Pomalé načítání stránek,prosím o kontrolu logu.

[Hooker]

Zdravím všechny !!
Počítač načítá pomalu stránky,dlouho startuje i vypíná. Prosím o kontrolu přiloženého logu.
Děkuji!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:27:17, on 3.3.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Registration .LNK = D:\HRY\CSI-Hard Evidence Demo\Register\RegistrationReminder.exe
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - D:\PROGRAMY\APLIKACE\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\PROGRAMY\APLIKACE\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 7212 bytes

[Rudy]

Fixněte v HijackThis:


R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)

Jen zbytečnost. Dejte log z ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe .

[Hooker]

Ahoj. Při spouštění ComboFixu je hláška,že AVG má stále aktivní rezid.štít.Nemohu to nijak vypnout.

[Rudy]

Měl by jít vypnout z konfiguračního menu.

[Hooker]

Tak tady je ten log z ComboFix

ComboFix 09-03-02.03 - YO 2009-03-03 17:46:25.5 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.1.1029.18.2047.1088 [GMT 1:00]
Spuštěný z: c:\users\YO\Desktop\ComboFix.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated)
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\AutoRun.inf
c:\windows\system32\dumphive.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-02-03 do 2009-03-03 )))))))))))))))))))))))))))))))
.

2009-02-24 18:39 . 2008-10-10 04:52 4,379,984 --a------ c:\windows\System32\D3DX9_40.dll
2009-02-24 18:39 . 2008-10-10 04:52 2,036,576 --a------ c:\windows\System32\D3DCompiler_40.dll
2009-02-24 18:39 . 2008-10-10 04:52 452,440 --a------ c:\windows\System32\d3dx10_40.dll
2009-02-24 18:38 . 2008-07-10 11:00 3,851,784 --a------ c:\windows\System32\D3DX9_39.dll
2009-02-24 18:38 . 2008-07-10 11:00 1,493,528 --a------ c:\windows\System32\D3DCompiler_39.dll
2009-02-24 18:38 . 2008-10-27 10:04 514,384 --a------ c:\windows\System32\XAudio2_3.dll
2009-02-24 18:38 . 2008-07-30 06:20 509,448 --a------ c:\windows\System32\XAudio2_2.dll
2009-02-24 18:38 . 2008-05-30 14:19 507,400 --a------ c:\windows\System32\XAudio2_1.dll
2009-02-24 18:38 . 2008-07-10 11:01 467,984 --a------ c:\windows\System32\d3dx10_39.dll
2009-02-24 18:38 . 2008-07-30 06:20 238,088 --a------ c:\windows\System32\xactengine3_2.dll
2009-02-24 18:38 . 2008-10-27 10:04 235,856 --a------ c:\windows\System32\xactengine3_3.dll
2009-02-24 18:38 . 2008-10-27 10:04 70,992 --a------ c:\windows\System32\XAPOFX1_2.dll
2009-02-24 18:38 . 2008-07-30 06:20 68,616 --a------ c:\windows\System32\XAPOFX1_1.dll
2009-02-24 18:38 . 2008-05-30 14:17 65,032 --a------ c:\windows\System32\XAPOFX1_0.dll
2009-02-24 18:38 . 2008-10-27 10:04 23,376 --a------ c:\windows\System32\X3DAudio1_5.dll
2009-02-24 18:37 . 2008-05-30 14:11 3,850,760 --a------ c:\windows\System32\D3DX9_38.dll
2009-02-24 18:37 . 2008-05-30 14:11 1,491,992 --a------ c:\windows\System32\D3DCompiler_38.dll
2009-02-24 18:37 . 2008-05-30 14:11 467,984 --a------ c:\windows\System32\d3dx10_38.dll
2009-02-24 18:37 . 2008-05-30 14:18 238,088 --a------ c:\windows\System32\xactengine3_1.dll
2009-02-24 18:37 . 2008-05-30 14:17 25,608 --a------ c:\windows\System32\X3DAudio1_4.dll
2009-02-23 15:50 . 2009-02-23 15:50 <DIR> d-------- c:\users\YO\AppData\Roaming\ProtectDisc
2009-02-23 12:59 . 2009-02-23 12:59 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-23 12:59 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-23 12:59 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-21 08:53 . 2008-03-05 15:56 3,786,760 --a------ c:\windows\System32\D3DX9_37.dll
2009-02-21 08:53 . 2008-03-05 15:56 1,420,824 --a------ c:\windows\System32\D3DCompiler_37.dll
2009-02-21 08:53 . 2008-03-05 16:03 479,752 --a------ c:\windows\System32\XAudio2_0.dll
2009-02-21 08:53 . 2008-02-05 23:07 462,864 --a------ c:\windows\System32\d3dx10_37.dll
2009-02-21 08:53 . 2008-03-05 16:03 238,088 --a------ c:\windows\System32\xactengine3_0.dll
2009-02-21 08:53 . 2008-03-05 16:00 25,608 --a------ c:\windows\System32\X3DAudio1_3.dll
2009-02-21 08:52 . 2007-10-12 15:14 3,734,536 --a------ c:\windows\System32\d3dx9_36.dll
2009-02-21 08:52 . 2007-07-19 18:14 3,727,720 --a------ c:\windows\System32\d3dx9_35.dll
2009-02-21 08:52 . 2007-10-12 15:14 1,374,232 --a------ c:\windows\System32\D3DCompiler_36.dll
2009-02-21 08:52 . 2007-07-19 18:14 1,358,192 --a------ c:\windows\System32\D3DCompiler_35.dll
2009-02-21 08:52 . 2007-10-02 09:56 444,776 --a------ c:\windows\System32\d3dx10_36.dll
2009-02-21 08:52 . 2007-07-19 18:14 444,776 --a------ c:\windows\System32\d3dx10_35.dll
2009-02-21 08:52 . 2007-10-22 03:39 267,272 --a------ c:\windows\System32\xactengine2_10.dll
2009-02-21 08:52 . 2007-07-20 00:57 267,112 --a------ c:\windows\System32\xactengine2_9.dll
2009-02-21 08:52 . 2007-10-22 03:37 17,928 --a------ c:\windows\System32\X3DAudio1_2.dll
2009-02-21 08:51 . 2007-05-16 16:45 3,497,832 --a------ c:\windows\System32\d3dx9_34.dll
2009-02-21 08:51 . 2007-03-12 16:42 3,495,784 --a------ c:\windows\System32\d3dx9_33.dll
2009-02-21 08:51 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\System32\D3DCompiler_34.dll
2009-02-21 08:51 . 2007-03-12 16:42 1,123,696 --a------ c:\windows\System32\D3DCompiler_33.dll
2009-02-21 08:51 . 2007-05-16 16:45 443,752 --a------ c:\windows\System32\d3dx10_34.dll
2009-02-21 08:51 . 2007-03-15 16:57 443,752 --a------ c:\windows\System32\d3dx10_33.dll
2009-02-21 08:51 . 2007-06-20 20:46 266,088 --a------ c:\windows\System32\xactengine2_8.dll
2009-02-21 08:51 . 2007-04-04 18:55 261,480 --a------ c:\windows\System32\xactengine2_7.dll
2009-02-21 08:51 . 2007-04-04 18:53 81,768 --a------ c:\windows\System32\xinput1_3.dll
2009-02-21 08:51 . 2007-03-05 12:42 15,128 --a------ c:\windows\System32\x3daudio1_1.dll
2009-02-21 08:50 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\System32\d3dx9_32.dll
2009-02-21 08:50 . 2006-09-28 16:05 2,414,360 --a------ c:\windows\System32\d3dx9_31.dll
2009-02-21 08:50 . 2006-11-29 13:06 440,080 --a------ c:\windows\System32\d3dx10.dll
2009-02-21 08:50 . 2007-01-24 15:27 255,848 --a------ c:\windows\System32\xactengine2_6.dll
2009-02-21 08:50 . 2006-12-08 12:02 251,672 --a------ c:\windows\System32\xactengine2_5.dll
2009-02-21 08:50 . 2006-09-28 16:05 237,848 --a------ c:\windows\System32\xactengine2_4.dll
2009-02-21 08:50 . 2006-07-28 09:30 236,824 --a------ c:\windows\System32\xactengine2_3.dll
2009-02-21 08:49 . 2006-07-28 09:30 62,744 --a------ c:\windows\System32\xinput1_2.dll
2009-02-21 08:48 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\System32\d3dx9_26.dll
2009-02-21 08:46 . 2009-02-21 08:46 <DIR> d-------- c:\program files\ProtectDisc Driver Installer
2009-02-21 07:36 . 2009-02-21 07:36 <DIR> d-------- c:\users\PETR\.VirtualBox
2009-02-19 09:35 . 2009-02-16 17:46 100,560 --a------ c:\windows\System32\drivers\VBoxDrv.sys
2009-02-19 09:34 . 2009-02-16 17:47 129,552 --a------ c:\windows\System32\VBoxNetFltNotify.dll
2009-02-19 09:34 . 2009-02-16 17:47 87,568 --a------ c:\windows\System32\drivers\VBoxNetFlt.sys
2009-02-19 09:33 . 2009-02-19 09:33 <DIR> d-------- c:\program files\Sun
2009-02-19 09:33 . 2009-02-16 17:47 41,744 --a------ c:\windows\System32\drivers\VBoxUSBMon.sys
2009-02-18 02:35 . 2008-06-20 02:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll
2009-02-18 02:35 . 2008-06-20 02:14 622,080 --a------ c:\windows\System32\icardagt.exe
2009-02-18 02:35 . 2008-06-20 02:14 326,160 --a------ c:\windows\System32\PresentationHost.exe
2009-02-18 02:35 . 2008-06-20 02:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2009-02-18 02:35 . 2008-06-20 02:14 97,800 --a------ c:\windows\System32\infocardapi.dll
2009-02-18 02:35 . 2008-06-20 02:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll
2009-02-18 02:35 . 2008-06-20 02:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl
2009-02-18 02:35 . 2008-06-20 02:14 11,264 --a------ c:\windows\System32\icardres.dll
2009-02-18 02:30 . 2008-07-27 19:03 282,112 --a------ c:\windows\System32\mscoree.dll
2009-02-18 02:30 . 2008-07-27 19:03 158,720 --a------ c:\windows\System32\mscorier.dll
2009-02-18 02:30 . 2008-07-27 19:03 96,760 --a------ c:\windows\System32\dfshim.dll
2009-02-18 02:30 . 2008-07-27 19:03 83,968 --a------ c:\windows\System32\mscories.dll
2009-02-18 02:30 . 2008-07-27 19:03 41,984 --a------ c:\windows\System32\netfxperf.dll
2009-02-17 08:34 . 2009-02-17 08:34 <DIR> d-------- c:\program files\SystemRequirementsLab
2009-02-17 08:32 . 2009-02-17 08:33 <DIR> d-------- c:\users\PETR\SystemRequirementsLab
2009-02-17 07:50 . 2008-12-05 05:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-17 07:50 . 2008-12-05 05:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-17 07:50 . 2008-12-05 05:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-17 07:50 . 2008-12-05 05:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-17 07:50 . 2008-12-05 05:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-16 14:41 . 2009-02-16 15:25 <DIR> d-------- c:\users\YO\.VirtualBox
2009-02-16 14:36 . 2009-02-19 09:35 <DIR> d----c--- c:\windows\System32\DRVSTORE
2009-02-13 18:48 . 2000-05-22 16:58 608,448 --a------ c:\windows\System32\comctl32.ocx
2009-02-13 18:48 . 2000-05-22 03:00 203,976 --a------ c:\windows\System32\RICHTX32.OCX
2009-02-13 18:48 . 1998-06-24 00:00 137,000 --a------ c:\windows\System32\MSMAPI32.OCX
2009-02-13 18:48 . 2000-12-05 23:00 109,248 --a------ c:\windows\System32\MSWINSCK.OCX
2009-02-11 02:17 . 2009-01-15 04:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-11 02:17 . 2009-01-15 07:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-10 01:57 . 2009-02-10 03:04 <DIR> d-------- c:\users\YO\AppData\Roaming\Download Manager
2009-02-06 15:11 . 2009-02-18 01:45 <DIR> d-------- c:\users\Public\Rapidshare
2009-02-04 01:42 . 2009-02-04 01:42 0 --a------ c:\windows\System32\NeroCopyGadgetData-0399.xml

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-03 12:58 --------- d-----w c:\progra~2\Spybot - Search & Destroy
2009-03-03 12:51 --------- d-----w c:\users\YO\AppData\Roaming\AIMP
2009-03-02 07:01 --------- d-----w c:\users\YO\AppData\Roaming\Vso
2009-02-27 16:51 --------- d-----w c:\program files\Opera
2009-02-26 04:27 --------- d-----w c:\users\YO\AppData\Roaming\dvdcss
2009-02-19 07:21 --------- d-----w c:\users\YO\AppData\Roaming\DAEMON Tools Pro
2009-02-15 17:05 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-11 02:00 --------- d-----w c:\program files\Windows Mail
2009-02-04 11:28 --------- d-----w c:\progra~2\avg8
2009-02-02 23:45 --------- d-----w c:\program files\Metin2_TESTER
2009-02-01 14:40 --------- d-----w c:\users\YO\AppData\Roaming\DAEMON Tools Lite
2009-02-01 14:38 --------- d-----w c:\users\YO\AppData\Roaming\DAEMON Tools
2009-02-01 14:37 --------- d-----w c:\program files\DAEMON Tools Lite
2009-02-01 14:37 --------- d-----w c:\progra~2\DAEMON Tools Lite
2009-02-01 12:51 717,296 ----a-w c:\windows\system32\drivers\sptd.sys
2009-01-29 14:38 --------- d-----w c:\users\YO\AppData\Roaming\Faces
2009-01-28 17:47 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-01-24 23:53 --------- d-----w c:\users\YO\AppData\Roaming\ICQ
2009-01-24 17:35 --------- d-----w c:\program files\ICQ6
2009-01-24 17:04 --------- d-----w c:\program files\ICQ6Toolbar
2009-01-21 18:13 31,824 ----a-w c:\windows\system32\drivers\VBoxUSB.sys
2009-01-16 08:51 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-01-13 10:01 --------- d-----w c:\progra~2\Aion CS
2009-01-12 13:33 12,552 ----a-w c:\windows\system32\drivers\avgrkx86.sys
2009-01-12 13:33 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-01-12 13:33 10,520 ----a-w c:\windows\System32\avgrsstx.dll
2009-01-08 16:06 --------- d-----w c:\program files\Common Files\HP
2009-01-08 14:41 --------- d-----w c:\program files\Hewlett-Packard
2009-01-08 14:26 --------- d-----w c:\program files\HP
2009-01-08 04:01 --------- d-----w c:\users\YO\AppData\Roaming\Image Zone Express
2009-01-03 18:01 --------- d-----w c:\progra~2\DVD Shrink
2009-01-03 14:44 --------- d-----w c:\users\YO\AppData\Roaming\Uniblue
2009-01-03 14:44 --------- d-----w c:\progra~2\DriverScanner
2008-11-28 04:21 47,360 ----a-w c:\users\YO\AppData\Roaming\pcouffin.sys
2008-08-15 06:57 411,248 ----a-w c:\program files\FLV PlayerRCSetup.exe
2008-07-19 05:15 174 --sha-w c:\program files\desktop.ini
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
2008-02-14 14:54 1555480 --a------ c:\program files\free-downloads.net\tbfree.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{ECDEE021-0D17-467F-A1FF-C7A115230949}"= "c:\program files\free-downloads.net\tbfree.dll" [2008-02-14 1555480]

[HKEY_CLASSES_ROOT\clsid\{ecdee021-0d17-467f-a1ff-c7a115230949}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-12 1601304]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 92704]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13580832]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-04 c:\windows\RtHDVCpl.exe]

c:\users\YO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Registration .LNK - d:\hry\CSI-Hard Evidence Demo\Register\RegistrationReminder.exe [2009-02-15 962560]

c:\users\YO\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\
Registration .LNK - d:\hry\CSI-Hard Evidence Demo\Register\RegistrationReminder.exe [2009-02-15 962560]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2004-12-14 18:57 458752 c:\program files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2004-12-14 18:51 217088 c:\program files\Logitech\Video\LogiTray.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe
"TweakVI"="c:\program files\TweakVI\tweakvi.exe" -autostart
"Center Agent"=c:\program files\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"
"UACDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{F16DF84E-37D5-4C56-8331-1D73262C9476}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{D3805CB6-D1EB-4473-9980-F9731F0DB59C}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"{3D6E2612-2711-40B8-A0E8-05F33C0FD449}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"TCP Query User{7844F6EA-840F-4F06-8101-5CEA657C9C23}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{CFA92375-8F2D-4627-9CB9-34CBF2815B70}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{14B4C568-AD07-4203-B3F0-D2F6FFA6D5D4}c:\\windows\\ehome\\ehexthost.exe"= UDP:c:\windows\ehome\ehexthost.exe:Media Center Extensibility Host
"UDP Query User{F6A7EE6D-EFB4-44C3-ACA7-6BF310559616}c:\\windows\\ehome\\ehexthost.exe"= TCP:c:\windows\ehome\ehexthost.exe:Media Center Extensibility Host
"TCP Query User{80F7F0A4-3B94-470F-B2A8-727E47188D65}c:\\program files\\nero\\nero burning rom\\nero.exe"= UDP:c:\program files\nero\nero burning rom\nero.exe:Nero Burning ROM
"UDP Query User{A3181948-853F-4F04-88CB-4B0944F4ECE6}c:\\program files\\nero\\nero burning rom\\nero.exe"= TCP:c:\program files\nero\nero burning rom\nero.exe:Nero Burning ROM
"{464DBF9F-0EFF-431A-A6A0-5DF7613CDBB0}"= UDP:c:\program files\KONAMI\Pro Evolution Soccer 2008\Fairlight\PES2008.exe:Pro Evolution Soccer 2008
"{EFB540FC-6888-4671-A662-5580EA4CAAE7}"= TCP:c:\program files\KONAMI\Pro Evolution Soccer 2008\Fairlight\PES2008.exe:Pro Evolution Soccer 2008
"{DE683629-D040-42F8-BA64-B885F171F7B2}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{AD2DA7C4-2D40-4992-A8F7-CB66F061EEE0}"= c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{709EE6D8-BB88-4ED3-833F-A9C339D3863F}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{33415D8C-B3AD-4500-8634-AA78AA10D3BC}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{D845697C-7124-40C4-B42C-7E87DBF25257}"= UDP:d:\hry\Pro.Evolution.Soccer.2009.Full-Rip.Skullptura\PES 2009\pes2009.exe:Pro Evolution Soccer 2009
"{A3C4A1CA-52FF-44AE-97DF-A6253EBE1BBD}"= TCP:d:\hry\Pro.Evolution.Soccer.2009.Full-Rip.Skullptura\PES 2009\pes2009.exe:Pro Evolution Soccer 2009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 AvgRkx86;avgrkx86.sys;c:\windows\System32\drivers\avgrkx86.sys [2008-07-16 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2008-07-16 325128]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [2008-10-23 107272]
R1 PSched;Plánovač paketů technologie QoS;c:\windows\System32\drivers\pacer.sys [2008-07-19 72192]
R1 VBoxDrv;VirtualBox Service;c:\windows\System32\drivers\VBoxDrv.sys [2009-02-19 100560]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\System32\drivers\VBoxUSBMon.sys [2009-02-19 41744]
R2 acedrv11;acedrv11;c:\windows\System32\drivers\acedrv11.sys [2008-07-30 277736]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-12 903960]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-12 298264]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-08-22 1153368]
R3 3xHybrid;3xHybrid service;c:\windows\System32\drivers\3xHybrid.sys [2007-04-20 674048]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\System32\drivers\VBoxNetFlt.sys [2009-02-19 87568]
S3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\System32\drivers\K320bus.sys [2008-08-07 61504]
S3 VBoxUSB;VirtualBox USB;c:\windows\System32\drivers\VBoxUSB.sys [2009-01-21 31824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.atlas.cz/?from=icqhp
IE: Download all by Rapidown... - c:\program files\Rapidown\rapidownGetAll.htm
IE: Download by Rapidown... - c:\program files\Rapidown\rapidownGet.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\YO\AppData\Roaming\Mozilla\Firefox\Profiles\jorshu5z.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-03 17:48:33
Windows 6.0.6001 Service Pack 1 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2009-03-03 17:51:20
ComboFix-quarantined-files.txt 2009-03-03 16:51:15

Před spuštěním: Volných bajtů: 20 657 868 800
Po spuštění: Volných bajtů: 20,544,712,704

277 --- E O F --- 2009-03-03 13:00:26

[Rudy]

7 položek CF smazal. Zbytek logu vypadá čistý. Nastala nějaká změna?

[Hooker]

Ahoj ,sorry za zpoždění. Chodím na noční šichty a nějak se mi chce válet v posteli.
Myslím si,že to vypadá dobře,ale to si testnu až zítra v noci, budu mít dva dny volno.Ale již včera jsem zjisti jednu nemilou věc.Chtěl jsem použít správce úloh a trojhmat "Ctrl+Alt+Esc" je nefunkční. Lze to nějak napravit? Vím ,že mohu použít "Ctrl+Alt+Del" ale i tak mě to docela mrzí. Pokud je třeba ,ihned vložím potřebný kontrolní log. Zatím díky za ochotu a trpělivost s takovým "dovedou" jako jsem já

[Rudy]

Na ten trojhmat zkuste obnovu systému kj datu,kdy korektně fungoval. Mimochodem, já jdu na noční dnes.

[Hooker]

To nepujde, bo vůbec nevím od kdy to nefunguje, protože jsem tuto možnost ani nepoužíval. Nevadí, třeba bude příležitost to napravit jindy.Myslím si,že mašina šlape dobře, ale při otvírání stránek na "centum.cz" na mě několikrát vyskočilo varování rezidentního štítu viz obr.Teď naposledy při otvírání této stránky a při přepnutí na centru zase.

http://img60.imageshack.us/my.php?image=pscj.jpg

http://img60.imageshack.us/my.php?image=pscn.jpg

Tak nevím.Můžeš mi prosím Tě poradit odkaz, jak vkládat sem do fora? Myslím tím používání těch horních zkratek jako Quote, Code atd. a vkládání příloh? Díky.

[Rudy]

Našlo to pouze Cookies. To jsou celkem neškodné txt soubory, které identifikují váš PC při stupu na některé weby. Pokud si nepřejete jejich ukládání nastavte to v Pc

Quote je citace. Pokud označíte nějaký text a pak kliknete na Quote, na fóru bude text v rámečku s názvem citace. S Code je to obdobné, je to zobrazení kódu. B, i, u má podobnou fci jako např ve Wordu (tučné, kurziva, podtržené). img je odkaz na obrázek a URL odkaz na webovou adresu.

[Hooker]

Tak to vypadá,že comp je v pořádku. Projel jsem ho "ccleanerem,Spybot Search&Destroy,Malwarebytes'Anti-Malware" a nenašlo to nic.Takže díky moc za ochotu a strávený čas

[Rudy]

Nemáte zač!

[Hooker]

Ahoj. Tak jsem tady zase,tentokrát mi několikrát zamrzl komp.a taky nejde nastartovat,až na několikátý pokus a přez nouzový režim. Prosím o kontrolu logu. Když bude nejhůře,tak to zkusím opravit z DVD a nebo rovnou přeinstalovat.Díky!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:57:05, on 19.3.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
D:\PROGRAMY\APLIKACE\Potato Screen Capture 1.0\psc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\Program Files\Logitech\Video\AlbumDB2.exe
C:\Program Files\Logitech\Video\FxSvr2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Potato Screen Capture] "D:\PROGRAMY\APLIKACE\Potato Screen Capture 1.0\psc.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - D:\PROGRAMY\APLIKACE\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\PROGRAMY\APLIKACE\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 7378 bytes


A taky obr. zamrznutého počítače.

[Rudy]

Fixněte v HijackThis:


R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)

Jen zbytečnost. Tu opravu systému zkuste, lze jí také uskutečnit pomocí Vistamanageru: http://www.studna.cz/6753/systemove-nas ... a-manager/ .

[Hooker]

Ahoj.
Tak jsem reinstaloval.Hned druhý den to dopadlo stejně jako na odkazovaném obrázku.Potom dva dny v pohodě a dnes ráno po zapnutí start pouze v nouzovým režimu i s těmi hnusnými pruhy.Tak mě napadlo, jestli za toto nemůže třeba graf.karta.Problémy začaly tím, že po spuštění vyskočil nápis "no signal" a pomohlo jedině odpojení od sítě,pomachrování s konektorem grafiky. Komp je v záruce, takže jiné úkony se nekonaly.Díky za ochotu pomoci, ale mám jednu otázku.
- Po instalaci Windows se uložil původni do složky "windows.old".
Mohu z této složky použít (převést některé původní nainstalované soubory do nového windows a jak?
-Mohu celou složku "windows.old" smazat s adresáře pouhým "delete"?(zabírá totiž zbytečně mnoho místa).
-proč nefunguje odkaz na podporu fora?
Tak ještě jednou dík za ochotu.