ----D---- C:\WINDOWS\system32\windowspowershell
2011-11-20 13:24:28 ----HDC---- C:\WINDOWS\$NtUninstallKB926139-v2$
2011-11-20 00:26:28 ----D---- C:\Program Files\pb
2011-11-20 00:26:25 ----D---- C:\Program Files\mods
2011-11-14 22:01:33 ----D---- C:\Documents and Settings\Bohumil\Data aplikací\Dev-Cpp
2011-11-11 14:30:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690$
2011-11-09 17:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$

======List of files/folders modified in the last 1 month======

2011-12-07 16:00:33 ----D---- C:\WINDOWS\Prefetch
2011-12-07 16:00:27 ----RD---- C:\Program Files
2011-12-07 15:23:18 ----SD---- C:\WINDOWS\Tasks
2011-12-07 15:23:18 ----AD---- C:\Documents and Settings\All Users\Data aplikací\Temp
2011-12-07 15:21:37 ----SHD---- C:\WINDOWS\Installer
2011-12-07 15:19:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2011-12-07 15:12:02 ----HD---- C:\WINDOWS\inf
2011-12-07 15:12:02 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-07 15:12:00 ----D---- C:\WINDOWS\system32\CatRoot
2011-12-07 15:12:00 ----D---- C:\WINDOWS
2011-12-07 14:43:26 ----D---- C:\WINDOWS\Temp
2011-12-07 14:41:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-12-07 14:40:54 ----D---- C:\WINDOWS\system32\drivers
2011-12-07 14:17:19 ----A---- C:\WINDOWS\NeroDigital.ini
2011-12-05 20:30:37 ----D---- C:\WINDOWS\Minidump
2011-12-04 13:22:46 ----D---- C:\Documents and Settings\Bohumil\Data aplikací\Skype
2011-12-03 14:38:47 ----D---- C:\WINDOWS\system32\Macromed
2011-12-03 14:36:48 ----D---- C:\WINDOWS\system32\Adobe
2011-12-03 14:36:21 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-11-27 12:58:20 ----D---- C:\Documents and Settings\Bohumil\Data aplikací\ICQ
2011-11-25 17:07:55 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-11-21 21:26:32 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2011-11-21 14:35:25 ----D---- C:\WINDOWS\system32\config
2011-11-20 14:56:41 ----D---- C:\WINDOWS\Microsoft.NET
2011-11-20 14:56:33 ----RSD---- C:\WINDOWS\assembly
2011-11-20 13:26:49 ----D---- C:\WINDOWS\AppPatch
2011-11-20 13:24:34 ----D---- C:\WINDOWS\system32
2011-11-11 14:30:48 ----A---- C:\WINDOWS\imsins.BAK
2011-11-11 14:30:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-11-11 13:55:13 ----HD---- C:\WINDOWS\$hf_mig$
2011-11-09 17:01:26 ----A---- C:\WINDOWS\system32\MRT.exe
2011-11-08 20:36:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2005-01-17 88576]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-17 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-03-03 48640]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-05-09 717296]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Amfilter;Trust Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-01-24 8704]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-04-26 17801]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-17 2297664]
R3 Amusbprt;Trust HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2008-07-02 14336]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-02 6554496]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-12-16 33408]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-12-16 12928]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 SMCWPCIG;SMCWPCI-G 54Mbps Wireless PCI adapter Service; C:\WINDOWS\system32\DRIVERS\SMCWPCIG.sys [2005-04-21 458208]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\Bohumil\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2006-07-14 14848]
S3 gMouPS2;PS2 Scroll Mouse Device; C:\WINDOWS\system32\DRIVERS\gMouPS2.sys [2006-07-12 17408]
S3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2006-07-14 9984]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 hidgame;Microsoft Hid to Joystick Port Enabler; C:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-11 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2009-04-30 495768]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 wlanndi5;wlanndi5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\wlanndi5.SYS []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2005-03-14 36864]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-02 159812]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-11-21 75136]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-05 135664]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
S2 mysql;mysql; C:\Server 3.3.3a\Server\mysql\bin\mysqld-nt --defaults-file=C:\Server 3.3.3a\Server\mysql\bin\my.cnf mysql []
S2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2011-11-22 482992]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-12 654848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-05 135664]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[vyosek]

Spustte HJT a provedeme fixnuti polozek

• HJT najdete zde C:\Program Files\trend micro\Bohumil.exe
• Otevre se Vam okno, kliknete na Do a system scan only
• V dalsim okne najdete radky které jsem Vam vypsal nize, vedle nich je ctverecek, do ktereho udelate zatrzitko
• R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60076
  R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
  R3 - URLSearchHook: (no name) - {D7BE8ED1-B138-48FD-BB22-9779A39130B1} - (no file)
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
  O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
  O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
  O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
  O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
  O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
  O4 - HKCU\..\Run: [AVG PC Tuneup] "C:\Program Files\AVG\AVG PC Tuneup\BoostSpeed.exe" -UseTray
• Kliknete na Fix checked (vlevo dole)
• HJT se Vas zepta zda opravdu ANO, s tim souhlasite a je hotovo

Aplikujte tento remover, at se zbavime zbytku po avg http://download.avg.com/filedir/util/su ... 1_1184.exe

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[manl]

dobře ste to vysvětlil proběhlo vše v pořadku tady mate ten log a je normalni že mne tu naskočila ikonka internet exploreru použival sem zastupce a nevim jak to nazvat ted mně tu naskočil nezastupce


Log:
ComboFix 11-12-06.02 - Bohumil 07.12.2011 17:10:27.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1465 [GMT 1:00]
Spuštěný z: c:\documents and settings\Bohumil\Plocha\ComboFix.exe
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
SP: Windows Defender *Disabled/Updated* {FDFE477F-8FE7-4B17-A05C-9D1F9EB603CB}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\alcrmv.exe
c:\windows\EventSystem.log
c:\windows\iun6002.exe
c:\windows\KB2641690.log
c:\windows\msmqinst.log
c:\windows\My.ini
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\ST6UNST.000
c:\windows\system32\Thumbs.db
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-07 do 2011-12-07 )))))))))))))))))))))))))))))))
.
.
2011-12-07 15:00 . 2011-12-07 15:56 -------- d-----w- c:\program files\trend micro
2011-12-07 15:00 . 2011-12-07 15:00 -------- d-----w- C:\rsit
2011-12-07 14:23 . 2011-12-07 14:23 -------- d-----w- c:\documents and settings\Bohumil\Data aplikací\AVG
2011-12-07 14:11 . 2011-12-07 14:11 -------- d-----w- c:\windows\LastGood
2011-12-07 14:09 . 2011-12-07 14:10 -------- d-----w- C:\0d93b5427ead763b9a04e441622a
2011-12-07 14:08 . 2011-12-07 14:09 -------- d-----w- C:\466a5ae9216b8d557ae5b6bfb25ce7
2011-12-07 13:42 . 2011-12-07 13:42 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{2E1713BA-F7FE-4750-B0CE-F7E11BC49C61}\offreg.dll
2011-12-06 12:12 . 2011-11-21 10:47 6823496 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{2E1713BA-F7FE-4750-B0CE-F7E11BC49C61}\mpengine.dll
2011-12-05 13:44 . 2011-12-07 12:30 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2011-12-05 13:44 . 2011-12-05 13:44 -------- d-----w- c:\documents and settings\Bohumil\Data aplikací\Spyware Terminator
2011-12-05 13:44 . 2011-12-05 13:44 -------- d-----w- c:\program files\Spyware Terminator
2011-11-21 15:12 . 2011-11-21 15:12 -------- d-----w- c:\program files\EA Games
2011-11-20 12:25 . 2011-11-20 12:25 -------- d-----w- c:\documents and settings\Bohumil\Data aplikací\ElevatedDiagnostics
2011-11-20 11:21 . 2011-11-20 11:21 -------- d-----w- c:\documents and settings\Bohumil\Local Settings\Data aplikací\PCHealth
2011-11-19 23:26 . 2011-11-20 01:16 -------- d-----w- c:\program files\pb
2011-11-19 23:26 . 2011-11-19 23:26 -------- d-----w- c:\program files\mods
2011-11-14 21:01 . 2011-11-14 21:23 -------- d-----w- c:\documents and settings\Bohumil\Data aplikací\Dev-Cpp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-25 16:08 . 2011-06-23 20:52 138264 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-11-25 16:07 . 2010-06-19 18:57 234768 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-11-25 16:07 . 2011-06-23 20:51 234768 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-11-24 19:45 . 2009-04-27 13:24 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-11-21 20:26 . 2010-02-21 11:45 138056 ----a-w- c:\documents and settings\Bohumil\Data aplikací\PnkBstrK.sys
2011-11-21 20:26 . 2011-06-23 20:51 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-11-21 10:47 . 2009-10-03 18:36 6823496 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-11-14 22:53 . 2011-05-18 05:06 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2009-04-26 12:57 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-03 03:06 . 2010-04-16 18:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 00:37 . 2010-07-19 17:38 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2007-10-09 11:03 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WheelMouse"="c:\program files\Trust\GM-4600 Gamer Mouse\Amoumain.exe" [2008-06-29 196608]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 77824]
"nwiz"="nwiz.exe" [2008-05-02 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-02 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-02 13529088]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2006-12-08 241664]
"CHotkey"="mHotkey.exe" [2006-12-08 547840]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SpywareTerminatorShield"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2011-11-22 2779824]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2009-04-30 460048]
.
c:\documents and settings\Bohumil\Nabídka Start\Programy\Po spuštění\
Registration Brothers In Arms.LNK - e:\support\Register\RegistrationReminder.exe [N/A]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
LUMIX Simple Viewer.lnk - c:\program files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2009-5-18 57344]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"d:\\World of Warcraft\\Launcher.exe"=
"d:\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\EA Games\\Battlefield Play4Free\\BFP4f.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9.5.2009 13:02 717296]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
R3 SMCWPCIG;SMCWPCI-G 54Mbps Wireless PCI adapter Service;c:\windows\system32\drivers\SMCWPCIG.sys [26.4.2009 14:32 458208]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [5.3.2011 17:43 135664]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [5.12.2011 14:44 482992]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [25.10.2009 13:07 14848]
S3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [25.10.2009 13:07 17408]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [25.10.2009 13:07 9984]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [5.3.2011 17:43 135664]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys --> c:\windows\system32\DRIVERS\ManyCam.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [24.12.2010 19:38 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [24.12.2010 19:38 8320]
S3 wlanndi5;wlanndi5 NDIS Protocol Driver;c:\windows\system32\wlanndi5.sys [21.4.2004 16:51 16384]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc8f29ec603b64.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-05 16:43]
.
2011-12-07 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
2011-12-07 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]
.
2011-12-07 c:\windows\Tasks\User_Feed_Synchronization-{1473D27D-E9B5-48BD-AA18-AA1964FE35F1}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
2011-12-07 c:\windows\Tasks\User_Feed_Synchronization-{7728E9C8-1155-419C-8414-042EF47B6AD9}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
2011-12-06 c:\windows\Tasks\User_Feed_Synchronization-{CDE5DEC5-ABB0-42A8-95F5-1B612C798E60}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-07 17:14
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\mysql]
"ImagePath"="\"c:\server 3.3.3a\Server\mysql\bin\mysqld-nt\" \"--defaults-file=c:\server 3.3.3a\Server\mysql\bin\my.cnf\" mysql"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1214440339-1417001333-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ff,6d,58,ab,01,42,dd,96,08,50,a8,85,c0,a6,a3,d9,63,cf,0b,e3,0e,a2,45,
4d,9f,c9,1d,66,2a,34,75,8f,3b,e3,d3,83,bc,6a,35,35,2a,7d,3b,e0,c4,6b,58,db,\
"??"=hex:3f,eb,b2,a8,d5,51,4b,c2,1b,01,ec,08,0f,18,11,95
.
[HKEY_USERS\S-1-5-21-1214440339-1417001333-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:7f,81,a4,9c,3a,0f,cf,59,55,c0,ff,4d,df,af,ec,20,ac,7e,42,7e,20,
f1,69,6c,58,43,26,31,7b,9b,fd,cf,20,05,6a,45,54,72,54,45,67,81,d1,6e,3c,44,\
"rkeysecu"=hex:45,49,77,30,67,09,ff,79,28,36,66,b6,57,32,17,f7
.
Celkový čas: 2011-12-07 17:15:50
ComboFix-quarantined-files.txt 2011-12-07 16:15
.
Před spuštěním: Volných bajtů: 29 244 395 520
Po spuštění: Volných bajtů: 36 273 836 032
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 6A5B0F03DD7FAEB353444B2A5AAE9EB4

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Folder::
  c:\documents and settings\Bohumil\Data aplikací\AVG
  
  Registry::
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "NeroFilterCheck"=-
  "SpywareTerminatorShield"=-
  
  File::
  C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
  C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc8f29ec603b64.job
  C:\WINDOWS\tasks\MP Scheduled Scan.job
  C:\WINDOWS\tasks\OGALogon.job
  C:\WINDOWS\tasks\User_Feed_Synchronization-{1473D27D-E9B5-48BD-AA18-AA1964FE35F1}.job
  C:\WINDOWS\tasks\User_Feed_Synchronization-{7728E9C8-1155-419C-8414-042EF47B6AD9}.job
  C:\WINDOWS\tasks\User_Feed_Synchronization-{CDE5DEC5-ABB0-42A8-95F5-1B612C798E60}.job
  c:\documents and settings\Bohumil\Nabídka Start\Programy\Po spuštění\Registration Brothers In Arms.LNK
  
  Driver::
  gupdate
  gupdatem
  
  RegNull::
  [HKEY_USERS\S-1-5-21-1214440339-1417001333-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
  [HKEY_USERS\S-1-5-21-1214440339-1417001333-839522115-1003\Software\SecuROM\License information*]
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[manl]

ComboFix 11-12-06.02 - Bohumil 07.12.2011 17:53:29.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1469 [GMT 1:00]
Spuštěný z: c:\documents and settings\Bohumil\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Bohumil\Plocha\CFScript.txt
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
SP: Windows Defender *Disabled/Updated* {FDFE477F-8FE7-4B17-A05C-9D1F9EB603CB}
.
FILE ::
"c:\documents and settings\Bohumil\Nabídka Start\Programy\Po spuštění\Registration Brothers In Arms.LNK"
"c:\windows\tasks\Ad-Aware Update (Weekly).job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore1cc8f29ec603b64.job"
"c:\windows\tasks\MP Scheduled Scan.job"
"c:\windows\tasks\OGALogon.job"
"c:\windows\tasks\User_Feed_Synchronization-{1473D27D-E9B5-48BD-AA18-AA1964FE35F1}.job"
"c:\windows\tasks\User_Feed_Synchronization-{7728E9C8-1155-419C-8414-042EF47B6AD9}.job"
"c:\windows\tasks\User_Feed_Synchronization-{CDE5DEC5-ABB0-42A8-95F5-1B612C798E60}.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\tasks\GoogleUpdateTaskMachineCore1cc8f29ec603b64.job
c:\windows\tasks\MP Scheduled Scan.job
c:\windows\tasks\OGALogon.job
c:\windows\tasks\User_Feed_Synchronization-{1473D27D-E9B5-48BD-AA18-AA1964FE35F1}.job
c:\windows\tasks\User_Feed_Synchronization-{7728E9C8-1155-419C-8414-042EF47B6AD9}.job
c:\windows\tasks\User_Feed_Synchronization-{CDE5DEC5-ABB0-42A8-95F5-1B612C798E60}.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GUPDATE
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-07 do 2011-12-07 )))))))))))))))))))))))))))))))
.
.
2011-12-07 16:57 . 2011-12-07 16:57 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{2E1713BA-F7FE-4750-B0CE-F7E11BC49C61}\offreg.dll
2011-12-07 15:00 . 2011-12-07 15:56 -------- d-----w- c:\program files\trend micro
2011-12-07 15:00 . 2011-12-07 15:00 -------- d-----w- C:\rsit
2011-12-07 14:23 . 2011-12-07 14:23 -------- d-----w- c:\documents and settings\Bohumil\Data aplikací\AVG
2011-12-06 12:12 . 2011-11-21 10:47 6823496 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{2E1713BA-F7FE-4750-B0CE-F7E11BC49C61}\mpengine.dll
2011-12-05 13:44 . 2011-12-07 12:30 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2011-12-05 13:44 . 2011-12-05 13:44 -------- d-----w- c:\documents and settings\Bohumil\Data aplikací\Spyware Terminator
2011-12-05 13:44 . 2011-12-05 13:44 -------- d-----w- c:\program files\Spyware Terminator
2011-11-21 15:12 . 2011-11-21 15:12 -------- d-----w- c:\program files\EA Games
2011-11-20 12:25 . 2011-11-20 12:25 -------- d-----w- c:\documents and settings\Bohumil\Data aplikací\ElevatedDiagnostics
2011-11-20 11:21 . 2011-11-20 11:21 -------- d-----w- c:\documents and settings\Bohumil\Local Settings\Data aplikací\PCHealth
2011-11-19 23:26 . 2011-11-20 01:16 -------- d-----w- c:\program files\pb
2011-11-19 23:26 . 2011-11-19 23:26 -------- d-----w- c:\program files\mods
2011-11-14 21:01 . 2011-11-14 21:23 -------- d-----w- c:\documents and settings\Bohumil\Data aplikací\Dev-Cpp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-25 16:08 . 2011-06-23 20:52 138264 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-11-25 16:07 . 2010-06-19 18:57 234768 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-11-25 16:07 . 2011-06-23 20:51 234768 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-11-24 19:45 . 2009-04-27 13:24 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-11-21 20:26 . 2010-02-21 11:45 138056 ----a-w- c:\documents and settings\Bohumil\Data aplikací\PnkBstrK.sys
2011-11-21 20:26 . 2011-06-23 20:51 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-11-21 10:47 . 2009-10-03 18:36 6823496 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-11-14 22:53 . 2011-05-18 05:06 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22 . 2009-04-26 12:57 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-10-03 03:06 . 2010-04-16 18:30 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-03 00:37 . 2010-07-19 17:38 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-09-28 07:06 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2007-10-09 11:03 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WheelMouse"="c:\program files\Trust\GM-4600 Gamer Mouse\Amoumain.exe" [2008-06-29 196608]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 77824]
"nwiz"="nwiz.exe" [2008-05-02 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-02 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-02 13529088]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2006-12-08 241664]
"CHotkey"="mHotkey.exe" [2006-12-08 547840]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2009-04-30 460048]
.
c:\documents and settings\Bohumil\Nabídka Start\Programy\Po spuštění\
Registration Brothers In Arms.LNK - e:\support\Register\RegistrationReminder.exe [N/A]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
LUMIX Simple Viewer.lnk - c:\program files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2009-5-18 57344]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"d:\\World of Warcraft\\Launcher.exe"=
"d:\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\EA Games\\Battlefield Play4Free\\BFP4f.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminator.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9.5.2009 13:02 717296]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
R3 SMCWPCIG;SMCWPCI-G 54Mbps Wireless PCI adapter Service;c:\windows\system32\drivers\SMCWPCIG.sys [26.4.2009 14:32 458208]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files\Spyware Terminator\st_rsser.exe [5.12.2011 14:44 482992]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [25.10.2009 13:07 14848]
S3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [25.10.2009 13:07 17408]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [25.10.2009 13:07 9984]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys --> c:\windows\system32\DRIVERS\ManyCam.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [24.12.2010 19:38 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [24.12.2010 19:38 8320]
S3 wlanndi5;wlanndi5 NDIS Protocol Driver;c:\windows\system32\wlanndi5.sys [21.4.2004 16:51 16384]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-07 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
TCP: DhcpNameServer = 10.0.0.138
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-07 17:59
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\mysql]
"ImagePath"="\"c:\server 3.3.3a\Server\mysql\bin\mysqld-nt\" \"--defaults-file=c:\server 3.3.3a\Server\mysql\bin\my.cnf\" mysql"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3996)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\acs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\wscntfy.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\mHotkey.exe
c:\genius\ioCentre\gMouseTask.exe
c:\genius\ioCentre\gKbdTask.exe
c:\genius\ioCentre\gAutoPan.exe
c:\genius\ioCentre\gAutoScroll.exe
c:\genius\ioCentre\gZoom.exe
c:\genius\ioCentre\gMGlass.exe
c:\genius\ioCentre\gIMMgm.exe
c:\genius\ioCentre\gDeskMgm.exe
c:\genius\ioCentre\gTaskSwitch.exe
.
**************************************************************************
.
Celkový čas: 2011-12-07 18:01:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-07 17:01
ComboFix2.txt 2011-12-07 16:15
.
Před spuštěním: Volných bajtů: 36 267 163 648
Po spuštění: Volných bajtů: 36 161 998 848
.
- - End Of File - - 0D67F0829F0272488C4A021C00D96F71

[vyosek]

Jak se chova PC

[manl]

žasnu problem se vyřešil moc diky

[manl]

ještě se mně nechcou stahnout aktualizace zabezpečeni pro net framework neviš co s tim mužu to stahovat dokola a pořad a pořad nechce to tam vlizt do toho počitače

[vyosek]

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Aktualizace .NET Framework 4 delaji hodne lidem potize, zatim je muzete ignorovat, pokud bude nejaka aplikace je chtit, vetsinou jej ma v sobe...

A pokud nejsou problemy ci dotazy, je to z me strany vse

[manl]

dobry den mam takovy problem už sem se tu ptal muj problem se vyřešil ale jen dočasně nejde mi nainstalovat žadnej antivir už par dni sem bez antiviru zkoušel sem avg eset od microsoftu prostě všecky co znam a ve všech omlouvame se ale tento program nemohl byt nainstalovan z duvodu chyb ....... nevite čim to muže byt už sem hazel log z rsit z combofixu a nic problem mi to vyřešilo ale jen dočasně pak mně zase nešel nainstalovat antivir tak se ptam co s tim když mně to nejde nainstalovat btw. zkoušel sem avast a ten mi šel nainstalovat ale v programu bylo počitač neni chraněn a tam bylo okynko s napisem klikněte na ok a počitač bude chraněn klikam a bez vysledku pořad to okynko s ok sice mi nešlo kliknout na to okynko ale v tom avastu šel v nouzovym režimu test udělal sem a nic a ještě tedka nevim jak se to stalo ale sam od sebe se mi vypla firewall brana systemu window za odpověd předem děkuji

[vyosek]

Zdravim

Dejte mi sem prosim novy log z RSIT