Prosím o kontrolu logu z HJT po odvirování od reader_s.exe

[Albi1]

Pro dnešek přeji všem dobrou noc. Albi

[riffman]

ona vam tam ta slozka prekazi?

[Albi1]

Dobrý večer, nepřekáží, pokud není zdrojem virové nákazy. Je mi divné, že soubory .txt nejdou smazat. Jinak je to pouze kosmetická vada. Na druhou stranu to je pozůstatek starého systému..................

[riffman]

a jde cela ta slozka smazat rucne?

[Albi1]

Právě že nejde. Strukturu jsem popisoval výše: několik podadresářů a na konci dva .txt soubory (přejmenoval jsem je já, když nešly smazat. Původně přípona .ocx).

[riffman]

umite s avengerem?

[Albi1]

Nikdy jsem s ním nedělal......

[riffman]

tak to nechte na zitrek, ja neco sesmolim, dneska uz bych radil voloviny

[Albi1]

Tak jsem provedl odstranění pomocí avengeru:

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Folder "I:\0WINDOWS" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.


............jenže při kontrole disku I: je stav následující: odstraňovaný adresář je pouze vnořen do adresáře Avenger. Asi takto:
I:\Avenger\0WINDOWS\yte\Macromed\Flash\11. a 12.txt
Při pokusu odstranit adresář Avenger ručně opět nelze soubory .txt odstranit................. (
Pro dnešek dobrou noc.

[riffman]

zkuste si precist tohle: http://www.viry.cz/forum/viewtopic.php?f=11&t=11020 , at vite, co budete delat a hlavne mi reknete, zdali mate instalacni CD od WIndows

az si to prolezete, dejte mi vedet, pripravim pro vas postup

[Albi1]

Dobrý večer, instalační CD WXP mám. Prohlížel jsem postup mazání souboru a jenom musím dopředu uvést, že jsem výmaz zkoušel po nabootování z CD BartPE a bez úzpěchu. Ovšem bylo to pouze ručně bez aplikace atributů mazanému souboru.
Jinak můžeme jít na to.

[Diallix]

Zaskocim.

Dobre, do poznamkoveho bloku skopirujte:

attrib.exe -s -r -h "I:\Avenger\*"

rd /s/q "I:\Avenger"

Ulozte ako vymaz.txt do systemovej zlozky c:\windows

Nasledne chodte podla navodu ktory Vam prilozil riffman a do toho prikazoveho riadku skopirujte:

BATCH vymaz.txt

Nasledne klik na ENTER.

[Albi1]

Dobrý večer, aplikoval jsem uvedený postup a bohužel následovala tato hláška:

Tento příkaz je neznámý.
Parametr není platný.

Vytvořil jsem si upravený txt soubor:
attrib -s -r -h "I:\Avenger\0WINDOWS\yte\Macromed\Flash\11.txt"
del I:\Avenger\0WINDOVS\yte\Macromed\Flash\11.txt
attrib -s -r -h "I:\Avenger\0WINDOVS\yte\Macromed\Flash\12.txt"
del I:\Avenger\0WINDOWS\yte\Macromed\Flash\12.txt

a poté hláška:

Parametr není platný.
Přístup byl odepřen.

Zkusil jsem ještě aplikaci jednotlivých parametrů z příkazové řádky a vždy hláška "Přístup byl odepřen".

Nešlo by vymazat boot sektor disku I, když byl původně systémový?

[Diallix]

Ok, este takto.

Chodte este raz do konzoly pre zotavenie. Do toho cierneho okna postupne skopirujte oba prikazy dole, pricom za kazdym odkliknite ENTER.

attrib.exe -s -r -h "I:\Avenger\*"

rd /s/q "I:\Avenger"

[Albi1]

Dobrý večer, tak tento postup selhal také - "Přístup byl odepřen". Nicméně jsem vyzkoušel skoro ze zoufalství skartovač v Acronis Privacy Expert a - světe div se - celá složka i se soubory je pryč.

Pro jistotu ještě prosím o kontrolu logu z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Rodina at 2009-05-06 19:30:29
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 3 GB (26%) free of 10 GB
Total RAM: 3070 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:30:39, on 6.5.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\ATKKBService.exe
I:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
I:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Acronis\Ochranný štít\psh_svc.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
I:\PROGRA~1\AVG\AVG8\avgrsx.exe
I:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
I:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Analog Devices\SoundMAX\smax4.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Documents and Settings\Rodina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
I:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
I:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
I:\Program Files\AVG\AVG8\avgcsrvx.exe
I:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
I:\Install\Viry\RSIT.exe
I:\Program Files\Trend Micro\HijackThis\Rodina.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - I:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - I:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Acronis Popup Blocker - {E24AD748-155E-4254-B674-4EDF86E7E1DF} - I:\Program Files\Acronis\PrivacyExpert\Blokování.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - I:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - I:\Program Files\Orbitdownloader\GrabPro.dll
O4 - HKLM\..\Run: [AVG8_TRAY] I:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "I:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Rodina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Download by Orbit - res://I:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://I:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://I:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://I:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://I:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Acronis Blokování pop-up oken - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - I:\Program Files\Acronis\PrivacyExpert\Blokování.dll
O9 - Extra 'Tools' menuitem: Acronis Blokování pop-up oken - {2E071ADC-ADF8-4b4b-8ACB-EDC49E6D45A2} - I:\Program Files\Acronis\PrivacyExpert\Blokování.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - I:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{F90F74D2-3746-4D56-9FC0-1D5EFC2DB454}: NameServer = 89.190.64.20,195.146.99.4
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - I:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - I:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - I:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Acronis Malware Shield Service (psh_svc) - Unknown owner - C:\Program Files\Common Files\Acronis\Ochranný štít\psh_svc.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - I:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - I:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 8751 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-1004336348-682003330-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - I:\Program Files\Orbitdownloader\orbitcth.dll [2009-04-20 154824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - I:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - I:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-05-02 2223872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E24AD748-155E-4254-B674-4EDF86E7E1DF}]
CAdBlocker Object - I:\Program Files\Acronis\PrivacyExpert\Blokování.dll [2006-04-18 788312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - I:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2009-05-02 2223872]
{C55BBCD6-41AD-48AD-9953-3609C48EACC7} - Grab Pro - I:\Program Files\Orbitdownloader\GrabPro.dll [2009-04-20 670840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"=I:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-05-02 1947928]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2006-12-18 868352]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-08-11 86016]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2006-11-22 842584]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"SoundMax"=C:\Program Files\Analog Devices\SoundMAX\smax4.exe [2006-07-13 729088]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2006-04-18 106496]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-08-11 7630848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=I:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"AlcoholAutomount"=I:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-07-02 219520]
"Google Update"=C:\Documents and Settings\Rodina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-04-23 133104]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-05-02 11952]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"I:\Program Files\AVG\AVG8\avgemc.exe"="I:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"I:\Program Files\AVG\AVG8\avgupd.exe"="I:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"I:\Program Files\AVG\AVG8\avgnsx.exe"="I:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"I:\Program Files\Orbitdownloader\orbitnet.exe"="I:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit"
"I:\Program Files\uTorrent\utorrent.exe"="I:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"I:\Program Files\Orbitdownloader\orbitdm.exe"="I:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer"
"I:\Program Files\Skype\Phone\Skype.exe"="I:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
shell\AutoRun\command - L:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd8f8bac-3506-11de-82f2-001bfc8d4324}]
shell\AutoRun\command - L:\LaunchU3.exe -a


======List of files/folders created in the last 1 months======

2009-05-06 16:13:02 ----D---- C:\WINDOWS\Prefetch
2009-05-05 22:32:14 ----D---- C:\Documents and Settings\Rodina\Data aplikací\Acronis
2009-05-05 22:10:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Acronis
2009-05-05 22:09:58 ----D---- C:\Program Files\Common Files\Acronis
2009-05-04 21:49:50 ----A---- C:\WINDOWS\vymaz1.txt
2009-05-04 17:52:55 ----A---- C:\WINDOWS\vymaz.txt
2009-04-27 23:32:11 ----D---- C:\downloads
2009-04-27 23:32:11 ----D---- C:\Documents and Settings\Rodina\Data aplikací\GrabPro
2009-04-24 21:11:56 ----D---- C:\!KillBox
2009-04-19 20:05:18 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-04-19 20:05:14 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2009-04-19 20:03:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-04-19 20:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-04-19 20:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-04-19 20:03:18 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-04-13 20:59:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\vsosdk
2009-04-13 20:42:32 ----SHD---- C:\RECYCLER
2009-04-13 20:22:00 ----D---- C:\WINDOWS\temp
2009-04-13 20:19:55 ----D---- C:\ComboFix
2009-04-13 19:33:12 ----A---- C:\WINDOWS\zip.exe
2009-04-13 19:33:12 ----A---- C:\WINDOWS\vFind.exe
2009-04-13 19:33:12 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-04-13 19:33:12 ----A---- C:\WINDOWS\SWSC.exe
2009-04-13 19:33:12 ----A---- C:\WINDOWS\SWREG.exe
2009-04-13 19:33:12 ----A---- C:\WINDOWS\sed.exe
2009-04-13 19:33:12 ----A---- C:\WINDOWS\grep.exe
2009-04-13 19:29:36 ----A---- C:\WINDOWS\NIRCMD.exe
2009-04-13 19:29:13 ----D---- C:\WINDOWS\ERDNT
2009-04-13 19:26:05 ----D---- C:\Qoobox
2009-04-12 23:44:34 ----D---- C:\Program Files\Common Files\CANON
2009-04-12 23:41:43 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
2009-04-12 23:41:36 ----A---- C:\WINDOWS\system32\CNMLM9E.DLL
2009-04-12 23:41:34 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2009-04-12 23:41:26 ----A---- C:\WINDOWS\system32\CNC540O.DLL
2009-04-12 23:41:26 ----A---- C:\WINDOWS\system32\CNC540L.DLL
2009-04-12 23:41:26 ----A---- C:\WINDOWS\system32\CNC540I.DLL
2009-04-12 23:41:26 ----A---- C:\WINDOWS\system32\CNC540C.DLL
2009-04-12 23:41:13 ----HD---- C:\Program Files\CanonBJ
2009-04-12 23:38:22 ----D---- C:\Program Files\Canon
2009-04-12 23:23:05 ----D---- C:\Documents and Settings\Rodina\Data aplikací\Zoner
2009-04-10 23:30:09 ----D---- C:\rsit
2009-04-09 23:01:30 ----D---- C:\Program Files\Microsoft IntelliPoint
2009-04-09 22:49:54 ----A---- C:\WINDOWS\system32\MSVCRTD.DLL
2009-04-09 22:49:54 ----A---- C:\WINDOWS\system32\mfc42d.dll
2009-04-09 22:49:53 ----RA---- C:\WINDOWS\system32\AsIO.dll
2009-04-09 22:47:46 ----RD---- C:\WINDOWS\AsDmiHtm
2009-04-09 22:43:45 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-04-09 22:42:07 ----D---- C:\Program Files\ASUS
2009-04-09 22:41:40 ----A---- C:\WINDOWS\iun6002.exe
2009-04-09 22:41:31 ----D---- C:\Program Files\GameFace Messenger
2009-04-09 22:39:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2009-04-09 22:35:40 ----D---- C:\Program Files\My Company Name
2009-04-09 22:35:30 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-04-09 22:35:29 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-04-09 22:35:29 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-04-09 22:35:29 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-04-09 22:35:29 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-04-09 22:35:28 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-04-09 22:35:28 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-04-09 22:35:28 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-04-09 22:35:28 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-04-09 22:35:27 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-04-09 22:35:27 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-04-09 22:35:27 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-04-09 22:35:26 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-04-09 22:35:26 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-04-09 22:35:26 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-04-09 22:35:15 ----A---- C:\WINDOWS\ATKKBService.exe
2009-04-09 22:35:14 ----A---- C:\WINDOWS\system32\ATKOSDX32.dll
2009-04-09 22:35:14 ----A---- C:\WINDOWS\system32\ATKOSDMini.DLL
2009-04-09 22:35:14 ----A---- C:\WINDOWS\system32\ATKOGL32.dll
2009-04-09 22:35:14 ----A---- C:\WINDOWS\system32\atkid.ini
2009-04-09 22:35:14 ----A---- C:\WINDOWS\system32\ATKDispCPL.dll
2009-04-09 22:35:14 ----A---- C:\WINDOWS\system32\ATKDISP.dll
2009-04-09 22:35:14 ----A---- C:\WINDOWS\system32\asrussian.dll
2009-04-09 22:35:14 ----A---- C:\WINDOWS\system32\askorean.dll
2009-04-09 22:35:14 ----A---- C:\WINDOWS\system32\asjapan.dll
2009-04-09 22:35:14 ----A---- C:\WINDOWS\system32\ASCHT.dll
2009-04-09 22:35:14 ----A---- C:\WINDOWS\system32\aschs.dll
2009-04-09 22:35:14 ----A---- C:\WINDOWS\system32\asgerman.dll
2009-04-09 22:35:14 ----A---- C:\WINDOWS\system32\asfrench.dll
2009-04-09 22:35:14 ----A---- C:\WINDOWS\system32\aseng.dll
2009-04-09 22:34:34 ----D---- C:\WINDOWS\nview
2009-04-09 22:34:34 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-04-09 00:11:11 ----D---- C:\Documents and Settings\Rodina\Data aplikací\Help
2009-04-08 23:33:01 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
2009-04-08 22:49:44 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2009-04-08 22:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
2009-04-08 22:49:35 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2009-04-08 22:49:31 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2009-04-08 22:49:25 ----HDC---- C:\WINDOWS\$NtUninstallKB937894$
2009-04-08 22:49:21 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
2009-04-08 22:49:17 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2009-04-08 22:49:13 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
2009-04-08 22:49:08 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2009-04-08 22:49:03 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2009-04-08 22:48:59 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
2009-04-08 22:48:55 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2009-04-08 22:48:51 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2009-04-08 22:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2009-04-08 22:48:43 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
2009-04-08 22:48:39 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2009-04-08 22:48:35 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
2009-04-08 22:48:30 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
2009-04-08 22:48:26 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2009-04-08 22:48:21 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP9$
2009-04-08 22:48:11 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2009-04-08 22:48:06 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2009-04-08 22:48:03 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
2009-04-08 22:47:58 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2009-04-08 22:47:54 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2009-04-08 22:47:48 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2009-04-08 22:47:44 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
2009-04-08 22:47:40 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2009-04-08 22:47:36 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2009-04-08 22:47:32 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2009-04-08 22:47:24 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2009-04-08 22:47:20 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2009-04-08 22:47:17 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
2009-04-08 22:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2009-04-08 22:47:08 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2009-04-08 22:47:04 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2009-04-08 22:47:01 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2009-04-08 22:46:57 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2009-04-08 22:46:53 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2009-04-08 22:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2009-04-08 22:46:46 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
2009-04-08 22:46:42 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2009-04-08 22:46:38 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2009-04-08 22:46:33 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2009-04-08 22:46:29 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2009-04-08 22:46:25 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
2009-04-08 22:46:22 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2009-04-08 22:46:18 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2009-04-08 22:46:14 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2009-04-08 22:46:10 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
2009-04-08 22:46:04 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2009-04-08 22:45:58 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2009-04-08 22:45:54 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2009-04-08 22:45:49 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2009-04-08 22:45:45 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2009-04-08 22:45:42 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
2009-04-08 22:45:38 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
2009-04-08 22:45:34 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2009-04-08 22:45:30 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2009-04-08 22:45:26 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2009-04-08 22:45:23 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2009-04-08 22:45:19 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
2009-04-08 22:45:14 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2009-04-08 22:45:08 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
2009-04-08 22:38:36 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-04-07 00:32:13 ----D---- C:\Documents and Settings\Rodina\Data aplikací\Macromedia
2009-04-07 00:24:11 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2009-04-07 00:24:07 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2009-04-07 00:24:03 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
2009-04-07 00:23:55 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2009-04-07 00:23:47 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-04-07 00:23:35 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$

======List of files/folders modified in the last 1 months======

2009-05-06 19:28:08 ----D---- C:\WINDOWS
2009-05-06 19:28:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2009-05-06 17:48:26 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2009-05-06 17:48:16 ----D---- C:\Program Files\SpywareBlaster
2009-05-06 16:23:12 ----D---- C:\Documents and Settings\Rodina\Data aplikací\Vso
2009-05-05 22:42:20 ----D---- C:\Documents and Settings\Rodina\Data aplikací\Orbit
2009-05-05 22:10:14 ----SHD---- C:\WINDOWS\Installer
2009-05-05 22:10:11 ----HD---- C:\WINDOWS\inf
2009-05-05 22:10:11 ----D---- C:\WINDOWS\system32\drivers
2009-05-05 22:10:07 ----D---- C:\WINDOWS\system32\CatRoot2
2009-05-05 22:09:59 ----D---- C:\WINDOWS\system32
2009-05-05 22:09:58 ----D---- C:\Program Files\Common Files
2009-05-05 21:09:54 ----D---- C:\Documents and Settings\Rodina\Data aplikací\Skype
2009-05-02 23:04:39 ----RD---- C:\Program Files
2009-05-02 22:46:33 ----D---- C:\Documents and Settings\Rodina\Data aplikací\AVGTOOLBAR
2009-05-02 22:28:24 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2009-05-01 00:07:49 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-04-29 23:39:07 ----SHD---- C:\System Volume Information
2009-04-29 23:39:07 ----D---- C:\WINDOWS\system32\Restore
2009-04-24 19:58:45 ----HD---- C:\$AVG8.VAULT$
2009-04-23 21:54:57 ----SD---- C:\WINDOWS\Tasks
2009-04-20 23:14:36 ----D---- C:\WINDOWS\Debug
2009-04-19 20:12:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-04-19 20:09:29 ----D---- C:\WINDOWS\system32\wbem
2009-04-19 20:09:29 ----D---- C:\WINDOWS\AppPatch
2009-04-19 20:05:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-04-19 20:05:07 ----D---- C:\WINDOWS\system32\cs-cz
2009-04-19 20:05:07 ----D---- C:\Program Files\Internet Explorer
2009-04-19 20:03:33 ----HD---- C:\WINDOWS\$hf_mig$
2009-04-13 20:21:18 ----A---- C:\WINDOWS\system.ini
2009-04-12 23:44:55 ----D---- C:\WINDOWS\Media
2009-04-12 23:41:34 ----D---- C:\WINDOWS\twain_32
2009-04-12 23:15:59 ----HD---- C:\Program Files\InstallShield Installation Information
2009-04-09 22:49:34 ----D---- C:\Program Files\Common Files\InstallShield
2009-04-09 22:47:17 ----A---- C:\WINDOWS\Ascd_tmp.ini
2009-04-09 22:36:58 ----D---- C:\WINDOWS\Help
2009-04-09 22:35:21 ----D---- C:\WINDOWS\system32\DirectX
2009-04-09 22:25:28 ----D---- C:\Documents and Settings\Rodina\Data aplikací\Adobe
2009-04-08 22:51:04 ----D---- C:\WINDOWS\msagent
2009-04-08 22:48:44 ----D---- C:\WINDOWS\WinSxS
2009-04-08 22:48:08 ----D---- C:\Program Files\Messenger
2009-04-08 22:47:52 ----D---- C:\WINDOWS\system32\CatRoot
2009-04-08 22:47:45 ----D---- C:\Program Files\Outlook Express
2009-04-08 22:47:45 ----D---- C:\Program Files\Common Files\System
2009-04-08 22:47:27 ----D---- C:\WINDOWS\system32\Com
2009-04-07 00:23:56 ----D---- C:\Program Files\Windows Media Player

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-18 12664]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys [2007-01-18 3968]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-05-02 325896]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-05-02 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-02 108552]
R1 NVTCP;NVIDIA TCP/IP Protocol Driver; C:\WINDOWS\System32\DRIVERS\NVTcp.sys [2006-09-11 110592]
R1 SAVRKBootTasks;Boot Tasks Driver; \??\C:\WINDOWS\system32\SAVRKBootTasks.sys []
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 psh_drv;Process Activity Acronis Monitor; C:\WINDOWS\system32\DRIVERS\psh_drv.sys [2009-05-05 98880]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-01-16 293888]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2006-08-07 93952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-10-27 138240]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-08-11 3958496]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-09-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-09-11 19968]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-08 21760]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D32.sys [2005-09-27 16000]
S1 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb32.sys [2005-10-20 12416]
S3 ajdvtb57;ajdvtb57; C:\WINDOWS\system32\drivers\ajdvtb57.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2006-04-18 159744]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2006-09-04 241664]
R2 avg8emc;AVG Free8 E-mail Scanner; I:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-05-02 908568]
R2 avg8wd;AVG Free8 WatchDog; I:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-05-02 298776]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2006-09-11 172032]
R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2006-04-13 20543]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2006-09-11 135227]
R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2006-09-11 65599]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-08-11 155715]
R2 psh_svc;Acronis Malware Shield Service; C:\Program Files\Common Files\Acronis\Ochranný štít\psh_svc.exe [2006-04-18 993466]
R2 SbPF.Launcher;SbPF.Launcher; I:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; I:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 StarWindServiceAE;StarWind AE Service; I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

Děkuji.